CVE-2026-5262

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an unauthenticated user to access tokens in the Storybook development environment due to improper input...

EUVD-2026-31199

Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...

GHSA-5WXR-W449-57CM Setup PHP: GitHub tokens configured by setup-php may be exposed through pinned affected Composer versions

Impact This affects only workflows that pin an exact affected Composer semver version through setup-php, for example tools: composer:2.9.7. Workflows using the default Composer version, composer:v2, or no pinned Composer version are not affected through setup-php, because those Composer URLs have...

EUVD-2026-31059

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

CVE-2026-47107

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

Insecure Storage of Sensitive Information

Overview @haxtheweb/haxcms-nodejs is a HAXcms nodejs backend Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information via the connectionSettings function. An attacker can gain unauthorized access to authentication tokens and impersonate other users by injectin...

MAL-2026-4075 Malicious code in @antv/path-util (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

CVE-2026-46407

Vvveb CMS contains an IDOR in the backend/admin/auth-token endpoint. An authenticated administrator can load another admin's REST API token list by supplying that user’s admin_id, leading to disclosure of sensitive tokens. The issue is fixed in version 1.0.8.3. No exploitation details are provide...

EUVD-2026-30587

Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and forms.list accept a databaseid without verifying that the requesting user was a collaborator on that...

CVE-2026-44719

Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and forms.list accept a databaseid without verifying that the requesting user was a collaborator on that...

CVE-2026-4663

...

CVE-2026-4663

...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

n8n-MCP 日志信息泄露漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. Versions of n8n-MCP prior to 2.47.11 contained a vulnerability related to log information leakage. This vulnerability occurred when POST /mcp requests under HTTP transmission mode wrote metadata...

BIT-GITLAB-2026-5262 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an unauthenticated user to access tokens in the Storybook development environment due to improper input...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the serverURL parameter when it is set to an attacker-controlled endpoint. An attacker can obtain sensitive API tokens by crafting a resource that omits the Git API token parameter, causing the...

CVE-2026-20205

In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk internal index or possesses the high-privilege capability mcptooladmin could view users session and authorization tokens in clear text. The vulnerability would require either local access to the log...

CVE-2026-20205 Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app

In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk internal index or possesses the high-privilege capability mcptooladmin could view users session and authorization tokens in clear text.The vulnerability would require either local access to the log...

CVE-2026-33703

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the /social-network/personal-data/userId endpoint allows any authenticated user to access full personal data and API tokens of arbitrary users by modifying the userId...

CVE-2026-33703 Chamilo LMS Critical IDOR: Any Authenticated User Can Extract All Users’ Personal Data and API Tokens

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the /social-network/personal-data/userId endpoint allows any authenticated user to access full personal data and API tokens of arbitrary users by modifying the userId...