17 matches found
CVE-2026-54298
Astro, prior to 6.4.6, is vulnerable to XSS via unescaped attribute names when spreading props onto HTML elements. The spreadAttributes path iterates over object keys and passes them to addAttribute, which interpolates the key into the HTML output without escaping, allowing attackers to inject ev...
CVE-2026-54298 Astro: XSS via Unescaped Attribute Names in Spread Props
Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to addAttribute, which interpolates the key into the HTML output without escaping. When a developer uses the spread syntax ...props ...
Astra Linux – Vulnerability in python-pymysql
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input, because keys are not escaped by escapedict...
Cross-site Scripting (XSS)
Overview astro is an Astro is a modern site builder with web best practices, performance, and DX front-of-mind. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the addAttribute function, which interpolates unescaped object keys as HTML attribute names when spreadi...
CVE-2026-41490
Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating...
CVE-2026-40967
In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are not properly escaped, leading to the ability to alter the query. Affected versions: Spring AI: 1.0.0...
PT-2026-26090
Name of the Vulnerable Software and Affected Versions Kysely versions up to and including 0.28.11 Description Kysely, a type-safe TypeScript SQL query builder, has a SQL injection issue in JSON path compilation for MySQL and SQLite dialects. The visitJSONPathLeg function directly appends...
GHSA-R399-636X-V7F6 LangChain serialization injection vulnerability enables secret extraction
Context A serialization injection vulnerability exists in LangChain JS's toJSON method and subsequently when string-ifying objects using JSON.stringify. The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark...
LangChain serialization injection vulnerability enables secret extraction
Context A serialization injection vulnerability exists in LangChain JS's toJSON method and subsequently when string-ifying objects using JSON.stringify. The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark...
python-pymysql: SQL injection if used with untrusted JSON input
A flaw was found in PyMySQL. When processing untrusted JSON input, keys are not escaped by the escapedict function due to insufficient input sanitization, allowing an attacker to inject malicious SQL queries...
python-pymysql: SQL injection if used with untrusted JSON input
A flaw was found in PyMySQL. When processing untrusted JSON input, keys are not escaped by the escapedict function due to insufficient input sanitization, allowing an attacker to inject malicious SQL queries...
DEBIAN-CVE-2024-36039
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...
AZL-43726 CVE-2024-36039 affecting package python-PyMySQL 0.9.3-3
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...
AZL-44457 CVE-2024-36039 affecting package python-PyMySQL for versions less than 1.1.1-3
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...
PT-2020-6809 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.34.x through 1.34.3 Description: An issue was discovered in MediaWiki where the NS filter on Special:Contributions uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild...
DEBIAN-CVE-2015-9244
Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with mysql.escape which could lead to SQL Injection...
UBUNTU-CVE-2015-9244
Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with mysql.escape which could lead to SQL Injection...