Lucene search
K

22 matches found

OSV
OSV
added 2026/05/20 7:7 p.m.20 views

GO-2026-5001 SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution in github.com/siyuan-note/siyuan/kernel

SiYuan Bazaar marketplace renders unescaped package name and version metadata, allowing stored XSS and Electron code execution in github.com/siyuan-note/siyuan/kernel...

9CVSS6.2AI score0.00361EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.14 views

PT-2026-42383

SiYuan Bazaar marketplace renders unescaped package name and version metadata, allowing stored XSS and Electron code execution in github.com/siyuan-note/siyuan/kernel...

9CVSS6.2AI score0.00361EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.13 views

SiYuan 跨站脚本漏洞

SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan from 2.1.12 to 3.7.0 had a cross-site scripting vulnerability. This vulnerability stemmed from unescaped metadata in the Bazaar marketplace rendering packages, which could lead to storage-based...

8.3CVSS5.9AI score0.00307EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.11 views

PT-2026-41017

SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML without escaping. In the desktop app this becomes stored XSS, and because SiYuan's Electron windows a...

8.3CVSS6AI score0.00307EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/09 3:59 a.m.6 views

CVE-2026-42301

pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...

7.8CVSS6AI score0.00197EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/09 3:59 a.m.11 views

EUVD-2026-28896

pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...

7.8CVSS6AI score0.00197EPSS
Exploits0References2
OSV
OSV
added 2026/05/04 8:14 p.m.19 views

GHSA-R35X-V8P8-XVHW pyp2spec is Vulnerable to Code Injection

Impact pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, so a malicious package can execute arbitrary commands on the build machine. The macro...

7.8CVSS6.1AI score0.00197EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2026/04/02 12:0 a.m.134 views

📄 Bloomberg Memray Cross Site Scripting

Bloomberg Memray prior to versions 1.19.2 rendered the command line of the tracked process directly into generated HTML reports without escaping, allowing for cross site scripting attacks. CVE-2026-32722 Bloomberg Memray’s Stored XSS via Unescaped Command-Line Metadata Intro I found this issue...

6.1CVSS5.4AI score0.00302EPSS
Exploits2
CVE
CVE
added 2026/04/01 4:11 p.m.8 views

CVE-2026-33978

Notesnook prior to version 3.3.17 contains a stored XSS in the mobile share/web clip flow. Attacker-controlled clip metadata is concatenated into HTML and rendered with innerHTML in the mobile editor WebView, e.g., via shared title metadata (TITLE/SUBJECT) or link-preview title data, allowing inj...

6.1CVSS5.8AI score0.00286EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/01 4:11 p.m.28 views

CVE-2026-33978 Notesnook: Stored XSS in mobile share editor via unescaped web clip title metadata

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...

5.4CVSS0.00286EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.6 views

PT-2026-29568

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...

5.4CVSS5.8AI score0.00286EPSS
Exploits1References4
NVD
NVD
added 2026/03/20 9:16 a.m.12 views

CVE-2026-33067

SiYuan is a personal knowledge management system. Versions 3.6.0 and below render package metadata fields displayName, description using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which executes automatically when an...

9CVSS0.00549EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2026/03/20 8:14 a.m.5 views

CVE-2026-33067

SiYuan is a personal knowledge management system. Versions 3.6.0 and below render package metadata fields displayName, description using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which executes automatically when an...

5.3CVSS6AI score0.00549EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2026/03/18 9:25 p.m.5 views

CVE-2026-32722 Memray-generated HTML reports vulnerable to Stored XSS via unescaped command-line metadata

Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...

3.6CVSS6AI score0.00302EPSS
Exploits2References5
NVD
NVD
added 2026/03/18 2:16 a.m.2 views

CVE-2026-22178

OpenClaw versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata in the stripBotMention function, allowing regex injection and denial of service. Attackers can craft nested-quantifier patterns or metacharacters in mention metadata to trigger catastroph...

8.2CVSS0.00311EPSS
Exploits0References4
CVE
CVE
added 2026/03/18 1:34 a.m.13 views

CVE-2026-22178

CVE-2026-22178 concerns OpenClaw. Vulnerability arises when versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata inside stripBotMention(), enabling regex injection and potential ReDoS. Attackers can craft nested-quantifier patterns or metacharacters...

8.2CVSS5.8AI score0.00311EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/18 1:34 a.m.4 views

EUVD-2026-12722

OpenClaw versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata in the stripBotMention function, allowing regex injection and denial of service. Attackers can craft nested-quantifier patterns or metacharacters in mention metadata to trigger catastroph...

6.9CVSS5.8AI score0.00311EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/03 10:9 p.m.2 views

Cross-site Scripting (XSS)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Cross-site Scripting XSS via the innerHTML process. An attacker can execute arbitrary JavaScript in the context of the exported session HTML viewer by including crafted HTML or unescaped...

6.1CVSS5.7AI score
Exploits0References2
OSV
OSV
added 2026/03/03 10:9 p.m.5 views

GHSA-R294-2894-92J3 OpenClaw has stored XSS in exported session HTML viewer via markdown/raw-HTML rendering

Summary The exported session HTML viewer allowed stored XSS when untrusted session content included raw HTML markdown tokens or unescaped metadata fields. Impact Opening a crafted exported HTML session could execute attacker-controlled JavaScript in the viewer context. This can expose session...

5.3CVSS6.1AI score
Exploits0References3
Snyk
Snyk
added 2026/03/02 10:17 p.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the stripBotMention function in extensions/feishu/src/bot.ts when unescaped Feishu mention metadata is used to construct a regular expressio...

8.2CVSS5.9AI score0.00311EPSS
Exploits0References2
Rows per page
Query Builder