4776 matches found
CVE-2026-58225 SQL injection via unescaped dollar-quote in Postgrex.Notifications reconnect replay causes notification denial of service
SQL Injection vulnerability in elixir-ecto postgrex allows an attacker who can influence a LISTEN channel name to inject SQL into the reconnect replay query, causing a denial of service of the notification connection. Postgrex.Notifications sanitizes channel names with quotechannel/1, which doubl...
CVE-2026-54002
Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins that use the writer or list fields or call Dom::sanitize, Sane::sanitize, Sane::Html::sanitize, Sane::Svg::sanitize, Sane::Xml::sanitize, Sane::sanitizeFile, or file sanitizeContents with untruste...
CVE-2026-54002
Kirby CMS is affected by an XSS issue (CVE-2026-54002) in earlier releases. The vulnerability arises when untrusted input is processed by Dom::sanitize() and related sanitization helpers (Sane::sanitize, SaneHtml/SaneSvg/SaneXml, Sane::sanitizeFile, and file sanitizeContents), or when writer/list...
CVE-2026-54002
Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins that use the writer or list fields or call Dom::sanitize, Sane::sanitize, Sane::Html::sanitize, Sane::Svg::sanitize, Sane::Xml::sanitize, Sane::sanitizeFile, or file sanitizeContents with untruste...
CVE-2026-59928
A flaw was found in Mistune, a Python Markdown parser. A remote attacker could exploit this vulnerability by providing a specially crafted Markdown document containing numerous repeated or distinct reference-link definitions. This can lead to excessive processing, causing CPU exhaustion and a...
EUVD-2026-42486
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
EUVD-2026-42451
Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-15115
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-15122
CVE-2026-15122 affects Google Chrome on Windows prior to 150.0.7871.115, where insufficient validation of untrusted input in Codecs can allow a renderer process–compromised attacker to attempt a sandbox escape via a crafted HTML page. The CVE is referenced in Chrome’s July 2026 stable update (Win...
CVE-2026-15122
Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-15115
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-44161
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. Prior to 1.19.3, the Fluentd outhttp output plugin allows placeholders such as $tag in the endpoint configuration parameter, and if a placeholder value is derived from untrusted...
CVE-2026-44161 Fluentd: Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. Prior to 1.19.3, the Fluentd outhttp output plugin allows placeholders such as $tag in the endpoint configuration parameter, and if a placeholder value is derived from untrusted...
CVE-2026-44161
Fluentd’s out_http plugin (pre-1.19.3) allows placeholders such as ${tag} in the endpoint configuration. If a placeholder comes from untrusted input, an attacker can control the destination hostname of outbound HTTP requests and force requests to arbitrary internal services (SSRF). Affected versi...
EUVD-2026-42327
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.0.0 before 4.12.27, cx in hono/css composes class names from plain strings but marks the result as already escaped without HTML-escaping the input, allowing untrusted className values used in a JSX class...
CVE-2026-59895 Hono: Server-Side XSS via JSX Escaping Bypass in cx() Utility
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.0.0 before 4.12.27, cx in hono/css composes class names from plain strings but marks the result as already escaped without HTML-escaping the input, allowing untrusted className values used in a JSX class...
PT-2026-56634
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.115 Description Insufficient validation of untrusted input in WebAppInstalls allows a local attacker to bypass the same origin policy via a crafted HTML page. The same origin policy is a...
PT-2026-56641
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.115 Description Insufficient validation of untrusted input in Codecs allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. ...
CVE-2026-14895 String::Util versions before 1.36 for Perl are susceptible to a regular expression denial of service
String::Util versions before 1.36 for Perl are susceptible to a regular expression denial of service. The trim and rtrim functions stripped trailing whitespace with s/\s$//u. Because \s matches greedily and the $ anchor fails whenever a non-whitespace character follows the whitespace, the regex...
CVE-2026-14895
String::Util versions before 1.36 for Perl are susceptible to a regular expression denial of service. The trim and rtrim functions stripped trailing whitespace with s/\s$//u. Because \s matches greedily and the $ anchor fails whenever a non-whitespace character follows the whitespace, the regex...