5 matches found
GO-2026-5907 Coder's OIDC email_verified type coercion bypass enables account takeover via unverified email linking in github.com/coder/coder
Coder's OIDC emailverified type coercion bypass enables account takeover via unverified email linking in github.com/coder/coder...
pyLoad 代码问题漏洞
pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev97 contained code vulnerabilities. These vulnerabilities stemmed from the download engine accepting unverified arbitrary URLs, which could lead to server-side request forgeing attacks...
La Suite Docs Cross-Site Script Vulnerability
La Suite Docs is an open-source, scalable collaboration note-taking, wiki, and documentation platform developed by La Suite numérique. Versions 3.8.0 to 4.3.0 of La Suite Docs contain cross-site scripting vulnerabilities. These vulnerabilities stem from the Interlinking function not verifying URL...
CVE-2025-62612 FastGPT File Reading Node SSRF Vulnerability
FastGPT is an AI Agent building platform. Prior to version 4.11.1, in the workflow file reading node, the network link is not security-verified, posing a risk of SSRF attacks. This issue has been patched in version 4.11.1...
PocketBase Security Vulnerability
PocketBase is an open source real-time backend for PocketBase Open Source. A security vulnerability exists in Pocketbase versions prior to 0.22.14, which stems from password validation and OAuth2 unverified email links...