CVE-2026-6322

CVE-2026-6322 affects the fast-uri package. The vuln lies in normalize(): it decodes percent-encoded authority delimiters inside the host and then re-emits them as raw delimiters during serialization. This can cause a host, which combines an allowed domain, an encoded at-sign, and a different dom...

Linux Distros Unpatched Vulnerability : CVE-2026-6322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fast-uri normalize decoded percent-encoded authority delimiters inside the host component and then re- emitted them as raw delimiters during serialization. A ho...

PT-2023-30662 · WordPress · Magic Embeds

Name of the Vulnerable Software and Affected Versions: The Magic Embeds WordPress plugin versions prior to 3.1.2 Description: The issue concerns a lack of validation and escaping of certain shortcode attributes in the plugin, which could allow users with the contributor role and above to perform...

PT-2023-6983 · WordPress · Survey Maker Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Survey Maker WordPress Plugin versions prior to 3.1.2 Description: The issue is related to a lack of protection against SQL query structure manipulation when handling the surveys ids parameter. This can allow a remote attacker to execute...

PT-2022-22954 · Hulu · Hulu App For Android

Name of the Vulnerable Software and Affected Versions: Hulu App for Android versions 3.0.47 through 3.1.1 Description: The issue concerns the use of a hard-coded API key for an external service in the Hulu App for Android. This could potentially allow the API key to be obtained by analyzing the...