CVE-2026-33491 Zen-C has Stack-Based Buffer Overflow in Identifier Mangling

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

CVE-2026-33491 Zen-C has Stack-Based Buffer Overflow in Identifier Mangling

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

CVE-2026-33491 Zen-C has Stack-Based Buffer Overflow in Identifier Mangling

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

PT-2026-26794

Name of the Vulnerable Software and Affected Versions Zen C versions prior to 0.4.4 Description A stack-based buffer overflow exists in the Zen C compiler. This issue is due to a flaw in identifier mangling. By supplying a specially crafted Zen C source file .zc containing excessively long struct...

Authorization Bypass Through User-Controlled Key

Overview studiocms is an A Community-Driven Astro native CMS. Built from the ground up by the Astro community. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the getUsers process. An attacker can access sensitive owner account information,...

Improper Encoding or Escaping of Output

Overview lxml-html-clean is a HTML cleaner from lxml project Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in the default Cleaner configuration due to the incomplete pagestructure kill set that does not account for tags outside tags. An attacker can...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the http server port. An attacker can retrieve sensitive integration data, such as email addresses, by sending unauthenticated requests to the listening port on localhost. Note: This is only exploitable if th...

UBUNTU-CVE-2023-30608

sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. This issue was introduced by commit e75e358. The vulnerability may lead to Denial of Service DoS. This...

PT-2023-3225 · Pypi +6 · Sqlparse +6

Name of the Vulnerable Software and Affected Versions: sqlparse versions prior to 0.4.4 Description: The SQL parser contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. This issue may lead to Denial of Service DoS. The vulnerability was introduced by...

PT-2020-15700 · Nginx · Njs

Name of the Vulnerable Software and Affected Versions: njs versions prior to 0.4.4 Description: The issue allows for control-flow hijack in the njs value property function within njs value.c. It is noted that the vendor considers this issue to be of minimal concern in the NGINX use case due to th...

Exploit for Improper Input Validation in Python Python-Gnupg

Summary It is a simple PoC of Improper Input Validation in py...