Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which can trigger an infinite loop if the valid values remain constant during processing in the ntfs3 file system...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from writing values from the /smack/doi module. By writing values that have been previously used, it is...

SUSE SLES15 Security Update : python312 (SUSE-SU-2026:2055-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2055-1 advisory. This update for python312 fixes the following issues - CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF...

GHSA-FWCM-RQVW-J3P7 FUXA has an unauthenticated arbitrary tag value disclosure via /api/getTagValue

Summary An authorization bypass in the /api/getTagValue endpoint allows unauthenticated access to tag values when the referenced script does not exist. Details The issue is caused by the combination of these code paths: - server/api/apikeys/verify-api-or-token.js:45 sends requests without x-api-k...

CVE-2026-44903

Prometheus is an open-source monitoring system and time series database. From 2.49.0 to before 3.5.3 and 3.11.3, in the Prometheus server's legacy web UI enabled via the command-line flag --enable-feature=old-ui, the histogram heatmap chart view does not escape le label values when inserting them...

CVE-2026-44899

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the Image directive plugin validates the :width: and :height: options with a regex compiled as numre = re.compiler"^\d+?:.\d?". When the validated value is not a plain integer, renderblockimage inserts it directly int...

CVE-2026-44896

Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and earlier, in src/mistune/directives/image.py, the renderfigure function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XSS even when...

CVE-2026-44706

Chatwoot (versions 2.2.0–4.11.1) is affected by a SQL injection in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the is_greater_than or is_less_than operators, values are interpolated directly into the SQL query without parameterizatio...

MAL-2026-4786 Malicious code in ranno (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1366783d9cb87471f1b5cfeb806508ee83b2a58ded724f8ea45d8391f4f68bc The package's advertised API ex calls gn in ranno/gn.py, which POSTs the caller's prompt — and, when a data= argument is supplied, the absolute file...

libssh: Incorrect Return Code Handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

mistune 跨站脚本漏洞

Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune prior to 3.2.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTMLRenderer.heading, which directly inserted id attribute values into HTML tags without escaping...

mistune 跨站脚本漏洞

Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune prior to 3.2.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Image directive plugin using regular expressions that only matched prefixes to validate the wid...

SUSE-SU-2026:2055-1 Security update for python312

This update for python312 fixes the following issues - CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. - CVE-2026-4786: Incomplete mitigation of %action expansion for command injection to webbrowser.open bsc1262319. - CVE-2026-6019: BaseCookie.jsoutput does not...

Roundcube Webmail 安全漏洞

Roundcube Webmail is a browser-based open source IMAP client from Roundcube Open Source, which supports address book management, message searching, spell checking and more. A security vulnerability exists in Roundcube Webmail versions prior to 1.6.16 and 1.7.1, which stems from a remote image...

Malicious code in class-weaver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e45cdd0a93db2db56ae7fd2c348305a5ce7aeab9c6fb4b2331c2a547b2c5e7 class-weaver advertises itself as a className/theme utility keywords clsx, utils, styling; exports named classNames and twMerge mimicking...

ROS-20260524-73-0058

Vulnerability in golang-x-crypto related to the use of insufficiently randomized values. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

CVE-2026-41073 RT: Spreadsheet downloads vulnerable to CSV/formula injection in Microsoft Excel and similar apps

RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet CSV/formula injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before being written to the output file, which can caus...

GHSA-Q8MJ-M7CP-5Q26 qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set

Summary qs.stringify throws TypeError when called with arrayFormat: 'comma' and encodeValuesOnly: true on an array containing null or undefined. The throw is synchronous and not handled by any of qs's null-related options skipNulls, strictNullHandling. Details In the comma + encodeValuesOnly...

qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set

Summary qs.stringify throws TypeError when called with arrayFormat: 'comma' and encodeValuesOnly: true on an array containing null or undefined. The throw is synchronous and not handled by any of qs's null-related options skipNulls, strictNullHandling. Details In the comma + encodeValuesOnly...

EUVD-2026-30674

qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set...