JLSEC-2026-558

Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...

CVE-2026-39712

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through = 5.4.3...

CVE-2026-39692

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows Stored XSS.This issue affects tagDiv Composer: from n/a through = 5.4.3...

CVE-2026-39712 WordPress tagDiv Composer plugin <= 5.4.3 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through = 5.4.3...

CVE-2026-39712 WordPress tagDiv Composer plugin <= 5.4.3 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through = 5.4.3...

PT-2026-31254

Name of the Vulnerable Software and Affected Versions tagDiv Composer versions through 5.4.3 Description An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue exists in tagDiv Composer td-composer, allowing Stored XSS. The issue affects the software from n/a...

JupyterHub Has An Open Redirect Vulnerability

Affected Version JupyterHub = 5.4.3 Impact An open redirect vulnerability in JupyterHub =5.4.3 allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an arbitrary attacker-controlled site outside JupyterHub instead of a...

EUVD-2024-52146

Malicious code in bioql PyPI...

CVE-2025-55373

Incorrect access control in Beakon Application before v5.4.3 allows authenticated attackers with low-level privileges to escalate privileges and execute commands with Administrator rights...

CVE-2025-55372

An arbitrary file upload vulnerability in Beakon Application before v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file...

PT-2025-35574

Name of the Vulnerable Software and Affected Versions: Beakon Application versions prior to 5.4.3 Description: An arbitrary file upload vulnerability exists in Beakon Application. This vulnerability allows attackers to execute arbitrary code by uploading a crafted file. Recommendations: Update...

CVE-2025-55373

Beakon Application before v5.4.3 has an incorrect access control vulnerability that lets authenticated low-privilege users escalate to Administrator rights by exploiting weak authorization (e.g., crafting requests to elevate a user’s role). Root cause: missing/insufficient access checks. Impact: ...

CVE-2025-55372

The CVE-2025-55372 entry concerns Beakon Application prior to version 5.4.3, where an arbitrary file upload flaw may lead to arbitrary code execution. Multiple sources (NVD, Red Hat, CVE List) corroborate the issue as a file upload vulnerability without explicit exploitation details in all docume...

CVE-2025-55373

Incorrect access control in Beakon Application before v5.4.3 allows authenticated attackers with low-level privileges to escalate privileges and execute commands with Administrator rights...

CVE-2025-58194

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through = 5.4.3...

Linux Distros Unpatched Vulnerability : CVE-2025-5200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function...

WordPress Bold Page Builder Plugin <= 5.4.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Bold Page Builder versions = 5.4.3...

CVE-2025-58194

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through = 5.4.3...

CVE-2025-58194

CVE-2025-58194 is a stored XSS vulnerability in Bold Page Builder (WordPress) up to version 5.4.3, caused by improper input neutralization during web page generation. Impact is described as stored XSS with MEDIUM severity (CVSS 3.1: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L; base score 6.5). A patch ex...

Linux Distros Unpatched Vulnerability : CVE-2025-2751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function...