CVE-2026-34220

MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to versions 6.6.10 and 7.0.6, there is a SQL injection vulnerability when specially crafted objects are interpreted as raw SQL query fragments. This issue has been patched in versions 6.6....

CVE-2026-34221

CVE-2026-34221 affects MikroORM (TypeScript ORM for Node.js). The vulnerability is in the internal Utils.merge helper, which can be triggered during object structure merges and allows prototype pollution by passing keys like proto , constructor , or prototype . Affected versions are prior to 6.6....

MikroORM 安全漏洞

MikroORM is an open-source framework from MikroORM that supports type-safe object-relational mapping for multiple databases. Versions of MikroORM prior to 6.6.10 and 7.0.6 contained security vulnerabilities. These vulnerabilities stemmed from theUtils.merge helper function not preventing special...

EUVD-2025-18624

Malicious code in bioql PyPI...

CVE-2025-50202

Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue h...

CVE-2025-50202 Lychee Path Traversal Vulnerability

Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue h...

Aruba ClearPass Policy Manager <= 6.6.10 / 6.7.x < 6.7.6 Multiple Vulnerabilities

The version of Aruba ClearPass Policy Manager installed on the remote host is equal or prior to 6.6.10, or 6.7.x prior to 6.7.6. It is, therefore, affected by multiple vulnerabilities: - An XML external entity XXE vulnerability exists due to an incorrectly configured XML parser accepting XML...