CVE-2026-33741

EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below allow authenticated users to upload SVG attachments through normal attachment-capable fields and later serve those SVG files as top-level inline documents through both the attachment and image entry...

EUVD-2026-25082

EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, the admin template management endpoints accept attacker-controlled name and scope values and pass them into template path construction without normalization or traversal filtering. As a result, an...

CVE-2026-33656

CVE-2026-33656 (EspoCRM) affects EspoCRM versions prior to 9.3.4. The vulnerability arises from the formula engine allowing updating Attachment.sourceId, which is concatenated into a file path in EspoUploadDir::getFilePath() without sanitization. This enables an authenticated admin to redirect fi...

CVE-2026-33740

EspoCRM

CVE-2026-33659

EspoCRM 9.3.3 and earlier are affected by SSRF via POST /api/v1/Attachment/fromImageUrl (and fromImageUrl) due to a DNS rebinding (TOCTOU) flaw. Host validation uses dns_get_record(), but the actual HTTP request resolves with curl’s internal resolver (gethostbyname()), allowing mismatched IP look...

CVE-2026-33659 EspoCRM: SSRF via DNS Rebinding in Attachment fromImageUrl Endpoint Allows Internal Network Access

EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Attachment/fromImageUrl endpoint is vulnerable to Server-Side Request Forgery SSRF via a DNS rebinding TOCTOU condition. Host validation uses dnsgetrecord but the actual HTTP...

EUVD-2026-22081

EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have a stored HTML injection vulnerability that allows any authenticated user with standard non-administrative privileges to inject arbitrary HTML into system-generated email notifications by crafting...

CVE-2026-33657 EspoCRM: Stored HTML injection in email notifications about stream notes via unescaped post field

EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have a stored HTML injection vulnerability that allows any authenticated user with standard non-administrative privileges to inject arbitrary HTML into system-generated email notifications by crafting...

CVE-2026-33657 EspoCRM: Stored HTML injection in email notifications about stream notes via unescaped post field

EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have a stored HTML injection vulnerability that allows any authenticated user with standard non-administrative privileges to inject arbitrary HTML into system-generated email notifications by crafting...

PT-2026-32508

EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have an authenticated Server-Side Request Forgery SSRF vulnerability that allows bypassing the internal-host validation logic by using alternative IPv4 representations such as octal notation e.g.,...

ABB Cylon FLXeon 9.3.4 Insecure Backup Sensitive Data Exposure

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

ABB Cylon FLXeon 9.3.4 (app.js) Insecure CORS Configuration

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

ABB FLXeon 日志信息泄露漏洞

The ABB FLXeon is a series of controllers from ABB Switzerland. ABB FLXeon version 9.3.4 and prior versions suffer from a log information disclosure vulnerability that stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to obtain sensiti...

ABB FLXeon 安全漏洞

ABB FLXeon is a series of controllers from ABB Switzerland. A security vulnerability exists in ABB FLXeon version 9.3.4 and prior versions, which originates from a vulnerability that allows an attacker to execute arbitrary code and elevate privileges via network access...

PT-2025-2806 · Flxeon · Flxeon

Name of the Vulnerable Software and Affected Versions: FLXEON versions through = 9.3.4 Description: The issue is related to a lack of origin validation in WebSockets, which allows unauthorized HTTPS requests due to insufficient session management. This can be exploited by a remote attacker to...

CVE-2024-8661

Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in the "Next&Previous Nav" block. A rogue administrator could add a malicious payload by executing it in the browsers of targeted users. The Concrete CMS Security Team gave this vulnerability a CVSS v4 score of 4.6...

CVE-2024-29010

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity XXE injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions...

CVE-2023-22462

Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be...

UBUNTU-CVE-2022-23498

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...

CVE-2022-23498 When query caching is enabled in Grafana users can query another users session

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...