CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

UBUNTU-CVE-2026-44928

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal...

Fetch MCP Server has a Server-Side Request Forgery (SSRF) vulnerability

fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery SSRF vulnerability, which allows attackers to bypass private IP validation and access internal network resources...

GHSA-PR6M-QWRR-MRW9 Drupal Plausible tracking is vulnerable to XSS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Plausible tracking allows Cross-Site Scripting XSS. This issue affects Plausible tracking: from 0.0.0 before 1.0.2...

Drupal Plausible tracking 安全漏洞

Drupal Plausible tracking is a data analysis plugin for the Drupal community. A security vulnerability exists in Drupal Plausible tracking versions prior to 1.0.2, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

WordPress plugin Form block 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists i...