CVE-2025-32394

Technical details are not publicly available in the provided documents. Monitor for updates.

EUVD-2026-39799

An Improper Authorization vulnerability exists in PayloadCMS version 3.84.1 due to insufficient access control on the account unlock operation...

CVE-2026-11779

Technical details about CVE-2026-11779 are not publicly available in the provided documents. Monitor for updates.

CVE-2025-32423

AutoGPT contains a DoS vulnerability in the ExtractTextInformationBlock prior to version 0.6.32. Malicious input amplification can cause a server to consume excessive memory (e.g., 10 KB input leading to ~50 GB memory usage), exhausting resources and causing DoS. The issue is fixed in 0.6.32. Aff...

CVE-2026-56663

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP protections in SendWebRequestBlock and reach internal network services. isipblocked in...

EUVD-2026-39798

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP protections in SendWebRequestBlock and reach internal network services. isipblocked in...

CVE-2026-0685 Server side template inject (SSTI) in Edgewall Genshi Template Engine

Server side template inject SSTI in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution RCE via crafted template expressions...

CVE-2026-47214

CVE-2026-47214 affects Docling’s HTML backend, where unsafe URI and path handling existed prior to version 2.94.0. The vulnerability enables potential local file access via file:// URIs, directory traversal through ../ sequences or absolute paths, and access to internal network resources when ena...

CVE-2026-44018

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.45.0 until 2.91.0, the METS-GBS backend's XML parsing and the input document format detection lacked security controls. An attacker could craft malicious METS-GBS...

CVE-2026-44018

Summary of CVE-2026-44018 (Docling) : The vulnerability affects the METS-GBS backend within Docling, where XML parsing and input format detection (in versions 2.45.0 through 2.91.0) lacked security controls. An attacker could craft malicious METS-GBS archives that, when processed, could read sens...

CVE-2026-44018 Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.45.0 until 2.91.0, the METS-GBS backend's XML parsing and the input document format detection lacked security controls. An attacker could craft malicious METS-GBS...

EUVD-2026-39778

Mattermost Plugins versions =11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries...

EUVD-2025-210352

Subscriber Broken Access Control in Restaurant Menu by MotoPress = 2.4.11 versions...

EUVD-2025-210360

Contributor Cross Site Scripting XSS in Image Carousel = 1.0.0.41 versions...

EUVD-2025-210353

Contributor Broken Access Control in Live Copy Paste for Elementor = 1.5.3 versions...

EUVD-2025-210356

Unauthenticated Insecure Direct Object References IDOR in BookPro = 1.1.0 versions...

EUVD-2025-210357

Unauthenticated Cross Site Request Forgery CSRF in Eagle Booking = 1.3.4.3 versions...

EUVD-2026-39781

Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...

EUVD-2026-39654

In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible...

EUVD-2026-39657

In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags...