2 matches found
CVE-2026-13234
CVE-2026-13234 concerns an XSS flaw in the Drupal AI module. The vulnerability arises from improper neutralization of input during web page generation, enabling Cross-Site Scripting. Affected versions are: 0.0.0–1.2.17, 1.3.0–1.3.8, and 1.4.0–1.4.3. The issue is documented across NVD, CVE listing...
CVE-2026-41699
CVE-2026-41699 : Spring for GraphQL is affected by an Unsafe Deserialization flaw when processing paginated GraphQL queries (Connection fields). If the classpath contains specific deserialization-related classes, a crafted GraphQL request can lead to Remote Code Execution. Affected versions: Spri...