DataEase <= 2.4.1 - Sensitive Information Exposure

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. id: CVE-2024-30269...

CVE-2026-0393

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

CVE-2026-0393 CODESYS Visualization - Insufficiently Protected Credentials

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

CVE-2026-0393

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

CVE-2026-0393 CODESYS Visualization - Insufficiently Protected Credentials

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

EUVD-2026-31266

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

CVE-2026-0393

CVE-2026-0393 affects CODESYS Visualization. Root cause: insufficient isolation of authentication data during concurrent login operations allows credentials to be exposed remotely between low-privileged visualization users, limited to the login phase within an active visualization session. Impact...

PT-2026-42450

Name of the Vulnerable Software and Affected Versions CODESYS Visualization affected versions not specified Description Insufficient isolation of authentication data may cause the remote exposure of credentials between low privileged visualization users during concurrent login operations. This...

CODESYS Visualization 安全漏洞

CODESYS Visualization is a functional module developed by the German company CODESYS. It transforms the operation status of programs into a visual interface. There is a security vulnerability in CODESYS Visualization, which stems from insufficient authentication data isolation. This vulnerability...

CVE-2026-24573

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle Visualizer allows Stored XSS. This issue affects Visualizer: from n/a before 4.0.0...

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave. "The attack affects packages tied to the npm maintainer account atool, includin...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

GHSA-8MP2-V27R-99XP vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

CVE-2026-33079 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

CVE-2026-44896 vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, kubeflow-pipelines-visualization-server...

GHSA-58CW-G322-P94V vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, kubeflow-pipelines-visualization-server...

CVE-2026-44897 vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, kubeflow-pipelines-visualization-server...

CVE-2026-44708 vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, kubeflow-pipelines-visualization-server...

GHSA-8MP2-V27R-99XP vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, kubeflow-pipelines-visualization-server...

CVE-2026-33079 vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, kubeflow-pipelines-visualization-server...