106 matches found
CVE-2026-28807
CVE-2026-28807 affects gleam-wisp wisp; path traversal in wisp.serve_static occurs because sanitization runs before percent-decoding, allowing %2e%2e to decode to .. and read any file the process can access. Affected versions are 2.1.1 <= wisp
EEF-CVE-2026-28807 Path Traversal in wisp.serve_static allows arbitrary file read
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.servestatic function is vulnerable to path traversal because sanitization runs before percent-decoding. The encoded...
Wisp 安全漏洞
Wisp is a practical Gleam web framework developed under open source, designed for rapid development and easy maintenance. Versions of Wisp from 2.1.1 to 2.2.1 contained security vulnerabilities. These vulnerabilities were caused by a path traversal vulnerability in the wisp.servestatic function,...
PT-2026-24472
Name of the Vulnerable Software and Affected Versions gleam-wisp wisp versions 2.1.1 through 2.2.0 Description A path traversal issue exists in gleam-wisp wisp that allows arbitrary file reading through percent-encoded path traversal. The wisp.serve static function is susceptible because...
CVE-2026-28807
creationtimestamp| type| source ---|---|--- 2026-03-09 12:29:02+00:00| published-proof-of-concept| https://github.com/gleam-wisp/wisp/security/advisories/GHSA-h7cj-j2vv-qw8r...
PT-2026-6643
Name of the Vulnerable Software and Affected Versions Edimax BR-6288ACL versions up to 1.12 Description A security issue exists in Edimax BR-6288ACL versions up to 1.12. The wiz WISP24gmanual function within the wiz WISP24gmanual.asp file is susceptible to cross site scripting due to manipulation...
Malicious code in cascade-wisp-evc586-project (npm)
The package cascade-wisp-evc586-project was found to contain malicious code...
MAL-2025-43705 Malicious code in cascade-wisp-evc586-project (npm)
The package cascade-wisp-evc586-project was found to contain malicious code...
Malicious code in opal-wisp-jow411-project (npm)
The package opal-wisp-jow411-project was found to contain malicious code...
Malicious code in lilypad-wisp-khn198-project (npm)
The package lilypad-wisp-khn198-project was found to contain malicious code...
Malicious code in wisp-river-tyt962-project (npm)
The package wisp-river-tyt962-project was found to contain malicious code...
Malicious code in wisp-ripple-blt348-project (npm)
The package wisp-ripple-blt348-project was found to contain malicious code...
Malicious code in nocturne-wisp-xmh536-project (npm)
The package nocturne-wisp-xmh536-project was found to contain malicious code...
Malicious code in wisp-falcon-xaj738-project (npm)
The package wisp-falcon-xaj738-project was found to contain malicious code...
Malicious code in crystal-wisp-mfe118-project (npm)
The package crystal-wisp-mfe118-project was found to contain malicious code...
Malicious code in wisp-lightning-cin551-project (npm)
The package wisp-lightning-cin551-project was found to contain malicious code...
Malicious code in everglow-wisp-lve550-project (npm)
The package everglow-wisp-lve550-project was found to contain malicious code...
Malicious code in grove-2yjlo-1a6ph-wisp-project (npm)
The package grove-2yjlo-1a6ph-wisp-project was found to contain malicious code...
Malicious code in grove-z7hek-zg9rl-wisp-project (npm)
The package grove-z7hek-zg9rl-wisp-project was found to contain malicious code...
Malicious code in wisp-giraffe-rcj353-project (npm)
The package wisp-giraffe-rcj353-project was found to contain malicious code...