Lucene search
+L

47 matches found

Rockylinux
Rockylinux
added 4 days ago9 views

perl-XML-LibXML security update

An update is available for perl-XML-LibXML. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This module implements a Perl interface to the GNOME libxml2 library...

7.5CVSS6.1AI score0.00629EPSS
Exploits0
OSV
OSV
added 4 days ago4 views

RLSA-2026:39553 Important: perl-XML-LibXML security update

This module implements a Perl interface to the GNOME libxml2 library which provides interfaces for parsing and manipulating XML files. This module allows Perl programmers to make use of the highly capable validating XML parser and the high performance DOM implementation. Security Fixes:...

7.5CVSS6.1AI score0.00629EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 4 days ago5 views

Important: Red Hat Security Advisory: perl-XML-LibXML security update

An update for perl-XML-LibXML is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.5CVSS6.1AI score0.00629EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 4 days ago6 views

perl-XML-LibXML: XML::LibXML: Denial of Service via truncated UTF-8 in XML node names

A flaw was found in XML::LibXML for Perl. A remote attacker could exploit this vulnerability when processing specially crafted XML node names containing incomplete UTF-8 character sequences. This can lead to an out-of-bounds read in heap memory, potentially causing the application to crash and...

7.5CVSS6AI score0.00629EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 5 days ago10 views

perl-XML-LibXML: XML::LibXML: Denial of Service via truncated UTF-8 in XML node names

A flaw was found in XML::LibXML for Perl. A remote attacker could exploit this vulnerability when processing specially crafted XML node names containing incomplete UTF-8 character sequences. This can lead to an out-of-bounds read in heap memory, potentially causing the application to crash and...

7.5CVSS6AI score0.00629EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 5 days ago5 views

Important: Red Hat Security Advisory: perl-XML-LibXML security update

An update for perl-XML-LibXML is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

7.5CVSS6.1AI score0.00629EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 5:16 p.m.10 views

CVE-2026-44791

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass the patch for CVE-2026-42232 in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. This...

9.9CVSS0.00634EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 3:54 p.m.3 views

CVE-2026-44791 n8n: XML Node Prototype Pollution Patch Bypass

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass the patch for CVE-2026-42232 in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. This...

9.4CVSS6.1AI score0.00634EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 3:54 p.m.47 views

CVE-2026-44791 n8n: XML Node Prototype Pollution Patch Bypass

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass the patch for CVE-2026-42232 in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. This...

9.4CVSS0.00634EPSS
Exploits0References1
OSV
OSV
added 2026/06/21 8:16 p.m.5 views

DEBIAN-CVE-2026-12805

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/21 7:15 p.m.4 views

CVE-2026-12805 OFFIS DCMTK ofxml.cc parseFile heap-based overflow

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

SUSE SLES12 Security Update : perl-XML-LibXML (SUSE-SU-2026:2402-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2402-1 advisory. This update for perl-XML-LibXML fixes the following issue - CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing...

7.5CVSS5.9AI score0.00629EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42232

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE when combined with other nodes exploiting the prototype...

9.4CVSS5.7AI score0.00478EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/14 4:17 p.m.14 views

n8n Has an XML Node Prototype Pollution Patch Bypass

Impact An authenticated user with permission to create or modify workflows could bypass the patch for GHSA-hqr4-h3xv-9m3r in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. Patches The issue has been fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1. Users...

9.9CVSS5.7AI score0.00634EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2026/05/14 4:17 p.m.12 views

NPM: n8n Has an XML Node Prototype Pollution Patch Bypass

NPM: n8n Has an XML Node Prototype Pollution Patch Bypass vulnerability discovered by ? in WordPress Npm n8n versions 1.123.43...

6AI score0.00634EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/14 4:17 p.m.9 views

GHSA-WRWR-H859-XH2R n8n Has an XML Node Prototype Pollution Patch Bypass

Impact An authenticated user with permission to create or modify workflows could bypass the patch for GHSA-hqr4-h3xv-9m3r in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. Patches The issue has been fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1. Users...

9.4CVSS5.7AI score0.00634EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/12 9:0 p.m.23 views

Prototype Pollution

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Prototype Pollution in the Xml class, which implements an XML node. A user with permission to create or modify workflows can achieve remote code execution on the host system. Note: This is a bypass ...

9.9CVSS6.5AI score0.00634EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/07 3:36 a.m.9 views

CVE-2026-41672 xmldom: XML node injection through unvalidated comment serialization

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

XMLDOM 安全漏洞

XMLDOM is a JavaScript implementation of the W3C DOM for Node developed by jindw. Versions of XMLDOM prior to 0.9.10, 0.8.13, and xmldom 0.6.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper validation or neutralization of the PI end sequence when...

8.7CVSS5.9AI score0.00408EPSS
Exploits0References1
NVD
NVD
added 2026/05/04 7:16 p.m.27 views

CVE-2026-42232

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE when combined with other nodes exploiting the prototype...

9.4CVSS0.00478EPSS
Exploits0References1
Rows per page
Query Builder