PT-2026-28599

Name of the Vulnerable Software and Affected Versions LangChain-core versions prior to 1.2.22 Description LangChain is a framework used for building applications powered by language models. Multiple functions within langchain core.prompts.loading do not properly validate file paths when reading...

CVE-2025-57403

Cola Dnslog v1.3.2 is affected by a Directory Traversal vulnerability in the DNS TXT query handling. The root cause is the application concatenating the requested URL (or a portion) with a base path via os.path.join, allowing directory traversal or absolute path injection and potentially exposing...

EUVD-2025-205449

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

CVE-2025-57403

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

CVE-2021-30173

CVE-2021-30173 involves a Local File Inclusion vulnerability in the omni-directional communication system (Jun-He/Junghee/Junghee-type Total Communication System). The issue arises when an authenticated attacker injects an absolute path into the Url parameter, enabling access to arbitrary files o...