CVE-2026-41283

OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...

CVE-2021-31547

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules...

Design/Logic Flaw

Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored inkubectl.kubernetes.io/last-applied-configuration annotation. pull request 7139 introduced the ability ...

Internet Bug Bounty: Context isolation bypass via nested unserializable return value

A vulnerability was discovered in Electron that allowed for a bypass of context isolation. This meant that code running in the main world context in the renderer could access the isolated Electron context and perform privileged actions. The vulnerability was fixed in versions 25.0.0-alpha.2,...