EUVD-2026-23151

Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trustedmods or secure.httpmods, then a crafted mod can intercept the request for the insecure environment or HTTP API, and also receive access to it...

CVE-2025-42603

This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in plain text within the response payloads of certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting API response that contains unencrypted sensitive...

Shopify: Customer's full name disclosure via Shopify Chat (by email lookup)

By making use of the Shopify Chat Application, it is possible to retrieve a customer First Name and Last Name by providing its email. Steps to reproduce 1. Having a shop with Shopify Chat installed, open up https://shop.myshopify.com/?chat in Incognito mode 1. Click on I need an update on my orde...

Zomato: [www.zomato.com] Availing Zomato Gold membership for free by tampering plan id(s)

Summary: Get free zomato gold membership using zomato iOS app. Description: add more details about this vulnerability 1 Login to the zomato iOS application. 2 Select zomato gold from the home screen. 3 Depending on your location, you will see different gold pack options. 4 Select any gold pack. 5...