CVE-2026-42177 linux-entra-sso: PRT SSO cookie can leak to attacker-controlled hosts when broad host permissions are granted

linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSOURL + "/", i.e. "https://login.microsoftonline.com/". Chrome's urlFilter without a |...

GHSA-QPGQ-5G92-J5Q8 Magento LTS Vulnerable to Open Redirect via Unvalidated `uenc` Parameter in `stockAction()`

Summary MageProductAlertAddController::stockAction reads the uenc query parameter and passes it directly to $this-redirectUrl$backUrl without calling $this-isUrlInternal When the supplied productid does not match any catalog product, the server issues an unvalidated HTTP 302 redirect to whatever...

CVE-2026-3335

The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the /wp-content/plugins/canto/includes/lib/copy-media.php file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and t...

CVE-2026-32616

Pigeon is a message board/notepad/social system/blog. Prior to 1.0.201, the application uses $SERVER'HTTPHOST' without validation to construct email verification URLs in the register and resendmail flows. An attacker can manipulate the Host header in the HTTP request, causing the verification lin...

Automatic Attack Script Generation: A MDA Approach

It is widely recognized that practical exercises are crucial for teaching cybersecurity in higher education. However, their setup is not only expensive, time-consuming, and prone to numerous errors, but also requires technical and programming skills to create attack contexts and scripts. To...

EUVD-2025-204702

Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network...

misskey.js's export data contains private post data

Summary After adding private posts followers, direct that you do not have permission to view to your favorites or clips, you can export them to view the contents of the private posts. PoC 1. Create an account X for testing and an account Y for private posts on the same server. 2. Send appropriate...

CVE-2025-34429 1Panel CSRF Web Port Configuration Change

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a...

EUVD-2019-9591

Malware in sbrugna...

EUVD-2021-0622

Malware in sbrugna...

EUVD-2019-9768

Malware in sbrugna...

EUVD-2024-2518

Malicious code in bioql PyPI...

EUVD-2023-54107

Malicious code in bioql PyPI...

EUVD-2024-20951

Malicious code in bioql PyPI...

EUVD-2023-54105

Malicious code in bioql PyPI...

CVE-2021-32852

Countly, a product analytics solution, is vulnerable to cross-site scripting prior to version 21.11 of the community edition. The victim must follow a malicious link or be redirected there from malicious web site. The attacker must have an account or be able to create one. This issue is patched i...

PostgreSQL Vulnerable to Privileged Execution of Arbitrary SQL due to Late Privilege Drop in 'REFRESH MATERIALIZED VIEW CONCURRENTLY'

An authenticated attacker that has created a materialized view could run arbitrary SQL commands on a PostgreSQL server if a victim runs REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's view. If the victim is a superuser this could result in full compromise of the PostgreSQL server...

Exploit for CVE-2024-9932

CVE-2024-9932-POC Description: The Wux Blog Editor WordPre...

PT-2025-4383 · Jwk Set +1 · Jwk Set +1

Name of the Vulnerable Software and Affected Versions: JWK Set versions prior to 0.6.0 Description: The project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. However, the current behavior is to overwrite or append, which...

JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

The project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key removal fr...