46 matches found
CVE-2026-59930
Mistune (Python Markdown parser) prior to 3.3.0 has a vulnerability in the toc/TableOfContents directive: heading IDs are generated as predictable toc_N values without slugifying the heading text. This can allow attacker-controlled id="toc_N" content to collide with generated anchors, potentially...
EUVD-2026-41972
A malicious webpage could interrupt a pending navigation by enqueuing a synchronous JavaScript dialog, causing the browser UI to display the destination origin in the address bar while continuing to render attacker-controlled content. This vulnerability was fixed in Firefox for iOS 152.3...
CVE-2026-58460
react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...
EUVD-2026-40129
Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manifest data, or specification input, an attacker could cause Snowflake CLI to execute unintended SQL i...
PT-2026-53309
Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper neutralization of attacker-controlled content allows unintended SQL execution. An attacker can execute arbitrary SQL within the context of a victim user's Snowflake session by providing...
SUSE-SU-2026:22325-1 Security update for sed
This update for sed fixes the following issue - CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file bsc1262144...
PT-2026-50167
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.55 n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description An authenticated user with workflow edit access can configure a 'Respond to Webhook' node to serve binary content using an attacker-controlled...
PT-2026-49836
Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, enabling phishing...
Malicious code in theta-connector (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ac14206b12d7cb0c180c49e65d91b99aa2f013c33147d7f1eff396da2c48a2 The package advertises itself as a MySQL connector but index.js around line 236 contains a method queryDBConnect on the exported...
CVE-2026-34258
SAPUI5 Search UI allows an unauthenticated attacker to manipulate specific URL parameters on the Search UI to include malicious content. Successful exploitation may mislead victim users into clicking and accessing attacker-controlled pages rendered by the application. This vulnerability has a low...
CVE-2026-44972
GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 to 2.9.0, GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-readable output without escaping terminal control characters. A malicious package can therefore inject...
CVE-2026-45036
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...
CVE-2026-45244
Summarize prior to 0.15.1 contains a missing authorization vulnerability that allows attackers to execute browser automation actions without per-call user approval when the extension automation feature is enabled. Attackers can influence the agent through malicious page or summary content to invo...
SUSE-SU-2026:1941-1 Security update for sed
This update for sed fixes the following issue: - CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file bsc1262144...
CVE-2026-45036
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...
EUVD-2026-30567
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...
SUSE-SU-2026:1699-1 Security update for sed
This update for sed fixes the following issue: - CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file bsc1262144...
CVE-2026-22676
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...
CVE-2026-27674
An unauthenticated code injection flaw in SAP NetWeaver Application Server Java (Web Dynpro Java) could allow a crafted input to cause the application to reference attacker‑controlled content, leading to execution of client‑side code in the victim’s browser and potential session compromise. Affec...
PT-2026-32554
Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server Java Web Dynpro Java affected versions not specified Description A code injection issue in the Web Dynpro Java component allows an unauthenticated attacker to provide crafted input that the application interpre...