EUVD-2026-31369

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/backend/file star. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan Dror...

Trend Micro Apex One 后置链接漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a postback link vulnerability, which stems from issues with the scanning engine’s link tracking mechanism. This vulnerability may allow local attackers to gain elevated...

EUVD-2026-31053

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service...

Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks

Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...

CVE-2026-42160 Data Space Portal: Incorrect Authorization and Client-Side Enforcement of Server-Side Security in ghcr.io/sovity/ds-portal-ce-backend

Data Space Portal is an open-source Software as a Service SaaS solution designed to streamline Dataspace management. From version 2.1.1 to before version 7.3.2, there is insufficient authorization in the dataspace-portal backend regarding self-registered "PENDING" organization / user accounts. Th...

CVE-2026-41658

Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio inventory module enforces authorization for destructive operations delete, retire, reinstate only in the UI layer by conditionally rendering buttons. The backend POST handlers at modules/inventory.php for...

OpenClaw 后置链接漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had a post-link vulnerability due to a sandbox escape issue. This vulnerability could allow remote attackers to access arbitrary files by exploiting symbolic links during fil...

PT-2026-35518

Name of the Vulnerable Software and Affected Versions Pimcore version 12.3.3 Description An authenticated administrative user with permissions to import or save DataObject class definitions can inject malicious composite index metadata. This action allows the execution of unintended SQL commands ...

yu-picture 注入漏洞

Yu-Picture is an intelligent cloud image library platform developed by Liyupi’s individual developers, designed for team collaboration. Yu-Picture has a vulnerability related to injection attacks. This vulnerability stems from improper handling of the sortField parameter in the PageRequest functi...

Tenable Nessus 后置链接漏洞

Tenable Nessus is a vulnerability scanning software developed by the American company Tenable. Tenable Nessus has a backlink vulnerability, which allows attackers to create connection points, enabling them to delete any file with SYSTEM privileges. This vulnerability could potentially be exploite...

@aedwards/ohif-viewer (>=5.0.1 <=5.0.14), @bitrefill/airfill-widget (>=3.6.0 <=4.1.7) +55 more potentially affected by CVE-2026-41885 via i18next-locize-backend (>=0.0.1 <=9.0.1)

i18next-locize-backend NPM version =0.0.1, =5.0.1, =3.6.0, =1.7.5, =1.0.5, =9.14.0, =1.0.0, =1.0.1, =0.8.1, =0.8.1, =1.0.0, =1.0.0, =0.0.11, =0.53.0-14, =0.53.3 and more Source cves: CVE-2026-41885 Source advisory: OSV:GHSA-MGCP-MFP8-3Q45...

PT-2026-34440

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A client might theoretically cause a mismatch between queries sent to a backend and the received responses. This occurs when a flood of perfectly timed queries i...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the function parameter, which is concatenated into an API error message and rendered without HTML escaping. An attacker can execute arbitrary JavaScript code in the context of a backend user's session by...

REDAXO has reflected XSS in backend Metainfo API via type parameter (CSRF token required)

Summary A reflected XSS vulnerability has been identified in the REDAXO backend. The type parameter is concatenated into an API error message and rendered without HTML escaping. --- Details Root cause User input type is injected into an exception message, then rendered by rexview::error which...

EUVD-2026-20572

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 21.0.0 to before 27.0.3 and 28.0.1, while the documentrepository frontend was restricting file access, the backend endpoint was not...

PT-2026-28388

A path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 2026-01-19 in the Beifong AI News and Podcast Agent backend in FastAPI backend, stream-audio endpoint, in file routers/podcast router.py, in function stream audio. The...

UBUNTU-CVE-2025-70128

A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...

EUVD-2025-208245

A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution...

CVE-2026-2822 JeecgBoot Backend airag_app,1,create_by sql injection

A security vulnerability has been detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file /jeecgboot/sys/dict/loadDict/airagapp,1,createby of the component Backend Interface. Such manipulation of the argument keyword leads to sql injection. The attack can be...

PT-2026-7327

Name of the Vulnerable Software and Affected Versions Worklenz versions prior to 2.1.7 Description Worklenz, a project management tool, contains multiple SQL injection flaws in its backend SQL query construction. These flaws affect project and task management controllers, reporting and financial...