CVE-2026-49361

Apache Fluss versions prior to 0.9.1 configure the Netty LengthFieldBasedFrameDecoder with Integer.MAXVALUE as the maximum frame length, allowing unauthenticated remote attackers to exhaust JVM heap memory on TabletServer and CoordinatorServer by sending specially crafted frame headers, resulting...

WordPress Link Whisper Free plugin < 0.9.1 - Unauthenticated Settings and User Meta Update vulnerability

Unauthenticated Settings and User Meta Update vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin Link Whisper Free versions 0.9.1...

hermes 日志信息泄露漏洞

Hermes is a workflow platform open-sourced by Automated Software Metadata Publication. A log information disclosure vulnerability exists in hermes version 0.8.1 through versions prior to 0.9.1, which stems from the hermes subcommand logging arbitrary options in raw form under the -O parameter,...

VaulTLS 安全漏洞

VaulTLS is a modern solution from Emily Ehlert Personal Developer to easily manage mTLS two-way TLS certificates. A security vulnerability exists in VaulTLS versions prior to 0.9.1 that stems from an empty password setup and API login bypass, which could lead to unauthorized access...

PT-2024-17310 · WordPress · Glomex Oembed Plugin

Name of the Vulnerable Software and Affected Versions: glomex oEmbed plugin for WordPress versions prior to 0.9.1 Description: The glomex oEmbed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's glomex integration shortcode due to insufficient input sanitization a...

CVE-2023-39661

An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

krail-jpa SQL注入漏洞

krail-jpa is a KrailOrg open source module for use with Krail. The module provides JPA functionality . A SQL injection vulnerability exists in krail-jpa versions prior to 0.9.1, which stems from an unknown partial impact and operates to cause SQL injection...

PT-2022-28151 · Usememos · Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input and later displays it without proper validation or escaping, allowing an attacke...

memos 安全漏洞

memos is an open source hosted memo center with knowledge management and social features. A security vulnerability exists in memos versions prior to 0.9.1, which stems from insufficient privileges or improper handling of privileges...

PT-2022-28139 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to improper handling of values in the GitHub repository usememos/memos. An attacker can post malicious content to another user's memos page via a POST request...

PT-2022-28134 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to an incorrectly specified destination in a communication channel. This affects the GitHub repository usememos/memos. Recommendations: For versions prior to 0.9.1, upda...

PT-2022-28135 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to improper verification of the source of a communication channel in the GitHub repository usememos/memos. Recommendations: For versions prior to 0.9.1, update to versio...

memos 跨站脚本漏洞

memos is an open source hosted meme center with knowledge management and social features. A cross-site scripting vulnerability exists in versions of memos prior to 0.9.1. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

memos 跨站请求伪造漏洞

memos is an open source hosted meme center with knowledge management and social features. A cross-site request forgery vulnerability exists in memos versions prior to 0.9.1. An attacker could exploit this vulnerability to perform a cross-site request forgery attack...

PT-2022-28131 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Cross-Site Request Forgery CSRF in the GitHub repository usememos/memos. CSRF is an attack that tricks a user into performing unintended actions on a web application...

PT-2022-28133 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Cross-Site Request Forgery CSRF in the GitHub repository usememos/memos. CSRF is an attack that tricks a user into performing unintended actions on a web application...

PT-2022-28114 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Insufficient Granularity of Access Control in the GitHub repository usememos/memos. This can allow an attacker to delete a memo from the archives. Recommendations: Fo...

PT-2022-28115 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to improper access control in the GitHub repository usememos/memos. Recommendations: For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue...

PT-2022-28105 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Improper Authorization in the GitHub repository usememos/memos. Recommendations: For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue...

PT-2022-28112 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue allows an unauthorized user to access any private memo by manipulating the URL of a memo on the editing screen. This is due to an Authorization Bypass Through User-Controlled Key...