CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

UBUNTU-CVE-2026-44928

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal...

CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

PT-2026-38682

Name of the Vulnerable Software and Affected Versions uriparser versions prior to 1.0.2 Description The function family EqualsUri can misclassify two unequal URIs as equal. Recommendations Update to version 1.0.2 or later. As a temporary workaround, restrict the use of the EqualsUri function unti...

Uriparser 安全漏洞

Uriparser is an open-source library developed by uriparser, written in C89 and strictly compliant with RFC 3986 standards for URI parsing and processing. Versions of Uriparser prior to 1.0.2 contained a security vulnerability, which stemmed from pointer differences that were truncated to integers...

CVE-2026-25727 affecting package azl-compliance for versions less than 1.0.2-3

CVE-2026-25727 affecting package azl-compliance for versions less than 1.0.2-3. A patched version of the package is available...

Skill-scanner Unsecured Network Binding Vulnerability

Description: A vulnerability in the API Server of Skill Scanner could allow a unauthenticated, remote attacker to interact with the server API and either trigger a denial of service DoS condition or upload arbitrary files. This vulnerability is due to an erroneous binding to multiple interfaces. ...

PT-2026-1415

Name of the Vulnerable Software and Affected Versions FS Registration Password plugin for WordPress versions prior to 1.0.2 Description The FS Registration Password plugin for WordPress is susceptible to privilege escalation, allowing account takeover. This occurs because the plugin does not...

Fetch MCP Server has a Server-Side Request Forgery (SSRF) vulnerability

fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery SSRF vulnerability, which allows attackers to bypass private IP validation and access internal network resources...

WordPress plugin Posts Navigation Links for Sections and Headings Free by WP Masters 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

CVE-2025-63561

CVE-2025-63561 affects the Summer Pearl Group Vacation Rental Management Platform prior to version 1.0.2 . The vulnerability is a Slowloris-style denial-of-service in the HTTP connection handling layer, where an attacker can open and maintain many slow or incomplete HTTP connections to exhaust th...

GHSA-PR6M-QWRR-MRW9 Drupal Plausible tracking is vulnerable to XSS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Plausible tracking allows Cross-Site Scripting XSS. This issue affects Plausible tracking: from 0.0.0 before 1.0.2...

CVE-2025-10927

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Plausible tracking allows Cross-Site Scripting XSS.This issue affects Plausible tracking: from 0.0.0 before 1.0.2...

Drupal Plausible tracking 安全漏洞

Drupal Plausible tracking is a data analysis plugin for the Drupal community. A security vulnerability exists in Drupal Plausible tracking versions prior to 1.0.2, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...

CVE-2025-10927 Plausible tracking - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-107

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Plausible tracking allows Cross-Site Scripting XSS.This issue affects Plausible tracking: from 0.0.0 before 1.0.2...

CVE-2025-10927 Plausible tracking - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-107

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Plausible tracking allows Cross-Site Scripting XSS.This issue affects Plausible tracking: from 0.0.0 before 1.0.2...

CVE-2025-10927

CVE-2025-10927 concerns the Drupal Plausible tracking module. A flaw arises from improper input neutralization during web page generation, enabling Cross-Site Scripting (XSS). The issue affects Plausible tracking versions before 1.0.2. The CVE entry and related reports (e.g., GHSA-PR6M-QWRR-MRW9,...

Omni 安全漏洞

omni is a Kubernetes deployment tool open-sourced by Sidero Labs, Inc. A security vulnerability exists in Omni versions prior to 1.1.5 and prior to 1.0.2, which stems from the isSensitiveSpec function not checking if the metadata field of resource is null, which could lead to null pointer...