CVE-2026-8063

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

Drupal cross-site request forgery vulnerability (CNVD-2017-03746)

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site request forgery vulnerability exists in Drupal versions 8.2.x prior to 8.2.7, which stems from the program's failure to protect the administrative path with a...