EUVD-2026-17417

Stored cross-site scripting XSS in Checkmk version 2.5.0 beta before 2.5.0b2 allows authenticated users with permission to create pending changes to inject malicious JavaScript into the Pending Changes sidebar, which will execute in the browsers of other users viewing the sidebar...

actix-session-surrealdb (>=0.1.0 <=0.1.5) potentially affected by unknown CVE via surrealdb (=1.0.0-beta.9)

surrealdb CARGO version =1.0.0-beta.9 is affected by a known vulnerability. The following packages have a transitive dependency on surrealdb and may be impacted: - actix-session-surrealdb =0.1.0, =0.1.5 Source cves: unknown CVE Source advisory: OSV:GHSA-CCJ3-5P93-8P42...

taoCMS 跨站脚本漏洞

taoCMS is a Chinese micro CMS Content Management System. A security vulnerability exists in taogogo taoCMS version 2.5 beta5.1, which stems from a cross-site scripting XSS vulnerability that allows an attacker to execute arbitrary code via the name field in admin.php...

WordPress 信息泄露漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress 5.8 beta had an information disclosure vulnerability that could be exploited by an attacke...