65 matches found
CVE-2026-44668
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke without checking for a valid session. Four action methods in BoilerPlateConfig perform no local...
CVE-2026-44668
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke without checking for a valid session. Four action methods in BoilerPlateConfig perform no local...
CVE-2026-44668
CVE-2026-44668 affects FACTION, a PenTesting Report Generation and Collaboration Framework. Prior to version 1.8.3, the authentication gate for all Struts2 actions is implemented by AccessControlInterceptor and unconditionally calls invocation.invoke() without validating a session. Four methods i...
EUVD-2026-31944
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke without checking for a valid session. Four action methods in BoilerPlateConfig perform no local...
CVE-2026-44668 Faction: Unauthenticated Read, Modify, and Delete of Boilerplate Templates
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke without checking for a valid session. Four action methods in BoilerPlateConfig perform no local...
CVE-2026-44668
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke without checking for a valid session. Four action methods in BoilerPlateConfig perform no local...
CVE-2026-44668 Faction: Unauthenticated Read, Modify, and Delete of Boilerplate Templates
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke without checking for a valid session. Four action methods in BoilerPlateConfig perform no local...
PT-2026-43346
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke without checking for a valid session. Four action methods in BoilerPlateConfig perform no local...
Malicious Package
Overview typescript-react-redux-boilerplate is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
4591-libs (>=0.0.1 <=0.2.0), @10abdullahbutt/nestjs-boilerplate (=0.0.1) +1490 more potentially affected by CVE-2026-3304 via multer (>=2.0.0-alpha.2 <=2.0.2)
multer NPM version =2.0.0-alpha.2, =0.0.1, =0.0.1-alpha.1, =0.0.1-alpha.9, =0.0.0-alpha.119, =1.2.1, =0.0.1, =1.0.0, =0.1.1, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.2, =0.0.10, =0.6.2 and more Source cves: CVE-2026-3304 Source advisory: SNYK:JS-MULTER-15365918...
AI Code in the Wild: Measuring Security Risks and Ecosystem Shifts of AI-Generated Code in Modern Software
Large language models LLMs for code generation are becoming integral to modern software development, but their real-world prevalence and security impact remain poorly understood. We present the first large-scale empirical study of AI-generated code AIGCode in the wild. We build a high-precision...
CVE-2025-64710
Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting XSS vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web...
CVE-2025-64710
Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting XSS vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web...
CVE-2025-64710 Bitplatform Boilerplate has cross-site scripting vulnerability
Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting XSS vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web...
CVE-2025-64710 Bitplatform Boilerplate has cross-site scripting vulnerability
Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting XSS vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web...
CVE-2025-64710 Bitplatform Boilerplate has cross-site scripting vulnerability
Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting XSS vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web...
EUVD-2025-150357
Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting XSS vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web...
CVE-2025-64710
Summary: CVE-2025-64710 affects Bitplatform Boilerplate (Visual Studio/.NET template). The vulnerability resides in the WebInteropApp/WebAppInterop components and impacts versions prior to 9.11.3, enabling cross-site scripting (XSS). The issue allows injection of malicious scripts that compromise...
PT-2025-46773
Name of the Vulnerable Software and Affected Versions Bitplatform Boilerplate versions prior to 9.11.3 Description Bitplatform Boilerplate, a Visual Studio and .NET project template, contains a cross-site scripting XSS issue within the WebInteropApp/WebAppInterop component. This could allow...
Linux Distros Unpatched Vulnerability : CVE-2025-62700
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - MultiBoilerplate...