EUVD-2026-28872

Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In versions 2.14.0 and prior, the archive upload endpoint POST /api/v1/archives/linkId?format=4 accepts HTML files text/html without sanitizing JavaScript content. When the archive i...

EUVD-2026-24754

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

CVE-2026-31192

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

Raindrop.io Bookmark Manager Web App 输入验证错误漏洞

Raindrop.io Bookmark Manager Web App is a cloud-based bookmark management application developed by the Russian company Raindrop.io. Version 5.6.76.0 of Raindrop.io Bookmark Manager Web App contains a vulnerability related to input validation. This vulnerability stems from insufficient validation ...

CVE-2026-31192

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

PT-2026-34338

Name of the Vulnerable Software and Affected Versions Raindrop.io Bookmark Manager Web App version 5.6.76.0 Description Insufficient validation of Chrome extension identifiers allows attackers to obtain sensitive user data through a crafted request. Recommendations At the moment, there is no...

CVE-2026-31192

The vulnerability CVE-2026-31192 affects Raindrop.io Bookmark Manager Web App version 5.6.76.0. The root cause is insufficient validation of Chrome extension identifiers, leading to potential exposure of sensitive user data via a crafted request. Documents confirm the affected component and the u...

CVE-2026-31192

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

EUVD-2018-19601

Malware in sbrugna...

EUVD-2025-19714

Malicious code in bioql PyPI...

EUVD-2025-28587

Malicious code in bioql PyPI...

CVE-2025-49588

Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other...

CVE-2025-49588

Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other...

Linkwarden 安全漏洞

Linkwarden is a self-hosted collaborative bookmark manager from Linkwarden Open Source. A security vulnerability exists in Linkwarden version 2.10.2, which stems from an unvalidated file:// link and could lead to a data leak...

[SECURITY] Fedora 40 Update: buku-4.9-1.fc40

Buku is a powerful bookmark manager written in Python3 and SQLite3. Buku fetches the title of a bookmarked web page and stores it along with any additional comments and tags. You can use your favourite editor to compose and update bookmarks. With multiple search options, including regex and a dee...

[SECURITY] Fedora 41 Update: buku-4.9-1.fc41

Buku is a powerful bookmark manager written in Python3 and SQLite3. Buku fetches the title of a bookmarked web page and stores it along with any additional comments and tags. You can use your favourite editor to compose and update bookmarks. With multiple search options, including regex and a dee...

Linkding Cross-Site Scripting Vulnerability

linkding is a self-hosted bookmark manager by the individual developer Sascha Ißbrücker. A cross-site scripting vulnerability exists in linkding version 1.23.0, which stems from a cross-site scripting XSS vulnerability in the parameter q. The vulnerability is caused by the use of the parameter q ...

marcador 安全漏洞

marcador is a simple rofi-based bookmark manager by the individual developer joajfreitas. A security vulnerability exists in marcador. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

OneNav 安全漏洞

OneNav is a minimalist navigation/bookmark management system developed using PHP. A security vulnerability exists in OneNav 0.9.12 which allows information disclosure of onenav.db3 content...

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...