3911 matches found
CVE-2026-5808 openstatusHQ openstatus Onboarding Endpoint client.tsx cross site scripting
A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae634059330c. This impacts an unknown function of the file apps/dashboard/src/app/dashboard/onboarding/client.tsx of the component Onboarding Endpoint. The manipulation of the argument callbackURL results in...
CVE-2026-5808
A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae634059330c. This impacts an unknown function of the file apps/dashboard/src/app/dashboard/onboarding/client.tsx of the component Onboarding Endpoint. The manipulation of the argument callbackURL results in...
CVE-2026-5808
The CVE-2026-5808 entry affects openstatusHQ OpenStatus with the Onboarding Endpoint component. The vulnerability is tied to the file apps/dashboard/src/app/(dashboard)/onboarding/client.tsx, where manipulation of the argument callbackURL enables cross-site scripting. It can be triggered remotely...
CVE-2026-0811
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.9. This is due to missing or incorrect nonce validation on the 'vszcf7savesettingcallback' function. This makes it possible for unauthenticated attackers to...
CVE-2026-34721 Zammad has Cross-site request forgery (CSRF) in OAuth callback endpoints
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the OAuth callback endpoints for Microsoft, Google, and Facebook external credentials do not validate a CSRF state parameter. This vulnerability is fixed in 7.0.1 and 6.5.4...
CVE-2026-34721 Zammad has Cross-site request forgery (CSRF) in OAuth callback endpoints
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the OAuth callback endpoints for Microsoft, Google, and Facebook external credentials do not validate a CSRF state parameter. This vulnerability is fixed in 7.0.1 and 6.5.4...
Exploit for Eval Injection in Langflow
CVE-2026-33017 - Langflow Unauthenticated RCE...
freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event
A heap buffer use after free has been discovered in FreeRDP. ainputsendinputevent caches channelcallback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free...
GHSA-Q4X6-6MM2-CRG9 WWBN AVideo has a Live restream log callback flow enabling stored SSRF to internal services
Summary The Live restream log callback flow accepted an attacker-controlled restreamerURL and later fetched that stored URL server-side, enabling stored SSRF for authenticated streamers. The vulnerable flow allowed a low-privilege user with streaming permission to store an arbitrary callback URL...
WWBN AVideo has a Live restream log callback flow enabling stored SSRF to internal services
The Live restream log callback flow accepted an attacker-controlled restreamerURL and later fetched that stored URL server-side, enabling stored SSRF for authenticated streamers. The vulnerable flow allowed a low-privilege user with streaming permission to store an arbitrary callback URL and...
Zammad 跨站请求伪造漏洞
Zammad is a ticketing management software developed by the German company Zammad. Versions of Zammad prior to 7.0.1 and 6.5.4 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of validation of the CSRF status parameter in the OAuth callback endpoint,...
PT-2026-31389
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.9. This is due to missing or incorrect nonce validation on the 'vsz cf7 save setting callback' function. This makes it possible for unauthenticated attackers t...
openstatus 代码注入漏洞
OpenStatus is an open-source status page and availability monitoring platform developed by OpenStatus. OpenStatus has a code injection vulnerability, which stems from the operation of the callbackURL parameter in the Onboarding endpoint component...
PT-2026-31475
A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae634059330c. This impacts an unknown function of the file apps/dashboard/src/app/dashboard/onboarding/client.tsx of the component Onboarding Endpoint. The manipulation of the argument callbackURL results in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006780)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006780 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't fail inserts if duplicate has expired nftables selftests fail:...
freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event
A heap buffer use after free has been discovered in FreeRDP. ainputsendinputevent caches channelcallback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free...
freerdp: FreeRDP has a heap-use-after-free in video_timer
A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...
CVE-2026-39368 WWBN AVideo has a Live restream log callback flow enabling stored SSRF to internal services
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the Live restream log callback flow accepted an attacker-controlled restreamerURL and later fetched that stored URL server-side, enabling stored SSRF for authenticated streamers. The vulnerable flow allowed a low-privilege...
CVE-2026-39368
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the Live restream log callback flow accepted an attacker-controlled restreamerURL and later fetched that stored URL server-side, enabling stored SSRF for authenticated streamers. The vulnerable flow allowed a low-privilege...
CVE-2026-34969
Nhost is an open source Firebase alternative with GraphQL. Prior to 0.48.0, the auth service's OAuth provider callback flow places the refresh token directly into the redirect URL as a query parameter. Refresh tokens in URLs are logged in browser history, server access logs, HTTP Referer headers,...