EUVD-2025-32373

Cursor is a code editor built for programming with AI. Versions 1.6.23 and below contain case-sensitive checks in the way Cursor IDE protects its sensitive files e.g., /.cursor/mcp.json, which allows attackers to modify the content of these files through prompt injection and achieve remote code...

EUVD-2023-39928

Malicious code in bioql PyPI...

PT-2023-3901 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.27.0 Envoy versions prior to 1.26.4 Envoy versions prior to 1.25.9 Envoy versions prior to 1.24.10 Envoy versions prior to 1.23.12 Description: The issue is related to the handling of mixed-case schemes in HTTP/2 by...

Authorization Bypass

urijs is vulnerable to Authorization Bypass. The vulnerability exists in the User-Controlled Key due to the case-sensitive checks which not properly configured, allowing an attacker to bypass and gain access...

in medialize/uri.js

Description Bypass for https://huntr.dev/bounties/1625558772840-medialize/URI.js/ urijs fixed the issue for CVE-2021-3647, however an attacker can still exploit the issue due to case-sensitive checks in the earlier patch. Attacker can use case-insensitive protocol schemes like HTTP, htTP, HTtp et...

Cross site scripting

The cross-site scripting XSS protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro PMP before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web script or HTML via the searchtext parameter and oth...