Security Bulletin: Highlight.js Prototype Pollution Vulnerability in Code Block Parsing, affects watsonx.data

Summary Highlight.js versions prior to 9.18.2 and 10.1.2 are vulnerable to prototype pollution via malicious HTML in user-supplied code blocks. This can cause unexpected application behavior or crashes, representing a potential DoS vector. This can affect watsonx.data. Vulnerability Details...

CVE-2026-0863

Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...

CVE-2025-12958 Rankology SEO and Analytics Tool <= 2.0 - Incorrect Authorization to Authenticated (Editor+) Header & Footer Code Creation

The Rankology SEO and Analytics Tool plugin for WordPress is vulnerable to unauthorized modification of data due to an incorrect capability check on the 'rankologycodeblock' page in all versions up to, and including, 2.0. This makes it possible for authenticated attackers, with Editor-level acces...

CVE-2025-12958 Rankology SEO and Analytics Tool <= 2.0 - Incorrect Authorization to Authenticated (Editor+) Header & Footer Code Creation

The Rankology SEO and Analytics Tool plugin for WordPress is vulnerable to unauthorized modification of data due to an incorrect capability check on the 'rankologycodeblock' page in all versions up to, and including, 2.0. This makes it possible for authenticated attackers, with Editor-level acces...

PT-2026-1587

Name of the Vulnerable Software and Affected Versions Rankology SEO and Analytics Tool versions prior to 2.1 Description The Rankology SEO and Analytics Tool plugin for WordPress has an issue where data can be modified without proper authorization. This is due to a flawed capability check on the...

mdast-util-to-hast has unsanitized class attribute

Impact Multiple unprefixed classnames could be added in markdown source by using character references. This could make rendered user supplied markdown code elements appear like the rest of the page. The following markdown: markdown jsxss Would create If your page then applied .xss classes or...

EUVD-2019-6056

Malware in sbrugna...

EUVD-2019-11097

Malware in sbrugna...

CVE-2024-24975

Uncontrolled Resource Consumption in Mattermost Mobile versions before 2.13.0 fails to limit the size of the code block that will be processed by the syntax highlighter, allowing an attacker to send a very large code block and crash the mobile app...

CVE-2024-24975

Mattermost Mobile: CVE-2024-24975 affects Mattermost Mobile before 2.13.0. The issue is uncontrolled resource consumption caused by the syntax highlighter not limiting the size of code blocks, which can crash the mobile app. Affected component is the syntax highlighter in Mattermost Mobile; root ...

_updateBucketExchangeRates could possibly revert

Lines of code Vulnerability details Impact updateBucketExchangeRates will not work correctly and would revert in case totalBurnedLatest totalBurnedAtBlock causing DOS for the users when they try to claimRewards, moveStakedLiquidity, stake or unstake. Proof of Concept When the curBurnEpoch doesn't...

Upgraded Q -> 2 from #356 [1677633435546]

Judge has assessed an item in Issue 356 as 2 risk. The relevant finding follows: L-01 ERC4626 does not work with fee-on-transfer tokens in project Impact ERC20 token contract can be deposited with the deposit function. With the following part of the code, the ERC20 transfer from msg.sender to the...

LAST PRICE DUTCH AUCTION SALE (LPDA) CAN BE EXPLOITED

Lines of code Vulnerability details Impact The function logic of buy in LPDA.sol can be exploited by shrewd buyers to achieve the lowest finalPrice possible. Proof of Concept LPDA.solL58-L89 function buyuint256 amount external payable uint48 amount = uint48amount; Sale memory temp = sale;...

Return variable can remain unassigned in _sendForReceiver

Handle sirhashalot Vulnerability details Impact The sendForReceiver function only sets a return function in the "if" code block, not the "else" case. If the "else" case is true, no value is returned. The result of this oversight is that the sendForReceiver function called from the distribute...

CVE-2020-36326

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...

Security update for python-markdown2 (moderate)

openSUSE Security Update: Security update for python-markdown2 Announcement ID: openSUSE-SU-2021:0429-1 Rating: moderate References: 1171379 1181270 1183171 Cross-References: CVE-2021-26813 CVSS scores: CVE-2021-26813 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products:...

Code injection

Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...

Highlightjs Security Vulnerability

Highlightjs is a syntax highlighting tool written in JavaScript by the Highlightjs team. It is available on both browsers and servers, does not depend on any framework, and has automatic language detection. A security vulnerability exists in Highlightjs version 9.18.2 and versions prior to 10.1.2...

CVE-2019-17401

libyal liblnk 20191006 has a heap-based buffer over-read in the networksharenameoffset20 code block of liblnklocationinformationreaddata in liblnklocationinformation.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as described in the GitHub issue...

CVE-2019-17401

libyal liblnk 20191006 has a heap-based buffer over-read in the networksharenameoffset20 code block of liblnklocationinformationreaddata in liblnklocationinformation.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as described in the GitHub issue...