CVE-2026-7588

Summary (CVE-2026-7588) : In the ggerve coding-standards-mcp project, the vulnerability affects the get_style_guide/get_best_practices function in server.py. The issue arises from manipulating the Language argument, which enables a path traversal condition. This can be exploited remotely over a n...

CVE-2026-7588 ggerve coding-standards-mcp server.py get_best_practices path traversal

A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function getstyleguide/getbestpractices of the file server.py. The manipulation of the argument Language results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and...

EUVD-2026-26704

A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function getstyleguide/getbestpractices of the file server.py. The manipulation of the argument Language results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and...

Coding Standards MCP Server 路径遍历漏洞

Coding Standards MCP Server is a coding specifications and best practices query tool for gerve individual developers. A path traversal vulnerability exists in Coding Standards MCP Server, which stems from a misbehavior of the getstyleguide/getbestpractices function with the parameter Language in...

PT-2026-36531

A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get style guide/get best practices of the file server.py. The manipulation of the argument Language results in path traversal. It is possible to launch the attack remotely. The exploit has been made public a...

Towards a Blockchain-Based CI/CD Framework to Enhance Security in Cloud Environments

Security is becoming a pivotal point in cloud platforms. Several divisions, such as business organisations, health care, government, etc., have experienced cyber-attacks on their infrastructures. This research focuses on security issues within Continuous Integration and Deployment CI/CD pipelines...

CVE-2025-47869

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats structure that stored remotely provided parameters had hardcoded buffer size which could lead to...

WordPress plugin WPCS injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An injection...

SQL Injection Vulnerability in SpringBlade of Shanghai Breadtech Co.

SpringBlade is a microservice architecture upgraded and optimized from a commercial-grade project, built with core technologies such as Spring Boot 2.5 and Spring Cloud 2020, and fully following Alibaba coding standards. Ltd. SpringBlade exists SQL injection vulnerability, attackers can use the...

What Developers Need to Fight the Battle Against Common Vulnerabilities

Today's threat landscape is constantly evolving, and now more than ever, organizations and businesses in every sector have a critical need to consistently produce and maintain secure software. While some verticals - like the finance industry, for example - have been subject to regulatory and...

“Oops, I insecurely coded again!”

The call is coming from inside the house It’s no secret that companies need to be vigilant about application security. However, frequently the source of application vulnerabilities may come as a surprise to security teams. While zero-day exploits are a principal focus of vulnerability mitigation...

CVE-2021-27501 Philips Vue PACS Improper Adherence to Coding Standards

Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities...

CVE-2021-27501 Philips Vue PACS Improper Adherence to Coding Standards

Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities...

Object injection via local phar file

This is a security release. SECURITY Fixes CVE-2020-36326, a regression of CVE-2018-19296 object injection introduced in 6.1.8, see SECURITY.md for details Reject more file paths that look like URLs, matching RFC3986 spec, blocking URLS using schemes such as ssh2 Ensure method signature consisten...

Siemens SCALANCE Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE Products Vulnerabilities: Improper Adherence to Coding Standards 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

Arbitrary shell execution

Security Advisory - This release contains a fix for a security advisory related to the improper handling of a shell command - A properly crafted filename would allow for arbitrary code execution when using the --filter=gitmodified command line option - All version 3 users are encouraged to upgrad...

Oracle Linux 5 : automake (ELSA-2014-1243)

From Red Hat Security Advisory 2014:1243 : An updated automake package that fixes one security issue is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

RedHat Update for automake RHSA-2014:1243-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Low: Red Hat Security Advisory: automake security update

An updated automake package that fixes one security issue is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

automake security update

CentOS Errata and Security Advisory CESA-2013:0526 An updated automake package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base...