Mattermost doesn't escape some variables that could contain malicious content during error page composition

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit some site configuration to execute some malicious code via injecting some JS as part of those...

Glances has CQL Injection in its Cassandra Export Module via Unsanitized Config Values

Summary The Cassandra export module glances/exports/glancescassandra/init.py interpolates keyspace, table, and replicationfactor configuration values directly into CQL statements without validation. A user with write access to glances.conf can redirect all monitoring data to an attacker-controlle...

CVE-2026-35588 Glances has CQL Injection in its Cassandra Export Module via Unsanitized Config Values

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module glances/exports/glancescassandra/init.py interpolates keyspace, table, and replicationfactor configuration values directly into CQL statements without validation. A user with write...

CVE-2026-35588 Glances has CQL Injection in its Cassandra Export Module via Unsanitized Config Values

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module glances/exports/glancescassandra/init.py interpolates keyspace, table, and replicationfactor configuration values directly into CQL statements without validation. A user with write...

Insertion of Sensitive Information into Log File

Overview org.apache.kafka:kafka-clients is a streaming platform that can publish and subscribe to streams of records, store streams of records in a fault-tolerant durable way, and process streams of records as they occur. Affected versions of this package are vulnerable to Insertion of Sensitive...

CVE-2026-39336

ChurchCRM prior to 7.1.0 is affected by a stored XSS in HTML attributes driven by unescaped config values, impacting Directory Reports fields, Person editor defaults, and external self-registration defaults. Root cause is abuse of writable configuration fields in an admin-to-admin path. The issue...

CVE-2026-39336 ChurchCRM has Stored XSS from unescaped config values in HTML attributes

ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored cross-site scripting issue affects the Directory Reports form fields set from config, Person editor defaults rendered into address fields, and external self-registration form defaults. This is primarily an admin-to-adm...

CVE-2026-39336 ChurchCRM has Stored XSS from unescaped config values in HTML attributes

ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored cross-site scripting issue affects the Directory Reports form fields set from config, Person editor defaults rendered into address fields, and external self-registration form defaults. This is primarily an admin-to-adm...

CVE-2026-33406

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, configuration values from the /api/config endpoint are placed directly into HTML value="" attributes without escaping in settings-advanced.js,...

EUVD-2026-19285

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, configuration values from the /api/config endpoint are placed directly into HTML value="" attributes without escaping in settings-advanced.js,...

CVE-2026-33406 Pi-hole has a Stored HTML attribute injection

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, configuration values from the /api/config endpoint are placed directly into HTML value="" attributes without escaping in settings-advanced.js,...

CVE-2026-33406 Pi-hole has a Stored HTML attribute injection

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, configuration values from the /api/config endpoint are placed directly into HTML value="" attributes without escaping in settings-advanced.js,...

glances 安全漏洞

Glances is a system monitoring tool developed by Nicolas Hennion. Versions of Glances prior to 4.5.3 contained security vulnerabilities; these vulnerabilities stemmed from the dynamic execution of system commands based on configuration values, which could lead to privilege escalation...

CVE-2026-33886

Statamic is a Laravel and Git powered content management system CMS. Starting in version 5.7.12 and prior to versions 5.73.16 and 6.7.2, a control panel user with access to Antlers-enabled fields could access sensitive application configuration values by inserting config variables into their...

CVE-2026-33886 Statamic's sensitive configuration values are exposed to content editors via Antlers-enabled fields

Statamic is a Laravel and Git powered content management system CMS. Starting in version 5.7.12 and prior to versions 5.73.16 and 6.7.2, a control panel user with access to Antlers-enabled fields could access sensitive application configuration values by inserting config variables into their...

CVE-2019-25611

CVE-2019-25611 affects MiniFtp (miniftpd). The vulnerability is a stack buffer overflow in the function parseconf_load_setting triggered by oversized configuration values in miniftpd.conf (values >128 bytes). This can allow a local attacker to execute arbitrary code with root privileges. The i...

PT-2026-26999

MiniFtp contains a buffer overflow vulnerability in the parseconf load setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can craft a miniftpd.conf file with values exceeding 128 bytes to overflow stack buffers and overwri...

UBUNTU-CVE-2026-33154

dynaconf is a configuration management tool for Python. Prior to version 3.2.13, Dynaconf is vulnerable to Server-Side Template Injection SSTI due to unsafe template evaluation in the @Jinja resolver. When the jinja2 package is installed, Dynaconf evaluates template expressions embedded in...

CVE-2026-25041

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.23.22 and earlier, the PostgreSQL integration constructs shell commands using user-controlled configuration values database name, host, password, etc. without proper sanitization. The password and other...

GHSA-8MH7-PHF8-XGFM OpenClaw skills.status could leak secrets to operator.read clients

Summary skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for skill requires.config paths. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.14...