CVE-2026-45179

Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no...

CVE-2025-71310

The CVE 2025-71310 affects the GDPR cookies module for Backdrop CMS (before 1.x-1.3.5). The vulnerability is an XSS risk triggered when a malicious value is supplied in the optional YouTube service’s Info content field, under the condition that an attacker has either the "Create a GDPR Cookies Se...

CVE-2026-45179

Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no...

CVE-2025-11437

A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the component Form Editor. This manipulation causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. This issue is currentl...

Ensure That the umask Value Is Correct

The umask value is the mask for default file or directory permissions. When a file or directory is created, its default permission is set to 777 minus the umask value. For a file, its execute permission is also removed. If the umask value is set improperly, the permission of new files may be too...