EUVD-2026-25108

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.20 and 6.13.0, manipulating query parameters on Control Panel and REST API endpoints, or arguments in GraphQL queries, could result in the loss of content, assets, and user accounts. The Control Panel...

CVE-2026-41175

Statamic CMS (Laravel/Git-based) prior to 5.73.20 and 6.13.0 is affected. The issue stems from unsafe method invocation during query value resolution, enabling data destruction via manipulated query parameters on Control Panel, REST API endpoints, or GraphQL queries. Exploitation requires REST/Gr...

PT-2026-34571

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.20 and 6.13.0, manipulating query parameters on Control Panel and REST API endpoints, or arguments in GraphQL queries, could result in the loss of content, assets, and user accounts. The Control Panel...

Statamic 安全漏洞

Statamic is a powerful flat-file CMS built using Laravel by Statamic Inc. It allows all content, templates, assets, and settings to be stored in files rather than in a database. There were security vulnerabilities in versions prior to Statamic 5.73.20 and 6.13.0, which stemmed from insufficient...

EUVD-2018-3940

Malware in sbrugna...

EUVD-2025-20993

Malicious code in bioql PyPI...

Expected Behavior Violation

Overview llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Expected Behavior Violation via the DocugamiReader class. An attacker can cause loss of important document content, disrupt parent-child chunk hierarchies, and lead to inaccurate AI...

Expected Behavior Violation

Overview llama-index-readers-docugami is a llama-index readers docugami integration Affected versions of this package are vulnerable to Expected Behavior Violation via the DocugamiReader class. An attacker can cause loss of important document content, disrupt parent-child chunk hierarchies, and...

CVE-2025-6211

A vulnerability in the DocugamiReader class of the run-llama/llamaindex repository, up to version 0.12.28, involves the use of MD5 hashing to generate IDs for document chunks. This approach leads to hash collisions when structurally distinct chunks contain identical text, resulting in one chunk...

CVE-2025-6211

CVE-2025-6211 affects the DocugamiReader class in the run-llama/llama_index project (up to v0.12.28). It uses MD5 to generate IDs for document chunks, which can collide when chunks have identical text but different structure, causing one chunk to overwrite another and potentially losing semantica...

PT-2025-29091 · Unknown · Llama Index

Name of the Vulnerable Software and Affected Versions: llama index versions up to 0.12.28 Description: A vulnerability exists in the DocugamiReader class of the llama index repository. The use of MD5 hashing to generate IDs for document chunks can lead to hash collisions when structurally distinc...

Kirby has insufficient permission checks in the language settings

TL;DR This vulnerability affects all Kirby sites with enabled languages option that might have potential attackers in the group of authenticated Panel users. If you have disabled the languages and/or api option and don't call any methods in your code that cause a write access to languages languag...

GHSA-JM9M-RQR3-WFMH Kirby has insufficient permission checks in the language settings

TL;DR This vulnerability affects all Kirby sites with enabled languages option that might have potential attackers in the group of authenticated Panel users. If you have disabled the languages and/or api option and don't call any methods in your code that cause a write access to languages languag...

CVE-2021-41271

CVE-2021-41271 affects Discourse; a maliciously crafted request could cause an error response to be cached by intermediate proxies, leading to partial loss of content confidentiality. The issue is described as affecting affected Discourse versions, with remediation implemented in the latest stabl...