8 matches found
CVE-2026-6682
CVE-2026-6682 affects FatFs in R0.16 and earlier, where in mount_volume() a multiply operation fasize *= fs->n_fats can overflow, causing an integer wrap. This overflow can lead to attacker-controlled file-size metadata and unsafe read lengths in downstream callers. Impact described as CWE-190...
CVE-2026-53827
OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by...
CVE-2026-46546
CVE-2026-46546 affects Frappe Learning Management System (LMS) prior to version 2.53.0. An authenticated user could provide specially crafted content in editable fields, which surfaces in page metadata and causes visitors’ browsers to navigate to an attacker‑chosen URL. The issue has been patched...
CVE-2026-40472
In hackage-server, user-controlled metadata from .cabal files are rendered into HTML href attributes without proper sanitization, enabling stored Cross-Site Scripting XSS attacks...
UBUNTU-CVE-2026-5438
A gzip decompression bomb vulnerability exists when Orthanc processes HTTP request with Content-Encoding: gzip. The server does not enforce limits on decompressed size and allocates memory based on attacker-controlled compression metadata. A specially crafted gzip payload can trigger excessive...
CVE-2026-33978 Notesnook: Stored XSS in mobile share editor via unescaped web clip title metadata
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...
CVE-2025-14911
CVE-2025-14911 involves the mongo-c-driver (GridFS) where user-controlled chunkSize metadata can cause an integer overflow leading to a heap allocation failure. Affected component/file: GridFS handling in the mongo-c-driver, with the underlying issue being insufficient validation of the chunkSize...
Go-tuf Improperly handles multiple key IDs for the same public keys in attacker-controlled metadata
Issue If an attacker is able to control a threshold of keys to insert the same public key more than once with different key IDs into signed, trusted metadata on a TUF repository, then go-tuf clients 0.3.2 are susceptible to an attack where attackers can cause the same signature from the same publ...