EUVD-2026-26237

Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example afterparse, beforeprint, or...

Malicious code in csv-module-mocha-lyra (npm)

The package csv-module-mocha-lyra was found to contain malicious code...

MAL-2025-17805 Malicious code in csv-module-mocha-lyra (npm)

The package csv-module-mocha-lyra was found to contain malicious code...

CVE-2024-9987 SQL Injection in CSV Module Data Collection

A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agentsmodulescsv functionality. This issue affects Pandora FMS: from 700 through 777.3...

CVE-2024-9987 SQL Injection in CSV Module Data Collection

A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agentsmodulescsv functionality. This issue affects Pandora FMS: from 700 through 777.3...

Internet Bug Bounty: integer overflow in the _csv module's join_append_data function

I described this vulnerability in detail in a mail to the PSRT. A copy of my email, plus the fix for this issue, can be found here: https://bugs.python.org/issue27758...