CVE-2026-42044

A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could le...

EUVD-2026-25609

Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in parseReviver...

OpenEMR 跨站脚本漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.3 had a cross-site scripti...

SAP BW/4HANA 安全漏洞

SAP BW/4HANA is a packaged data warehouse based on SAP HANA from SAP, Germany. A security vulnerability exists in SAP BW/4HANA that stems from the possibility of exposing unauthorized cell values to data responses...

USN-6111-1: Flask vulnerability

It was discovered that Flask incorrectly handled certain data responses. An attacker could possibly use this issue to expose sensitive information...