Oracle WebLogic Server - Remote Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. id: CVE-2019-2725 info: name: Oracle WebLogic...

CVE-2026-3636

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to sanitize team member data when returned via API to users without elevated permissions which allows a user without permissions to get data about team members roles via invoking various team API...

EUVD-2026-31428

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to sanitize team member data when returned via API to users without elevated permissions which allows a user without permissions to get data about team members roles via invoking various team API...

CVE-2026-3636 Sanitize team member data returned by API

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to sanitize team member data when returned via API to users without elevated permissions which allows a user without permissions to get data about team members roles via invoking various team API...

Astra Linux - уязвимость в jsoup

jsoup is a Java HTML parser designed for HTML editing, cleaning, scraping, and XSS Cross-Site Scripting protection. However, jsoup may incorrectly sanitize HTML containing javascript: URLs, which could allow XSS attacks when a user clicks on those links. If the non-default...

CVE-2026-6735

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

Kimai vulnerable to formula Injection via tag names in XLSX export

Summary Any ROLEUSER can create a tag with a formula string as its name e.g. =SUM54+51 via POST /api/tags and assign it to a timesheet. When an admin exports timesheets to XLSX, ArrayFormatter.formatValue joins tag names with implode and returns the result unchanged. OpenSpout promotes any...

PT-2026-37313

Name of the Vulnerable Software and Affected Versions sse-channel versions prior to 4.0.1 Description Implementations that allow user-provided values to be passed to the event, retry, or id fields are susceptible to event spoofing. This allows an attacker to inject arbitrary Server-Sent Events SS...

Security Bulletin: jsPDF addImage Method Vulnerable to DoS via Malicious Image Dimensions

Summary jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful GIF file that...

PT-2026-28610

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.63 Parse Server versions prior to 9.7.0-alpha.7 Description The verify password endpoint returns unsanitized authentication data, including MFA TOTP secrets, recovery codes, and OAuth access tokens. An attack...

CVE-2026-33940

A flaw was found in Handlebars.js. A remote attacker can exploit this vulnerability by providing a specially crafted object within the template context. This crafted object, when processed by a dynamic partial lookup, can bypass security checks and be interpreted as malicious code. This allows th...

Towards Secure Retrieval-Augmented Generation: A Comprehensive Review of Threats, Defenses and Benchmarks

Retrieval-Augmented Generation RAG significantly mitigates the hallucinations and domain knowledge deficiency in large language models by incorporating external knowledge bases. However, the multi-module architecture of RAG introduces complex system-level security vulnerabilities. Guided by the R...

CVE-2026-3841 Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400

A command injection vulnerability has been identified in the Telnet command-line interface CLI of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. An authenticated attacker with elevated privileges may be able to execute...

Schneider Electric Modicon M241, M251, and M262

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

GO-2026-4524 Mattermost fails to sanitize sensitive data in WebSocket messages in github.com/mattermost/mattermost-server

Mattermost fails to sanitize sensitive data in WebSocket messages in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports fro...

Allocation of Resources Without Limits or Throttling

Overview jspdf is a PDF Document creation from JavaScript Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the addImage and html methods. An attacker can cause excessive memory allocation and application unavailability by supplying...

EUVD-2025-206981

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...

CVE-2023-4757

The Staff / Employee Business Directory for Active Directory WordPress plugin before 1.2.3 does not sanitize and escape data returned from the LDAP server before rendering it in the page, allowing users who can control their entries in the LDAP directory to inject malicious javascript which could...

CVE-2021-41917

webTareas version 2.4 and earlier allows an authenticated user to store arbitrary web script or HTML by creating or editing a client name in the clients section, due to incorrect sanitization of user-supplied data and achieve a Stored Cross-Site Scripting attack against the platform users and...

CVE-2020-7109

The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template...