6062 matches found
T24 Web Server - Local File Inclusion
T24 web server is vulnerable to unauthenticated local file inclusion that permits an attacker to exfiltrate data directly from server. id: CVE-2019-14251 info: name: T24 Web Server - Local File Inclusion author: 0xAkoko severity: high description: T24 web server is vulnerable to unauthenticated...
CVE-2026-44767 Allowlist Bypass in setThemeRoot() Enables Cross-Origin CSS Injection
setThemeRoot failed to enforce the sap-allowed-theme-origins allowlist. An attacker-controlled absolute cross-origin URL could be stored and used directly to construct a element, even when no tag was present in the document. The same bypass was reachable via the ?sap-themeRoot URL...
EUVD-2026-43597
setThemeRoot failed to enforce the sap-allowed-theme-origins allowlist. An attacker-controlled absolute cross-origin URL could be stored and used directly to construct a element, even when no tag was present in the document. The same bypass was reachable via the ?sap-themeRoot URL...
PYSEC-2026-2946 PraisonAI: Coarse-Grained Tool Approval Cache Bypasses Per-Invocation Consent for Shell Commands
Summary The approval system in PraisonAI Agents caches tool approval decisions by tool name only, not by invocation arguments. Once a user approves executecommand for any command e.g., ls -la, all subsequent executecommand calls in that execution context bypass the approval prompt entirely...
Malicious code in kuaishou (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd1d5daf09cc7bfff164e60bf5abd0a1b374b5bb616f0a78cac8f6c6ea613608 The package's prepare lifecycle script, which runs automatically on npm install, collects host, user, and platform identifiers along with the full...
GeoServer WFS - XXE Processing Vulnerability
GeoServer Web Feature Service WFS is vulnerable to an XML External Entity XXE processing attack due to improper handling of XML input. This vulnerability allows attackers to perform Out-of-Band OOB data exfiltration and Server-Side Request Forgery SSRF by exploiting the GeoTools library. id:...
MAL-2026-10232 Malicious code in salesforce-vscode-slds (npm)
The salesforce-vscode-slds package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a...
MAL-2026-10234 Malicious code in slds-lsp-client (npm)
The slds-lsp-client package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Salesforce SLD...
Malicious code in babel-preset-lib-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4274de0136aa69f8b0f4eba03412c7809a1b8c2446bb3ed7f6de1333475aa4c4 index.js, the package main, runs a load-time IIFE that collects OS platform and architecture, hostname, username, private and public IP via...
Malicious code in metemask-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a99855c93b46f7b996a005065c319bbb24c9d1f497d05dfd38fc83d1b21facdd metemask-sdk is a typosquat of the legitimate metamask-sdk package. On import, the top-level init.py performs an outbound HTTP fetch to...
Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install
The jscrambler npm package was compromised, and simply installing its 8.14.0 release runs an infostealer on your machine. Published on July 11, 2026, the malicious version carries a preinstall hook that drops and executes a native binary, one build each for Windows, macOS, and Linux. Socket flagg...
CVE-2025-5017
The Catalyst Connect Zoho CRM Client Portal plugin for WordPress is vulnerable to time-based SQL Injection via the ‘uid’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
CVE-2026-10628
The Points and Rewards for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.10.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...
EUVD-2026-43123
The Points and Rewards for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.10.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...
CVE-2026-10628
The CVE concerns the WordPress plugin Points and Rewards for WooCommerce (affected: all versions up to 2.10.0). It describes an authorization bypass in which authenticated users with subscriber-level access and above can perform arbitrary modifications via multiple AJAX actions. Core implications...
Malicious code in auth-next-gen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe0926f0a2c1f47072efaac014be38bb00c8e9f31f59badf188b1ed74dd5c2ce On require of auth-next-gen, index.js loads lib/writer.js, which at module top level performs an axios GET against a base64-obfuscated URL...
CVE-2026-55405
LangChain4j is a Java library for building LLM-powered applications on the JVM. Prior to 1.2.1-beta8, 1.5.1-beta11, 1.11.8-beta19, and 1.16.3-beta26, the MariaDB and pgvector embedding stores build metadata-filter SQL by string-concatenating filter keys, and in MariaDB string values, directly int...
CVE-2026-47199 Frappe: check_safe_sql_query Permits SELECT INTO OUTFILE
Frappe is a full-stack web application framework. Prior to 16.18.3 and 15.108.0, checksafesqlquery permitted SELECT INTO OUTFILE queries, which could potentially work on self-hosted sites if database permissions are not well aligned and MySQL FILE privileges are available. This issue is fixed in...
CVE-2026-57230 OpenReplay: Authenticated ClickHouse SQL injection via session search
OpenReplay is a self-hosted session replay suite. Prior to 1.27.0, the session search and analytics API in enterprise editions with multi-tenancy enabled built ClickHouse queries by inserting user input into the query string, including two positions that took input without escaping, allowing an...
CVE-2026-57230 OpenReplay: Authenticated ClickHouse SQL injection via session search
OpenReplay is a self-hosted session replay suite. Prior to 1.27.0, the session search and analytics API in enterprise editions with multi-tenancy enabled built ClickHouse queries by inserting user input into the query string, including two positions that took input without escaping, allowing an...