82590 matches found
EUVD-2026-8753
Vikunja has Path Traversal in CLI Restore...
GHSA-42WG-38GX-85RH Vikunja has Path Traversal in CLI Restore
Summary Path Traversal Zip Slip and Denial of Service DoS vulnerability discovered in the Vikunja CLI's restore functionality. Details The restoreConfig function in vikunja/pkg/modules/dump/restore.go of the https://github.com/go-vikunja/vikunja/tree/main repository fails to sanitize file paths...
Fleet has an SQL Injection vulnerability via backtick escape in ORDER BY parameter
Summary A SQL Injection vulnerability in Fleet’s software versions API allowed authenticated users to inject arbitrary SQL expressions via the orderkey query parameter. Due to unsafe use of goqu.I when constructing the ORDER BY clause, specially crafted input could escape identifier quoting and b...
GHSA-49XW-VFC4-7P43 Fleet has an SQL Injection vulnerability via backtick escape in ORDER BY parameter
Summary A SQL Injection vulnerability in Fleet’s software versions API allowed authenticated users to inject arbitrary SQL expressions via the orderkey query parameter. Due to unsafe use of goqu.I when constructing the ORDER BY clause, specially crafted input could escape identifier quoting and b...
BIT-VALKEY-2025-67733 Valkey Affected by RESP Protocol Injection via Lua error_reply
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...
BIT-AIRFLOW-2024-56373 Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information
DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...
CVE-2026-3135
A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an unknown function of the file /admin/add-category.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been made...
CVE-2026-3134
A security flaw has been discovered in itsourcecode News Portal Project 1.0. The affected element is an unknown function of the file /newsportal/admin/edit-category.php. The manipulation of the argument Category results in sql injection. The attack may be performed from remote. The exploit has be...
CVE-2026-27887 Spin has memory leaks in various WIT interfaces
Spin is an open source developer tool for building and running serverless applications powered by WebAssembly. When Spin is configured to allow connections to a database or web server which could return responses of unbounded size e.g. tables with many rows or large content bodies, Spin may in so...
CVE-2026-27899 WireGuard Portal Vulnerable to Privilege Escalation to Admin via User Self-Update
WireGuard Portal or wg-portal is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. Aft...
CVE-2026-27840
ZITADEL is an open source identity management platform. Starting in version 2.31.0 and prior to versions 3.4.7 and 4.11.0, opaque OIDC access tokens in the v2 format truncated to 80 characters are still considered valid. Zitadel uses a symmetric AES encryption for opaque tokens. The cleartext...
CVE-2026-27840
Technical details for CVE-2026-27840 are not provided in the supplied documents. Monitor for updates and vendor advisories for Zitadel versions and remediation.
CVE-2026-26186 Fleet has a SQL injection via backtick escape in ORDER BY parameter
Fleet is open source device management software. A SQL injection vulnerability in versions prior to 4.80.1 allowed authenticated users to inject arbitrary SQL expressions via the orderkey query parameter. Due to unsafe use of goqu.I when constructing the ORDER BY clause, specially crafted input...
PT-2026-22138
SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the database that will be executed. This issue was fixed in [email protected] u06...
PT-2026-51781
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.4.0 Description Authenticated users with workflow creation permissions can inject arbitrary SQL through unescaped identifier values in node configuration parameters. This occurs because the MySQL, PostgreSQL, and...
PT-2026-22073
Spin is an open source developer tool for building and running serverless applications powered by WebAssembly. When Spin is configured to allow connections to a database or web server which could return responses of unbounded size e.g. tables with many rows or large content bodies, Spin may in so...
WordPress plugin WP SMS 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Allocation of Resources Without Limits or Throttling
Overview zae-limiter is a Rate limiting library backed by DynamoDB with token bucket algorithm Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the acquire function. An attacker can cause elevated latency and rejected requests for...
CVE-2026-27497 n8n has Potential Remote Code Execution via Merge Node
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could leverage the Merge node's SQL query mode to execute arbitrary code and write arbitrary files on the n8n server. The issues...
CVE-2026-27819
Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the restoreConfig function in vikunja/pkg/modules/dump/restore.go of the go-vikunja/vikunja repository fails to sanitize file paths within the provided ZIP archive. A maliciously crafted ZIP can bypass the...