CVE-2026-48716 nanobot: Path traversal via unsanitized WhatsApp document fileName enables arbitrary file write

nanobot is a personal AI assistant. In versions 0.1.5.post3 and prior, the WhatsApp bridge in bridge/src/whatsapp.ts constructs a filesystem path using the fileName field from an incoming WhatsApp document message without sanitization. The WhatsApp bridge downloads media attachments and writes th...

EUVD-2022-50180

Malicious code in bioql PyPI...

CVE-2022-47417

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...

Cross site scripting

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...

CVE-2022-47417 LogicalDOC Document File Name Stored XSS

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...

CVE-2022-47417 LogicalDOC Document File Name Stored XSS

LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...