Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-32701

Qwik is a performance-focused JavaScript framework. Versions prior to 1.19.2 improperly inferred arrays from dotted form field names during FormData parsing. By submitting mixed array-index and object-property keys for the same path, an attacker could cause user-controlled properties to be writte...

7.5CVSS5.8AI score0.00427EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/20 3:56 p.m.11 views

EUVD-2026-13639

Qwik City has array method pollution in FormData processing allows type confusion and DoS...

7.5CVSS5.8AI score0.00427EPSS
Exploits0References3
NVD
NVD
added 2026/03/20 9:16 a.m.7 views

CVE-2026-32701

Qwik is a performance-focused JavaScript framework. Versions prior to 1.19.2 improperly inferred arrays from dotted form field names during FormData parsing. By submitting mixed array-index and object-property keys for the same path, an attacker could cause user-controlled properties to be writte...

7.5CVSS0.00427EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 8:52 a.m.4 views

CVE-2026-32701

Qwik is a performance-focused JavaScript framework. Versions prior to 1.19.2 improperly inferred arrays from dotted form field names during FormData parsing. By submitting mixed array-index and object-property keys for the same path, an attacker could cause user-controlled properties to be writte...

7.5CVSS5.9AI score0.00427EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.9 views

PT-2026-26593

Summary Qwik City improperly inferred arrays from dotted form field names during FormData parsing. By submitting mixed array-index and object-property keys for the same path, an attacker could cause user-controlled properties to be written onto values that application code expected to be arrays...

7.5CVSS5.9AI score0.00427EPSS
Exploits0References7
Rows per page
Query Builder