7 matches found
CVE-2026-34033
CVE-2026-34033 affects Apache Answer up to version 2.0.0. The issue is an HTML content injection (basic XSS) where user-supplied content included in notification emails was not properly escaped, allowing authenticated users to inject arbitrary HTML into emails sent to other users. The CVSS vector...
EUVD-2002-1750
Malware in sbrugna...
EUVD-2024-48392
Malicious code in bioql PyPI...
CVE-2025-57733
JetBrains TeamCity prior to 2025.07.1 is vulnerable to a sMTP injection that can modify email content. The CVE-2025-57733 entry is corroborated by multiple connected sources, including Red Hat advisory and PT Security, which list TeamCity
CVE-2024-7472
lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API /v1/users/send-verification and Sign up API /auth/signup. An unauthenticated attacker can inject data into outgoing emails by bypassing the extractFirstName function using a different whitespace...
Lunary Email Injection Vulnerability
lunary is lunary open source a production toolkit for LLM . An email injection vulnerability exists in lunary, which allows an unauthenticated attacker to inject data into an outgoing email by bypassing the function using different space characters. No detailed vulnerability details are provided ...
CVE-2024-7472 Email Injection Vulnerability in lunary-ai/lunary
lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API /v1/users/send-verification and Sign up API /auth/signup. An unauthenticated attacker can inject data into outgoing emails by bypassing the extractFirstName function using a different whitespace...