Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the adminLoad.handleLoad process. An attacker can modify the running configuration and alter server behavior by sending cross-origin requests to the local admin API when origin enforcement is not...

Server-side Request Forgery (SSRF)

Overview payload is a Node, React and MongoDB Headless CMS and Application Framework Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the external file upload endpoint due to insufficient validation of HTTP redirects. An attacker can access internal network...

CVE-2026-1773

CVE-2026-1773 impacts IEC 60870-5-104 stack when bi-directional functionality is configured. The issue is a Denial of Service caused by receiving an invalid U-format frame, with impact to availability (HIGH) and no confidentiality/integrity impacts. The vulnerability is exploitable via network wi...

CVE-2026-1773

IEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates...

PT-2026-21677

Name of the Vulnerable Software and Affected Versions IEC 60870-5-104 affected versions not specified Description The software may experience a denial of service when receiving invalid U-format frames. The issue affects products only if the IEC 60870-5-104 bi-directional functionality is...

PT-2026-21760

Name of the Vulnerable Software and Affected Versions Payload versions prior to 3.75.0 Description Payload is a free and open source headless content management system. A Server-Side Request Forgery SSRF issue exists in the external file upload functionality. Insufficient validation of HTTP...

CVE-2026-27469

Isso is a lightweight commenting server written in Python and JavaScript. In commits before 0afbfe0691ee237963e8fb0b2ee01c9e55ca2144, there is a stored Cross-Site Scripting XSS vulnerability affecting the website and author comment fields. The website field was HTML-escaped using quote=False, whi...

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

CVE-2026-27579

CollabPlatform is a full-stack, real-time doc collaboration platform. In all versions of CollabPlatform, the Appwrite project used by the application is misconfigured to allow arbitrary origins in CORS responses while also permitting credentialed requests. An attacker-controlled domain can issue...

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

BIT-GRAFANA-2026-21722 Public Dashboards time range restriction on annotations can be bypassed

Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any...

Command Injection

Apache Airflow is vulnerable to Command Injection. The vulnerability is due to a non-validated parameter in the exampledagdecorator example DAG, which allows an attacker to redirect execution to a malicious server and execute arbitrary code on a worker when example DAGs are enabled...

Cross-site Request Forgery (CSRF)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the mutation endpoints exposed on loopback addresses without proper Origin or Referer validation. An attacker can cause unauthorized state changes, suc...

Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability

Synacor Zimbra Collaboration Suite ZCS contains a server-side request forgery vulnerability if WebEx zimlet installed and zimlet JSP is enabled...

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

CVE-2025-32063

CVE-2025-32063 describes a misconfiguration in the Bosch Infotainment ECU. During startup of a specific systemd service, developer features are activated: firewall can be disabled and an SSH server is started. Identified on Nissan Leaf ZE1 (2020). CVSSv3.1 base score 6.8 (MEDIUM) with physical ac...

CVE-2025-32063 Enabling SSH server on Infotainment ECU

There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activated: the disabled firewall and the launched SSH server...

Authentication Bypass on FastAPI Routes (Job API, OTel API) When Basic Auth Enabled

Summary When MLflow is started with authentication enabled --app-name basic-auth and served via uvicorn ASGI, the FastAPI permission middleware only enforces authentication on /gateway/ routes. All other FastAPI routes -- including the Job API /ajax-api/3.0/jobs/ and the OpenTelemetry trace...

CVE-2025-15157 Starfish Review Generation & Marketing for WordPress <= 3.1.19 - Authenticated (Subscriber+) Arbitrary Options Update via srm_restore_options_defaults

The Starfish Review Generation & Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'srmrestoreoptionsdefaults' function in all versions up to, and including, 3.1.19. This...

CVE-2026-24044

Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...