CVE-2026-23947 Orval MCP client is vulnerable to code injection via unsanitized x-enum-descriptions in enum generation

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

PT-2026-3522

Name of the Vulnerable Software and Affected Versions Orval versions 7.10.0 through 8.0.2 Description Orval, a tool for generating type-safe JavaScript clients from OpenAPI specifications, is affected by an arbitrary code execution issue. Untrusted OpenAPI specifications can inject arbitrary...

CVE-2026-21505

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

CVE-2026-21505

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

CVE-2026-21505 iccDEV has Undefined Behavior (UB) - Invalid Enum Value

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

CVE-2026-21505

iccDEV is affected by undefined behavior caused by an invalid enum value in all versions before 2.3.1.2. The issue is mitigated by upgrading to version 2.3.1.2 or later. The available sources consistently state the vulnerability is addressed in 2.3.1.2, with no additional exploitation details pro...

CVE-2026-21505 iccDEV has Undefined Behavior (UB) - Invalid Enum Value

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

CVE-2026-21505 iccDEV has Undefined Behavior (UB) - Invalid Enum Value

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

Malicious code in const-enum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a75bfbf64070500e046f70ab9f4422cd37764182dfa1c2d841bdbff803b4e24 The package const-enum was found to contain malicious code. Source: ghsa-malware b9e5e7ad6ed97cfa1d1a71c51090aa5350d5166494a11fa6e6c9bbdad50dfc28 Any...

MAL-2026-103 Malicious code in const-enum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a75bfbf64070500e046f70ab9f4422cd37764182dfa1c2d841bdbff803b4e24 The package const-enum was found to contain malicious code. Source: ghsa-malware b9e5e7ad6ed97cfa1d1a71c51090aa5350d5166494a11fa6e6c9bbdad50dfc28 Any...

EUVD-2026-1375

Malicious code in const-enum npm...

Malicious Package

Overview const-enum is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

PT-2026-2071

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools used for interacting with, manipulating, and applying ICC color management profiles. Versions prior to 2.3.1.2 exhibit undefined behavior due to an invalid enu...

Nginx Sites Enumeration

Binary data nginxenumsites.nbin...

EUVD-2022-55854

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odneditdpmtable callback With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sur...

CVE-2022-50844

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odneditdpmtable callback With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sur...

CVE-2022-50844

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odneditdpmtable callback With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sur...

UBUNTU-CVE-2022-50844

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odneditdpmtable callback With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sur...

CVE-2022-50844 drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odneditdpmtable callback With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sur...

PT-2025-53962

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to an incorrect function pointer type in the odn edit dpm table callback within the drm/amdgpu subsystem. Specifically, the second parameter...