CVE-2026-28216 hoppscotch has IDOR in updateUserEnvironment / deleteUserEnvironment

hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. user-environments.resolver.ts:82-109, updateUserEnvironment mutation uses @UseGuardsGqlAuthGuard but is missing the @GqlUser...

CVE-2024-42029

The vulnerability CVE-2024-42029 affects xdg-desktop-portal-hyprland (Hyprland backend) prior to 1.3.3. Root cause: OS command execution is possible because single quotes are not used when sending a list of app IDs and titles via the environment. Impact: potential command execution with low privi...

cpython environment issue vulnerability

cpython is the Python Foundation's Python interpreter implemented in the C language. An environment issue vulnerability exists in cpython, which can be exploited to allow an attacker to separate query parameters using a semicolon ;, resulting in a malicious request being cached as a completely sa...

CVE-2018-21063

An issue was discovered on Samsung mobile devices with M6.0, N7.x, and O8.x Exynos chipsets software. Keymaster has an architectural problem because tlApi in TEE is not properly protected. The Samsung ID is SVE-2018-11792 August 2018...