cc.chensoul.nacos:nacos-distribution (=2.5.2), cn.sparrowmini:sparrow-org-service (=0.0.1) +625 more potentially affected by CVE-2026-22746 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.2)

org.springframework.security:spring-security-core MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =2.6.0 and more Source cves: CVE-2026-22746 Source advisory: OSV:GHSA-VXF7-QJ7Q-83FH...

Scoold 安全漏洞

Scoold is a team-based Q&A and knowledge-sharing platform developed by Erudika. Versions of Scoold prior to 1.66.2 contained security vulnerabilities. These vulnerabilities were due to authorization flaws, which could allow low-privilege users to override the permissions of other users...

cc.chensoul.nacos:nacos-distribution (=2.5.2), com.buession.security:buession-security-spring (>=3.0.0 <=3.0.1) +521 more potentially affected by CVE-2026-22732 via org.springframework.security:spring-security-web (>=5.8.0 <=5.8.16)

org.springframework.security:spring-security-web MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =4.5.0, =4.5.0, =4.5.1 and more Source cves: CVE-2026-22732 Source advisory: OSV:GHSA-MF92-479X-3373...

EUVD-2022-24839

Malicious code in bioql PyPI...

EUVD-2022-2323

Malicious code in bioql PyPI...

EUVD-2022-4776

Malicious code in bioql PyPI...

com.erudika:para-jar (>=1.30.0 <=1.50.7), com.erudika:para-war (>=1.24.4 <=1.49.5) potentially affected by CVE-2025-49009 via com.erudika:para-server (>=1.24.4 <=1.50.7)

com.erudika:para-server MAVEN version =1.24.4, =1.30.0, =1.24.4, =1.49.5 Source cves: CVE-2025-49009 Source advisory: OSV:GHSA-QX7G-FX8Q-545G...

com.erudika:para-jar (>=1.30.0 <=1.50.7), com.erudika:para-war (>=1.24.4 <=1.49.5) potentially affected by CVE-2025-49009 via com.erudika:para-server (>=1.24.4 <=1.50.7)

com.erudika:para-server MAVEN version =1.24.4, =1.30.0, =1.24.4, =1.49.5 Source cves: CVE-2025-49009 Source advisory: SNYK:JAVA-COMERUDIKA-10304840...

para 日志信息泄露漏洞

para is a multi-tenant backend server open-sourced by Erudika for rapidly building web and mobile applications. A log information disclosure vulnerability exists in versions prior to para 1.50.8, which stems from explicit logging of access tokens in the logs, which could lead to token disclosure...

para 日志信息泄露漏洞

para is a multi-tenant backend server open-sourced by Erudika for rapidly building web and mobile applications. A log information disclosure vulnerability exists in versions prior to para 1.50.8, which stems from the failure to desensitize access keys and secret keys in logs, which could lead to...

com.erudika:para-jar (>=1.30.0 <=1.50.7), com.erudika:para-war (>=1.24.4 <=1.49.5) potentially affected by CVE-2025-48955 via com.erudika:para-server (>=1.24.4 <=1.50.7)

com.erudika:para-server MAVEN version =1.24.4, =1.30.0, =1.24.4, =1.49.5 Source cves: CVE-2025-48955 Source advisory: OSV:GHSA-V75G-77VF-6JJQ...

CVE-2022-1848

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

CVE-2022-1782

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

CVE-2022-1848

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

CVE-2022-1848

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

Code injection

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

CVE-2022-1848 Business Logic Errors in erudika/para

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

CVE-2022-1848

CVE-2022-1848 affects the Erudika Para project prior to version 1.45.11. Multiple connected sources describe a business logic error, including a race condition in com.erudika:para-core (validateObject) that can allow a user to abuse account/app-related logic. This is documented across sources (Gi...

CVE-2022-1848 Business Logic Errors in erudika/para

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11...

Erudika Para 安全漏洞

Erudika Para is a command line interface from Erudika Bulgaria. A security vulnerability exists in Erudika Para prior to version 1.45.11 that stems from a business logic error...