CVE-2026-44635

Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters ., , , , , ?. When attacker-controlled input flows into eb.refcol, '-$'.keyinput or .atinput — including type-safe code where the JSON column ...

CLSA-2026-1778129970 python3.11: Fix of 7 CVEs

CVE-2026-0672: reject control characters in http.cookies cookie names, values, and parameters to prevent header injection - CVE-2026-3644: reject control characters in Morsel.update, |= operator, and unpickling paths missed by CVE-2026-0672; add output validation to BaseCookie.jsoutput -...

Important: ecs-service-connect-agent

Issue Overview: Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead o...

PT-2026-31941

Name of the Vulnerable Software and Affected Versions Apache Log4j 1-to-Log4j 2 bridge versions prior to 2.25.4 Description The Log4j1XmlLayout component fails to escape characters forbidden by the XML 1.0 standard, resulting in malformed XML output. Because conforming XML parsers must reject...

EUVD-2026-4660

vm2 is an open source vm/sandbox for Node.js. In vm2 prior to version 3.10.2, Promise.prototype.then Promise.prototype.catch callback sanitization can be bypassed. This allows attackers to escape the sandbox and run arbitrary code. In lib/setup-sandbox.js, the callback function of...

CVE-2025-61912

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...

python-ldap 安全漏洞

python-ldap is a python foundation LDAP client API for Python. A security vulnerability exists in python-ldap versions prior to 3.4.5, which stems from the ldap.dn.escapednchars function incorrectly escaping x00, which could lead to a client denial of service...

PT-2025-41610

Name of the Vulnerable Software and Affected Versions python-ldap versions prior to 3.4.5 Description python-ldap is a lightweight directory access protocol LDAP client API for Python. The ldap.dn.escape dn chars function incorrectly escapes x00 by emitting a backslash followed by a literal NUL...

SUSE CVE-2005-3258

The rfc1738doescape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service segmentation fault via certain "odd" responses...

Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices

Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple's operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. "An attacker could take advantage of this sandbox escape vulnerability to gain...

CVE-2022-0250

The Redirection for Contact Form 7 WordPress plugin before 2.5.0 does not escape a link generated before outputting it in an attribute, leading to a Reflected Cross-Site Scripting...

GHSA-5FG8-2547-MR8Q Misinterpretation of malicious XML input

Impact xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. Patches Update to one of the fixed versions of @xmldom/xmld...

RHEL 3 : gaim (RHSA-2004:400)

An updated gaim package that fixes several security issues is now available. Gaim is an instant messenger client that can handle multiple protocols. Buffer overflow bugs were found in the Gaim MSN protocol handler. In order to exploit these bugs, an attacker would have to perform a man in the...