Label Studio < 1.16.0 - Cross-Site Scripting

Label Studio prior to version 1.16.0 contains a cross-site scripting caused by rendering unsanitized user-provided HTML in the /projects/upload-example endpoint, letting attackers execute arbitrary JavaScript via crafted labelconfig in a GET request, exploit requires victims to visit malicious UR...

Apache Tomcat Examples Web Application - Cross-Site Scripting

Apache Tomcat 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22, and 10.1.0-M1 to 10.1.0-M16 contain a reflected cross-site scripting caused by displaying unfiltered user data in the Form authentication example, letting attackers execute scripts in victim browsers, exploit requires attacke...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for May 2026

Summary Multiple vulnerabilities were addressed in IBM Process Mining 2.1.1 IF002 Vulnerability Details CVEID:CVE-2026-7246 DESCRIPTION: Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands...

CVE-2026-41697

Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...

EUVD-2026-35893

Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...

CVE-2026-41697

Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...

VMware Spring Data Relational 安全漏洞

VMware Spring Data Relational is a relational database access framework developed by VMware, Inc. There is a security vulnerability in VMware Spring Data Relational, which stems from the improper escaping of external control inputs when using StringMatcher in Query By Example. Attackers can use...

CVE-2026-41697 Spring Data Relational Parameter not Escaped for Query By Example LIKE Pattern

Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...

CVE-2026-41697 Spring Data Relational Parameter not Escaped for Query By Example LIKE Pattern

Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...

CVE-2026-41697

CVE-2026-41697 affects Spring Data Relational/JDBC/R2DBC across multiple versions (4.0.0–4.0.5; 3.5.0–3.5.11; 3.4.0–3.4.14; 3.3.0–3.3.16; 3.2.0–3.2.15; 3.1.0–3.1.14; 3.0.0–3.0.15; 2.4.0–2.4.19). The root cause is improper escaping of binding values for StringMatcher (STARTING, ENDING, CONTAINING)...

Malicious code in @doaction/example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5632bd1a9818c4a4af54e5297d40c10279d83e702ee5f59fa9bd50c52a33e0bd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5371 Malicious code in @doaction/example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5632bd1a9818c4a4af54e5297d40c10279d83e702ee5f59fa9bd50c52a33e0bd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @doaction/example is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

PT-2026-48313

Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via Query By Example QBE StringMatcher handling. An attacker can perform boolean-based blind data inference by supplying wildcard characters in externally controlled input used to populate a QBE probe. When...

PT-2026-46857

Impact Any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g., following the production Docker example in the README, this is exploitable from the local network without...

org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (=1.3.0) +2 more potentially affected by CVE-2026-49157 via org.apache.activemq:apache-activemq (=5.0.0)

org.apache.activemq:apache-activemq MAVEN version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.activemq:apache-activemq and may be impacted: - org.apache.axis2:axis2-integration =1.4 - org.apache.camel:camel-example-cxf =1.3.0 -...

UBUNTU-CVE-2026-46209

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer division: unsigned int width = modecmd-width / i ? info-hsub : 1;...

Exploit for CVE-2026-9256

It should be noted that the /api route used by default in the Po...

Exploit for OS Command Injection in Olivetin

cve-2025-50946 Exploit script for CVE-2025-50946...