9083 matches found
CVE-2026-39842
OpenRemote (IoT platform)
Regular Expression Denial of Service (ReDoS)
Overview giskard-checks is an Add your description here Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the re.search file. An attacker can cause the process to hang and impact system availability by supplying a crafted regular expression pattern ...
GHSA-RQ2Q-4R55-9877 Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check
Summary The RegexMatching check in the giskard-checks package passes a user-supplied regular expression pattern directly to Python's re.search without any timeout, complexity guard, or pattern validation. An attacker who can control the regex pattern or the text being matched can craft inputs tha...
Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check
Summary The RegexMatching check in the giskard-checks package passes a user-supplied regular expression pattern directly to Python's re.search without any timeout, complexity guard, or pattern validation. An attacker who can control the regex pattern or the text being matched can craft inputs tha...
Exploit for Improper Control of Dynamically-Managed Code Resources in N8N
n8n Expression Injection RCE Analysis CVE-2025-68613 This r...
GHSA-9PP3-53P2-WW9V @vendure/core has a SQL Injection vulnerability
Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query string parameter is interpolated directly into a raw SQL expression without parameterization or validation, allowing an attacker to execute arbitrary SQL against the database. This affec...
Expression Injection in OpenRemote
Summary The OpenRemote IoT platform's rules engine contains two interrelated critical expression injection vulnerabilities that allow an attacker to execute arbitrary code on the server, ultimately achieving full server compromise. - Unsandboxed Nashorn JavaScript Engine: JavaScript rules are...
EUVD-2026-22806
Expression Injection in OpenRemote...
GHSA-7MQR-33RV-P3MP Expression Injection in OpenRemote
Summary The OpenRemote IoT platform's rules engine contains two interrelated critical expression injection vulnerabilities that allow an attacker to execute arbitrary code on the server, ultimately achieving full server compromise. - Unsandboxed Nashorn JavaScript Engine: JavaScript rules are...
Uncontrolled Recursion
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Uncontrolled Recursion
Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Uncontrolled Recursion
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Uncontrolled Recursion
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...
Uncontrolled Recursion
Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Uncontrolled Recursion
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
GHSA-F4QM-VJ5J-9XPW ImageMagick has a Stack Overflow via Recursive FX Expression Parsing
A stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression...
Uncontrolled Recursion
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Uncontrolled Recursion
Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
EUVD-2026-22106
ImageMagick has a Stack Overflow via Recursive FX Expression Parsing...
Uncontrolled Recursion
Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...