154 matches found
EUVD-2026-42922
A user with Editor permissions can craft a dashboard whose table TableNG panel contains a malicious field name that executes as a script in the browser of any user who views the dashboard stored cross-site scripting...
CVE-2026-8595
CVE-2026-8595 describes a stored XSS in Grafana's TableNG panel. An Editor can craft a dashboard with a malicious field name, causing script execution in the browser for any viewer of that dashboard. Affected component: the TableNG panel in dashboards. Root cause: stored cross-site scripting via ...
CVE-2026-8595 Stored XSS in the table panel (TableNG)
A user with Editor permissions can craft a dashboard whose table TableNG panel contains a malicious field name that executes as a script in the browser of any user who views the dashboard stored cross-site scripting...
CVE-2026-14751
A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...
CVE-2026-14751
A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...
CVE-2026-7761 Ultimate Member <= 2.11.4 - Authenticated (Contributor+) Account Takeover via Password Reset Link Disclosure
The Ultimate Member plugin for WordPress is vulnerable to Account Takeover via Password Reset Link Disclosure in all versions up to and including 2.11.4. This is due to a chain of three logic bugs: 1 an MD5 hash fallback in getdirectorybyhash that allows any post to be used as a member directory ...
DEBIAN-CVE-2026-53537
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...
CVE-2026-53537
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...
python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters
Summary parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=..., and the filename0/filename1 continuation form is decoded and surfaced...
UBUNTU-CVE-2026-12143
form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the field argument to FormDataappend and the filename option are concatenated verbatim into the Content-Disposition header without escaping carriage return CR, line feed LF, or double-quote "...
PT-2026-47230
WordPress Plugin WP24 Domain Check 1.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the fieldnameDomain parameter. Attackers can inject JavaScript payloads through the plugin settings form at...
CVE-2026-46510
form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys e.g. namesub into nested objects without filtering proto, constructor, or prototype. A single HTTP form field whose name starts with proto... causes the library to mutate...
Uncaught Exception
Overview multiparty is a multipart/form-data parser which supports streaming Affected versions of this package are vulnerable to Uncaught Exception through the parsing of multipart/form-data requests containing field names that collide with inherited Object.prototype properties. An attacker can...
Uncaught Exception
Overview org.webjars.npm:multiparty is a multipart/form-data parser which supports streaming Affected versions of this package are vulnerable to Uncaught Exception through the parsing of multipart/form-data requests containing field names that collide with inherited Object.prototype properties. A...
CVE-2026-8053
An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issue results from an inconsistency in the internal field-name-to-index mapping within the time-series...
DEBIAN-CVE-2026-8161
[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a field name that collides with an inherited Object.prototype property such as proto, constructor, or toString, the parser invokes .push on the inherited...
CVE-2026-8161
[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a field name that collides with an inherited Object.prototype property such as proto, constructor, or toString, the parser invokes .push on the inherited...
PT-2026-40540
Name of the Vulnerable Software and Affected Versions protobufjs versions prior to 7.5.6 protobufjs versions prior to 8.0.2 Description protobufjs generates JavaScript property accessors from schema-controlled field and oneof names. Certain control characters in field names were not escaped befor...
BIT-GDAL-2026-8087 OSGeo gdal GDapi.c GDnentries heap-based overflow
A security flaw has been discovered in OSGeo gdal up to 3.13.0. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The exploi...
SUSE CVE-2026-8087
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The...