Exploit for Download of Code Without Integrity Check in Gin-Gonic Gin

gin-vulnerable Demo consumer pinned to github.c...

CVE-2026-35451

Twenty is an open source CRM. Prior to 1.20.6, a Stored Cross-Site Scripting XSS vulnerability exists in the BlockNote editor component. Due to a lack of protocol validation in the FileBlock component and insufficient server-side inspection of block content, an attacker can inject a javascript: U...

GO-2026-4851 Vikunja has SSRF via Todoist/Trello Migration File Attachment URLs that Allows Reading Internal Network Resources in code.vikunja.io/api

Vikunja has SSRF via Todoist/Trello Migration File Attachment URLs that Allows Reading Internal Network Resources in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causin...

EUVD-2025-208771

In Forgejo through 13.0.3, the attachment component allows a denial of service by uploading a multi-gigabyte file attachment e.g., to be associated with an issue or a release...

CVE-2019-20884

An issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a file to more than one post...

EUVD-2020-4220

Malware in sbrugna...

EUVD-2003-1475

Malware in sbrugna...

EUVD-2005-0784

Malware in sbrugna...

EUVD-2001-1354

Malware in sbrugna...

EUVD-2020-17795

Malware in sbrugna...

EUVD-2020-0422

Malware in sbrugna...

EUVD-2016-1043

Malware in sbrugna...

EUVD-2019-10552

Malware in sbrugna...

EUVD-2019-11766

Malware in sbrugna...

EUVD-2020-10640

Malware in sbrugna...

EUVD-2020-24399

Malware in sbrugna...

EUVD-2005-2725

Malware in sbrugna...

EUVD-2020-3935

Malware in sbrugna...

EUVD-2019-7803

Malware in sbrugna...

EUVD-2006-4937

Malware in sbrugna...