6 matches found
CVE-2026-44660
A flaw was found in UltraJSON, a fast JSON encoder and decoder. When the ujson.dump function attempts to write data to a file-like object and an error occurs during this operation, the memory allocated for the serialized JSON string is not properly released. This continuous failure to deallocate...
DEBIAN-CVE-2026-44660
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump writes to a file-like object and the write operation raises an exception, the serialized JSON string object is not decremented, leaking memory. Each failed write operatio...
CVE-2026-44660 UltraJSON: Memory Leak in ujson.dump() on Write Failure
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump writes to a file-like object and the write operation raises an exception, the serialized JSON string object is not decremented, leaking memory. Each failed write operatio...
CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal
LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...
WordPress Plugin "Advanced Custom Fields" vulnerable to missing authorization
Overview WordPress Plugin "Advanced Custom Fields" provided by Delicious Brains contains a missing authorization vulnerability CWE-862. Keitaro Yamazaki of Ierae Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
Yakamara Media Redaxo CMS 操作系统命令注入漏洞
Yakamara Media Redaxo CMS is Yakamara Media organization of a set of open source Web portal content management system . The system supports custom modules, plug-in extensions, project backups and more. A security vulnerability exists in Yakamara Media Redaxo CMS version 5.12.1, which can be...