CVE-2026-30955 Gokapi vulnerable to DoS in E2E Metadata Parser

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An API endpoint accepts unbounded request bodies without any size limit. An authenticated user can cause an OOM kill and complete service disruption for all users. This vulnerability is...

PT-2026-25358

Name of the Vulnerable Software and Affected Versions Gokapi versions prior to 2.2.4 Description Gokapi is a self-hosted file sharing server. The chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public...

CVE-2025-54117

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting XSS vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed ...

CVE-2025-54421 NamelessMC allows Stored Cross Site Scripting (XSS) in SEO component

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting XSS vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the defaultkeywords crafted parameter. This vulnerability is fixe...

[ASA-201908-2] python-django: multiple issues

Arch Linux Security Advisory ASA-201908-2 ========================================= Severity: Medium Date : 2019-08-05 CVE-ID : CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1015...