CVE-2026-23831 Rekor COSE v0.0.1 Canonicalize crashes when passed empty Message

Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec.message, causing nil Pointer Dereference. Function validate returns nil success when message is...

CVE-2019-13144

myTinyTodo 1.3.3 through 1.4.3 allows CSV Injection. This is fixed in 1.5...