Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system designed for teams. Versions of Concrete CMS 9.5.0 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the doupdate method not verifying the CSRF token, which could allow attackers to trigger...

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions prior to Concrete CMS 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability stemmed from the function concrete/controllers/backend/file approveVersion, which was vulnerable to cross-si...

PT-2026-42589

Summary The Fission router registers an internal-style route — /fission-function/ and /fission-function// — for every Function object, independent of whether any HTTPTrigger exists for that function. The route was mounted on the same listener as user-defined HTTPTriggers svc/router, port 8888, so...

PT-2026-42442

A time-of-check time-of-use TOCTOU condition in the ad flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...

PT-2026-42407

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.4 through 4.4.2 Description An out-of-bounds write occurs due to improper null termination in the convert charset function. This allows a remote authenticated attacker to execute arbitrary code or cause a denial of servic...

PT-2026-42531

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

PT-2026-42701

Summary The copyProps function in lib/src/object/copy.ts uses for...in to iterate over source object properties without an Object.hasOwnProperty check, and does not filter dangerous keys proto , constructor, prototype. This allows an attacker to pollute the prototype chain of all objects in the...

CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

CVE-2026-47099

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

GO-2026-4995 free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers in github.com/free5gc/smf

free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers in github.com/free5gc/smf...

GO-2026-4994 free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf

free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/subId crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf...

GO-2026-4963 openvpn-auth-oauth2 returns FUNC_SUCCESS on client-deny, allowing unauthenticated VPN access in github.com/jkroepke/openvpn-auth-oauth2

openvpn-auth-oauth2 returns FUNCSUCCESS on client-deny, allowing unauthenticated VPN access in github.com/jkroepke/openvpn-auth-oauth2...

CVE-2026-47099 TeleJSON < 6.0.0 DOM-based XSS via parse() Function

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

CVE-2026-47099

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

CVE-2026-47099 TeleJSON < 6.0.0 DOM-based XSS via parse() Function

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

CVE-2026-47099

TeleJSON prior to 6.0.0 contains a DOM-based XSS via the parse() reviver that reads a constructor-name property and passes it to new Function(), allowing arbitrary JavaScript execution in contexts such as postMessage for cross-frame communication. Affected component: TeleJSON parse() in versions ...

Malicious code in txdpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 767f0e720df9d2dd670fc9c607db01794649653be89daa42f01dfe34a69a8ecd The package exports a 发送邮件 sendemail function whose default sender, recipient, and SMTP auth code are hardcoded to the author's QQ account. In...

Weak Password Recovery Mechanism for Forgotten Password

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the updatePassword function. An attacker can enumerate valid user accounts and forcibly chan...

Missing Authentication for Critical Function

Overview symfony/lox24-notifier is a Symfony LOX24 Notifier Bridge Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the doParse webhook request parsers in the Mailjet maile bridge and LOX24 SMS notifier bridge. An attacker can submit forged...