CVE-2026-45090

creationtimestamp| type| source ---|---|--- 2026-05-07 13:30:22+00:00| published-proof-of-concept| https://github.com/hahwul/dalfox/security/advisories/GHSA-2g4x-fq3j-cgq4...

CVE-2026-44346

creationtimestamp| type| source ---|---|--- 2026-05-07 10:39:30+00:00| published-proof-of-concept| https://github.com/bentoml/BentoML/security/advisories/GHSA-w2pm-x38x-jp44...

GHSA-V2V4-37R5-5V8G vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, tileserver-gl, code-server, sqlpad, langfuse, lerna, kubeflow-pipelines, pulumi, saf, renovate, npm, prism...

Cross-site Request Forgery (CSRF)

Overview misp-modules is a MISP modules are autonomous modules that can be used for expansion and other services in MISP Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the home blueprint, which was exempted from CSRF protection. An attacker can perform...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the processFuzzySearch function. An attacker can access and extract the entire database contents by supplying crafted input to the column parameter in the HTTP API, which is directly interpolated into raw SQL statement...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the resetuserpassword and gympermissionsuseredit function when both the attacker and victim have gym=None. An attacker can gain unauthorized access to another user's account, obtain their new plaintext passwor...

CVE-2026-44483

creationtimestamp| type| source ---|---|--- 2026-05-06 19:32:52+00:00| published-proof-of-concept| https://github.com/airjp73/rvf/security/advisories/GHSA-c567-44rc-m5hq 2026-05-27 18:01:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu3mrz7jk26...

CVE-2026-44897

creationtimestamp| type| source ---|---|--- 2026-05-06 07:13:48+00:00| published-proof-of-concept| https://github.com/lepture/mistune/security/advisories/GHSA-v87v-83h2-53w7...

CVE-2026-44708

creationtimestamp| type| source ---|---|--- 2026-05-06 07:09:57+00:00| published-proof-of-concept| https://github.com/lepture/mistune/security/advisories/GHSA-8g87-j6q8-g93x...

GHSA-M7HM-VM4X-28JF vulnerabilities

Vulnerabilities for packages: dagdotdev...

CVE-2026-42578

creationtimestamp| type| source ---|---|--- 2026-05-05 18:05:31+00:00| published-proof-of-concept| https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr...

CVE-2026-44721

creationtimestamp| type| source ---|---|--- 2026-05-04 23:42:51+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-gf5m-wcrh-7928...

GHSA-96VC-WCXF-JJFF

creationtimestamp| type| source ---|---|--- 2026-05-04 23:31:29+00:00| seen| https://gist.github.com/limcheekin/b22dc88a260c8e395b6d84d05bd62a04...

GHSA-QG5C-HVR5-HJGR

creationtimestamp| type| source ---|---|--- 2026-05-04 23:31:29+00:00| seen| https://gist.github.com/limcheekin/b22dc88a260c8e395b6d84d05bd62a04...

GHSA-G38R-8GMR-GHRF

creationtimestamp| type| source ---|---|--- 2026-05-04 22:10:29+00:00| seen| https://gist.github.com/alon710/15d45700e9c417f92716ddfa05ebc56f...

GHSA-X3H8-JRGH-P8JX

creationtimestamp| type| source ---|---|--- 2026-05-04 20:40:29+00:00| seen| https://gist.github.com/alon710/b60926baf5e2d9d70756e13d5032afa9...

GHSA-Q49M-57VM-C8CC

creationtimestamp| type| source ---|---|--- 2026-05-04 20:10:29+00:00| seen| https://gist.github.com/alon710/e5f670283b66e1c583d8b3f3f9d1efba...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the YAML metadata parsing process. An attacker can cause excessive memory consumption and potentially trigger an out-of-memory condition on the server by uploading a crafted image ...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference through the UploadAllFiles process. An attacker can cause the daemon to crash by importing a truncated or malformed backup archive that triggers a nil-pointer dereference during tar file iteration. Remediation...

CVE-2026-44641

creationtimestamp| type| source ---|---|--- 2026-05-03 08:34:38+00:00| published-proof-of-concept| https://github.com/microsoft/apm/security/advisories/GHSA-xhrw-5qxx-jpwr...