EUVD-2025-30371

Malicious code in bioql PyPI...

EUVD-2025-30372

Malicious code in bioql PyPI...

CVE-2025-10761

CVE-2025-10761 affects Harness 3.3.0, specifically the /api/v1/login endpoint in the Login Endpoint component. The issue is an improper restriction of excessive authentication attempts, enabling remote exploitation with high complexity and a low overall CVSS base, but a non-trivial attack path is...

CVE-2025-10760 Harness lookup_repo.go LookupRepo server-side request forgery

A flaw has been found in Harness 3.3.0. This impacts the function LookupRepo of the file app/api/controller/gitspace/lookuprepo.go. Executing manipulation of the argument url can lead to server-side request forgery. The attack may be launched remotely. The exploit has been published and may be...

PT-2025-38655

Name of the Vulnerable Software and Affected Versions Harness version 3.3.0 Description A flaw exists in Harness that impacts the LookupRepo function within the app/api/controller/gitspace/lookup repo.go file. Manipulation of the url argument can lead to server-side request forgery, potentially...

PT-2025-38656

Name of the Vulnerable Software and Affected Versions Harness version 3.3.0 Description A vulnerability exists in Harness version 3.3.0 related to improper restriction of excessive authentication attempts. The issue affects an unknown function within the /api/v1/login endpoint of the Login Endpoi...