Lucene search
+L

274 matches found

osv
osv
added 2 days ago2 views

SUSE-SU-2026:2948-1 Security update for perl-HTML-Parser

This update for perl-HTML-Parser fixes the following issue - CVE-2026-8829: HTML:Entities versions before 3.84 for Perl read freed heap memory in decodeentities bsc1267606...

7.5CVSS6.1AI score0.0031EPSS
Exploits0References3
osv
osv
added 2026/06/20 6:49 a.m.2 views

OPENSUSE-SU-2026:21126-1 Security update for perl-HTML-Parser

This update for perl-HTML-Parser fixes the following issue - CVE-2026-8829: HTML:Entities versions before 3.84 for Perl read freed heap memory in decodeentities bsc1267606...

7.5CVSS5.8AI score0.0031EPSS
Exploits0References2
mscve
mscve
added 2026/06/07 8:2 a.m.10 views

HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

...

7.5CVSS5.4AI score0.0031EPSS
Exploits0
susecve
susecve
added 2026/06/05 3:16 a.m.14 views

SUSE CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

4.8CVSS5.9AI score0.0031EPSS
Exploits0References4
nvd
nvd
added 2026/06/04 3:16 a.m.11 views

CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

7.5CVSS0.0031EPSS
Exploits0References4
osv
osv
added 2026/06/04 3:16 a.m.9 views

DEBIAN-CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

7.5CVSS5.9AI score0.0031EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/04 2:3 a.m.79 views

CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

0.0031EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/04 2:3 a.m.8 views

CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

5.9AI score0.0031EPSS
Exploits0References2
debiancve
debiancve
added 2026/06/04 2:3 a.m.10 views

CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

7.5CVSS5.9AI score0.0031EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/04 2:3 a.m.9 views

CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

5.9AI score0.0031EPSS
Exploits0References3
osv
osv
added 2026/06/04 2:3 a.m.2 views

CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

7.5CVSS6AI score0.0031EPSS
Exploits0References8
euvd
euvd
added 2026/06/04 2:3 a.m.16 views

EUVD-2026-34194

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

7.5CVSS5.9AI score0.0031EPSS
Exploits0References2
cve
cve
added 2026/06/04 2:3 a.m.27 views

CVE-2026-8829

CVE-2026-8829 : The Perl module HTML::Entities versions before 3.84 is affected. The vulnerability arises from the XS routine backing _decode_entities caching a pointer (repl) into the entity2char hash value SV. If an input SV matches a value SV in that hash and that value itself contains its own...

7.5CVSS5.9AI score0.0031EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/06/04 12:0 a.m.16 views

PT-2026-46135

Name of the Vulnerable Software and Affected Versions HTML::Entities versions prior to 3.84 Description The XS routine supporting decode entities caches a pointer repl to the entity-value SV returned by hv fetch on the entity2char hash. If the input SV is identical to a value SV in that hash and...

7.5CVSS5.4AI score0.0031EPSS
Exploits0References33
nessus
nessus
added 2026/06/04 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-8829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer re...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and the striptags template filter are vulnerable to a potential denial-of-service attack due to certain inputs containing large sequences of nested incomplete HTML entities...

7.5CVSS6.7AI score0.01398EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/11 9:42 p.m.50 views

CVE-2026-43900 DeepChat: Persistent DOM XSS via HTML Entity Encoding in `<antArtifact>` SVG Rendering (Bypass of `svgSanitizer.ts`)

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, a Cross-Site Scripting XSS vulnerability exists due to a discrepancy between the backend validation layer and the frontend browser rendering engine. The SVGSanitizer...

9.3CVSS0.00306EPSS
Exploits0References1
euvd
euvd
added 2026/05/11 9:42 p.m.13 views

EUVD-2026-29337

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, a Cross-Site Scripting XSS vulnerability exists due to a discrepancy between the backend validation layer and the frontend browser rendering engine. The SVGSanitizer...

9.3CVSS6AI score0.00306EPSS
Exploits0References1
osv
osv
added 2026/05/11 9:42 p.m.3 views

CVE-2026-43900 DeepChat: Persistent DOM XSS via HTML Entity Encoding in `<antArtifact>` SVG Rendering (Bypass of `svgSanitizer.ts`)

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, a Cross-Site Scripting XSS vulnerability exists due to a discrepancy between the backend validation layer and the frontend browser rendering engine. The SVGSanitizer...

9.3CVSS6.2AI score0.00306EPSS
Exploits0References3
cve
cve
added 2026/05/11 9:42 p.m.14 views

CVE-2026-43900

DeepChat vuln CVE-2026-43900 affects the SvgArtifact rendering path. The sanitizer in src/main/lib/svgSanitizer.ts scrubs javascript: protocols with plain-text regex but fails to account for HTML entity decoding before Vue’s v-html insertion in SvgArtifact.vue. Crafting an SVG artifact with obfus...

9.3CVSS6AI score0.00306EPSS
Exploits0References1
Rows per page
Query Builder