Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
๐Ÿ”ฅ Daily Hot!
๐Ÿ’ช๐Ÿฝ CPE Enhanced Advisories
๐Ÿ•ถ Shadow Exploits
๐Ÿ•ต๐Ÿผ Vulners CPE
๐Ÿ” Security news
๐Ÿ’ป Exploit updates
๐Ÿ“‘ Blogs review
๐Ÿง Linux vulnerabilities
๐Ÿž Bugbounty
๐Ÿค– AI High Score
๐Ÿ“ฐ CVE Feed
show all

3 matches found

OSV
OSVโ€ขadded 2026/05/07 9:18 p.m.โ€ข3 views

GHSA-3V85-FQVH-7RXF Ech0's RSS feed renders unescaped tag names and raw-HTML markdown, stored XSS against subscribers

Summary The public RSS/Atom feed at /rss renders two attacker-controlled surfaces without HTML escaping. Tag names flow through fmt.AppendfrenderedContent, "%s", tag.Name at internal/service/common/common.go:120, and the Markdown renderer at internal/util/md/md.go does not set the html.SkipHTML...

4.8CVSS5.9AI score
Exploits0References3
EUVD
EUVDโ€ขadded 2025/10/03 8:7 p.m.โ€ข2 views

EUVD-2021-7773

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00192EPSS
Exploits0References2
Hacker One
Hacker Oneโ€ขadded 2024/03/05 10:53 a.m.โ€ข48 views

Internet Bug Bounty: CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()

The django.utils.text.Truncator.words method with html=True and truncatewordshtml template filter were found to be vulnerable to a potential regular expression denial-of-service attack. The vulnerability was caused by regular expressions stored in variables that were susceptible to ReDoS attacks,...

5.3CVSS6.3AI score0.02611EPSS
Exploits0
Rows per page
Query Builder