CVE-2026-0534

A maliciously crafted HTML payload, stored in a part’s attribute and clicked by a user, can trigger a Stored Cross-site Scripting XSS vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this vulnerability to read local files or execute arbitrary code in the...

CVE-2025-55618

CVE-2025-55618 describes an HTML injection in Hyundai Navigation App STD5W.EUR.HMC.230516.afa908d where an attacker can inject payloads into the profile name field that are rendered by the app. The NVD entry lists CVSSv3.1: 7.3 (High) with network attack vector, no privileges required, and no use...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab that stems from a search timeout tha...

Book Store Management System 跨站脚本漏洞

Book Store Management System is an online bookstore system by Carlo Montero, an individual developer. A security vulnerability exists in Book Store Management System v1.0.0, which stems from the Name parameter of its Add New System User module, which allows an attacker to execute arbitrary web...