CVE-2026-35602

Summary: CVE-2026-35602 affects Vikunja prior to v2.3.0, where the file import endpoint uses the attacker-controlled Size from the JSON metadata instead of the decompressed file length to enforce max file size, allowing an attacker to bypass the limit by setting Size to 0. This leads to potential...

EUVD-2026-17685

SiYuan Desktop: Stored XSS in imported .sy.zip content leads to arbitrary command execution...

CVE-2026-34585

SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute values to bypass server-side attribute escaping when an HTML entity is mixed with raw special characters. An attacker can embed a malicious IAL value inside a .sy document,...

GO-2026-4707 SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write in github.com/siyuan-note/siyuan/kernel

SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write in github.com/siyuan-note/siyuan/kernel...

Path Traversal

SiYuan is vulnerable to Path Traversal. The vulnerability is due to improper validation of file paths in the importZipMd function, which allows an authenticated attacker to overwrite arbitrary files on the system and potentially achieve remote code execution...

CVE-2026-32749

CVE-2026-32749 (SiYuan) affects SiYuan

CVE-2025-67488

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the...

CVE-2025-12966 All-in-One Video Gallery 4.5.4 - 4.5.7 – Authenticated (Author+) Arbitrary File Upload via Import ZIP

The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resolveimportdirectory function in versions 4.5.4 to 4.5.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload...

GHSA-JJWR-5CFH-7XWH DSpace is vulnerable to XML External Entity injection during archive imports

Impact Two related XXE injection possibilities have been discovered, impacting all versions of DSpace prior to 7.6.4, 8.2 and 9.1. 1. External entities are not disabled when parsing XML files during import of an archive in Simple Archive Format, either from command-line ./dspace import command or...

CVE-2025-53621 DSpace vulnerable to XML External Entity (XXE) injection in import via Simple Archive Format (SAF) or import from external sources

DSpace open source software is a repository application which provides durable access to digital resources. Two related XML External Entity XXE injection possibilities impact all versions of DSpace prior to 7.6.4, 8.2, and 9.1. External entities are not disabled when parsing XML files during impo...

CVE-2025-32949

This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when extracting a Zip Bomb. If user import is enabled which is the default setting, any registered user can upload an archive for importing. The code uses the yauzl library for reading...

PT-2025-16351 · Yauzl +1 · Yauzl +1

Name of the Vulnerable Software and Affected Versions: PeerTube affected versions not specified Description: This issue allows any authenticated user to cause the server to consume large amounts of disk space by extracting a Zip Bomb. When user import is enabled, which is the default setting, any...