protobuf.js 代码注入漏洞

protobuf.js is an open-source implementation of the Protocol Buffers format, written entirely in JavaScript. It supports Node.js and browsers running TypeScript. It’s easy to use, extremely fast, and can be used out of the box with.proto files! Versions of protobuf.js prior to 1.2.1 and 2.0.2 had...

CVE-2025-6515

The CVE concerns oatpp-mcp’s MCP SSE endpoint, where a session ID is derived from an instance pointer instead of a unique, cryptographically secure value. This enables a network attacker with access to the oatpp-mcp server to predict/guess future session IDs, hijack legitimate MCP sessions, and c...

Amios Emuse - eServices/ eNvoice 信息泄露漏洞

Amios Emuse-eServices/eNvoice is an electronic invoicing service from the Israeli company Amios. It is a digital interface that simplifies the collection process and automatically sends invoices to customers via email. Amios Emuse-eServices/eNvoice suffers from a security vulnerability that stems...