CVE-2026-44916

In OpenStack Ironic before 35.0.2 in a certain non-default configuration, instanceinfo'kstemplate' is rendered without sandboxing...

EUVD-2026-23330

SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered with securityLevel set to "loose", and the resulting SVG is injected into the DOM via innerHTML. This allows attacker-controlled javascript: URLs in Mermaid code blocks to...

PT-2025-52863

Name of the Vulnerable Software and Affected Versions 5ire versions 0.15.2 and prior Description 5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. A remote code execution issue exists in the useMarkdown.ts file due to the markdown-it-mermaid...

CVE-2020-29071

An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. The issue arises from the insecure rendering of HTML files uploaded to the platform as attachments, when the -htmlview URL is directly accessed. The impact ranges from executing commands as root on the server to retrieving...

CVE-2020-29071

An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. The issue arises from the insecure rendering of HTML files uploaded to the platform as attachments, when the -htmlview URL is directly accessed. The impact ranges from executing commands as root on the server to retrieving...