bg.codexio.ai:openai-api-examples (>=0.8.0.BETA <=0.9.0.BETA-JDK17), ch.cern:cerndb-sw-zkpolicy (=1.0.1-21) +305 more potentially affected by CVE-2026-34480 via org.apache.logging.log4j:log4j-core (>=3.0.0-alpha1 <=3.0.0-beta3)

org.apache.logging.log4j:log4j-core MAVEN version =3.0.0-alpha1, =0.8.0.BETA, =1.0.0, =0.0.2, =00.00.03, =1.0.6, =1.0.7, =1.0.0, =2.0.21, =1.0, =1.0.2 and more Source cves: CVE-2026-34480 Source advisory: OSV:GHSA-3PXV-7CMR-FJR4...

com.newmediaworks:nmw-oss-website (>=1.7.0 <=1.11.0), com.pragmatickm:website (>=1.10.0 <=2.0.0) +111 more potentially affected by CVE-2021-23337 +1 more via org.webjars.npm:lodash (>=4.0.0 <=4.17.5)

org.webjars.npm:lodash MAVEN version =4.0.0, =1.7.0, =1.10.0, =1.11.0, =1.7.0, =1.6.1, =1.11.0, =1.13.0, =1.0, =1.0, =1.0, =1.2.0, =3.5.0, =3.5.0, =3.5.0, =3.12.0 and more Source cves: CVE-2021-23337, CVE-2026-4800 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15869630...

net.enilink.platform:net.enilink.platform.web (=1.6.0), org.webjars.npm:formio__core (=2.6.0) +1 more potentially affected by CVE-2026-0540 via org.webjars.npm:dompurify (>=3.1.7 <=3.3.0)

org.webjars.npm:dompurify MAVEN version =3.1.7, =0.54.0, =0.55.1 Source cves: CVE-2026-0540 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15371377...

QLCoder: A Query Synthesizer for Static Analysis of Security Vulnerabilities

Static analysis tools provide a powerful means to detect security vulnerabilities by specifying queries that encode vulnerable code patterns. However, writing such queries is challenging and requires diverse expertise in security and program analysis. To address this challenge, we present QLCoder...

FaultLine: Automated Proof-Of-Vulnerability Generation Using LLM Agents

Despite the critical threat posed by software security vulnerabilities, reports are often incomplete, lacking the proof-of-vulnerability PoV tests needed to validate fixes and prevent regressions. These tests are crucial not only for ensuring patches work, but also for helping developers understa...

berkano:bean-displaytag (>=20050615.234814 <=20050616.015551), berkano:berkano-util (>=20050725.114415 <=dev-20050723) +877 more potentially affected by CVE-2016-3093 via ognl:ognl (>=2.5.1 <=3.0.11)

ognl:ognl MAVEN version =2.5.1, =20050615.234814, =20050725.114415, =2.0, =1.0.1, =1.0.0, =1.0.1, =3.1.1, =1.0.0, =1.0.0, =2.0.0, =1.2.4, =3.0.1 - ca.stellardrift.guice-backport.extensions:guice-struts2 =5.0.1 and more Source cves: CVE-2016-3093 Source advisory: OSV:GHSA-383P-XQXX-RRMP...

Race condition

There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in webkit subproject of HTML/Java API version 1.7. A similar vulnerability has recently been disclosed in other Java projects and the fix in HTML/Java API version 1.7.1 follows...

Security Testing Plugin for Maven & Gradle

Maven and Gradle Maven and Gradle are build automation and dependency management systems used primarily for Java projects. Their goals are to provide a uniform build system and to simplify the build process altogether. They are used for dependency management, testing, and building of simple to...

Apache Continuum 1.4.2 Command Injection / Cross Site Scripting

Exploit Title: Unauthenticated command injection - Apache Continuum Google Dork: inurl::8080/continuum/ Date: 04/06/2016 Exploit Author: David Shanahan @cyberpunksec Contact: http://www.procheckup.com/ Vendor Homepage: https://continuum.apache.org/ Software Link:...

Apache Continuum 1.4.2 - Multiple Vulnerabilities

Exploit Title: Unauthenticated command injection - Apache Continuum Google Dork: inurl::8080/continuum/ Date: 04/06/2016 Exploit Author: David Shanahan @cyberpunksec Contact: http://www.procheckup.com/ Vendor Homepage: https://continuum.apache.org/ Software Link:...

Apache Continuum 1.4.2 - Multiple Vulnerabilities

Apache Continuum 1.4.2 - Multiple Vulnerabilities Exploit Title: Unauthenticated command injection - Apache Continuum Google Dork: inurl::8080/continuum/ Date: 04/06/2016 Exploit Author: David Shanahan @cyberpunksec Contact: http://www.procheckup.com/ Vendor Homepage: https://continuum.apache.org...