CVE-2026-44903

Prometheus is an open-source monitoring system and time series database. From 2.49.0 to before 3.5.3 and 3.11.3, in the Prometheus server's legacy web UI enabled via the command-line flag --enable-feature=old-ui, the histogram heatmap chart view does not escape le label values when inserting them...

CVE-2026-44903 Prometheus: Stored XSS via crafted histogram bucket label values in the heatmap display of the old Prometheus web UI

Prometheus is an open-source monitoring system and time series database. From 2.49.0 to before 3.5.3 and 3.11.3, in the Prometheus server's legacy web UI enabled via the command-line flag --enable-feature=old-ui, the histogram heatmap chart view does not escape le label values when inserting them...

EUVD-2026-32007

Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of set directives in Velocity templates. If an application renders a template controll...

CVE-2026-44966 Velocity.js: Prototype Pollution in #set path assignment

Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of set directives in Velocity templates. If an application renders a template controll...

CVE-2025-68709

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI spoofing or privilege...

CVE-2026-40597

Mantis Bug Tracker MantisBT is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / HTML injection vulnerability, an attacker can bypass the Content Security Policy's script-src directive by uploading a crafted attachment to any issue that, when accessed via th...

UBUNTU-CVE-2026-44728

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

GHSA-HQMV-V56G-4M47 Typebot.io has stored XSS via `javascript`: URI in text bubble links — bot author executes JS on visitors' browsers

Summary The Typebot viewer packages/embeds/js renders anchor tags from rich text bubble content without filtering the javascript: URI scheme. A bot author can set a link URL to javascript:PAYLOAD, which executes in the visitor's browser context when clicked. Since the viewer is typically embedded...

@typebot.io/react (=0.10.0) potentially affected by CVE-2026-39964 via @typebot.io/js (=0.10.0)

@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-39964 Source advisory: OSV:GHSA-HQMV-V56G-4M47...

Cross-site Scripting (XSS)

Overview @typebot.io/js is a Javascript library to display typebots on your website Affected versions of this package are vulnerable to Cross-site Scripting XSS via the href attribute in anchor tags rendered from user-controlled content. An attacker can execute arbitrary JavaScript in the context...

@typebot.io/react (=0.10.0) potentially affected by CVE-2026-39964 via @typebot.io/js (=0.10.0)

@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-39964 Source advisory: SNYK:JS-TYPEBOTIOJS-16895730...

Typebot.io has stored XSS via `javascript`: URI in text bubble links — bot author executes JS on visitors' browsers

Summary The Typebot viewer packages/embeds/js renders anchor tags from rich text bubble content without filtering the javascript: URI scheme. A bot author can set a link URL to javascript:PAYLOAD, which executes in the visitor's browser context when clicked. Since the viewer is typically embedded...

CVE-2026-44728

CVE-2026-44728 affects Babel, a JavaScript compiler. Vulnerability occurs when compiling code that is specifically crafted by an attacker, enabling output code to execute arbitrary code. Affects Babel versions 7.12.0 through before 7.29.4 and 8.0.0-alpha.13. Root cause is the generation of advers...

@typebot.io/react (=0.10.0) potentially affected by CVE-2026-28445 via @typebot.io/js (=0.10.0)

@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-28445 Source advisory: OSV:GHSA-6M7C-XFHP-P9FH...

@typebot.io/react (=0.10.0) potentially affected by CVE-2026-28445 via @typebot.io/js (=0.10.0)

@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-28445 Source advisory: SNYK:JS-TYPEBOTIOJS-16895731...

CVE-2025-36148 IBM Financial Transaction Manager for SWIFT Services for Multiplatforms is vulnerable to cross-site scripting.

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial Transaction Manager SWIFT is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the...

Malicious code in chainix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93d9609d2eac0c0ff33aed557171138930255798aa649fa648b04814c8cb1908 Package presents itself as a pino-compatible logger README badges link to pinojs/pino, exports alias module.exports.pino = middleware but its exporte...

Malicious code in metricflow-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9a1c269ce5e462d7e555ce1ca34b7f2e54e3d34ea094d35a67aa7c61d1fe34e The package's exported Metricflow React component defaults serverUrl to http://51.38.65.105:21531 and, when rendered, appends a tag to document.head ...

CVE-2026-9520

A flaw was found in blitz-js blitz. A remote attacker can exploit this vulnerability by manipulating the 'Next' argument within the 'LoginForm.tsx' component. This manipulation leads to cross-site scripting XSS, which allows the attacker to inject malicious scripts into web pages viewed by other...

MAL-2026-4784 Malicious code in react-ui-polyfills (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63c43460df1ee670b8a5982d77e7028aef7df25fa38922f743489fd52b41b5ea Package advertises itself as React polyfills / UI compatibility helpers but ships no React or polyfill code. The exported getPlugin function returns ...