CVE-2026-25632 EPyT-Flow has unsafe JSON deserialization (__type__)

EPyT-Flow is a Python package designed for the easy generation of hydraulic and water quality scenario data of water distribution networks. Prior to 0.16.1, EPyT-Flow’s REST API parses attacker-controlled JSON request bodies using a custom deserializer myloadfromjson that supports a type field...

CVE-2026-25640

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 1.34.0 to before 1.51.0, a path traversal vulnerability in the Pydantic AI web UI allows an attacker to serve arbitrary JavaScript in the context of the application by crafting a malicious URL...

CVE-2026-25520

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't wrapped. Object.values/Object.entries can be used to get an Array containing the host's Function constructor, by using Array.prototype.at you can obtain the hosts Function constructor, which can b...

CVE-2026-25640 Pydantic AI affected by Stored XSS via Path Traversal in Web UI CDN URL

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 1.34.0 to before 1.51.0, a path traversal vulnerability in the Pydantic AI web UI allows an attacker to serve arbitrary JavaScript in the context of the application by crafting a malicious URL...

CVE-2026-25640

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 1.34.0 to before 1.51.0, a path traversal vulnerability in the Pydantic AI web UI allows an attacker to serve arbitrary JavaScript in the context of the application by crafting a malicious URL...

EUVD-2026-5593

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 1.34.0 to before 1.51.0, a path traversal vulnerability in the Pydantic AI web UI allows an attacker to serve arbitrary JavaScript in the context of the application by crafting a malicious URL...

CVE-2026-25586 SandboxJS has a Sandbox Escape via Prototype Whitelist Bypass and Host Prototype Pollution

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, a sandbox escape is possible by shadowing hasOwnProperty on a sandbox object, which disables prototype whitelist enforcement in the property-access path. This permits direct access to proto and other blocked prototype properties,...

CVE-2026-25587 SandboxJS has a Sandbox Escape

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, as Map is in SAFEPROTOYPES, it's prototype can be obtained via Map.prototype. By overwriting Map.prototype.has the sandbox can be escaped. This vulnerability is fixed in 0.8.29...

CVE-2026-25587

CVE-2026-25587 affects SandboxJS. Prior to 0.8.29, the Map object’s prototype could be leaked via Map.prototype, allowing an attacker to overwrite Map.prototype.has and escape the sandbox. The Red Hat/NVD entries describe this as a sandbox-escape vulnerability with potential for remote code execu...

EUVD-2026-5590

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, as Map is in SAFEPROTOYPES, it's prototype can be obtained via Map.prototype. By overwriting Map.prototype.has the sandbox can be escaped. This vulnerability is fixed in 0.8.29...

CVE-2026-25641 SandboxJS has a sandbox escape via TOCTOU bug on keys in property accesses

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbox escape vulnerability due to a mismatch between the key on which the validation is performed and the key used for accessing properties. Even though the key used in property accesses is annotated as string, this is...

CVE-2026-25647

Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier as used in SiYuan before has a Stored Cross-Site Scripting XSS vulnerability in the Markdown rendering engine. An attacker can inject malicious JavaScript into a Markdown text/note. When another user clicks...

CVE-2026-25647 Lute has a Stored Cross-Site Scripting (XSS) via Markdown hyperlink

Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier as used in SiYuan before has a Stored Cross-Site Scripting XSS vulnerability in the Markdown rendering engine. An attacker can inject malicious JavaScript into a Markdown text/note. When another user clicks...

CVE-2026-25647 Lute has a Stored Cross-Site Scripting (XSS) via Markdown hyperlink

Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier as used in SiYuan before has a Stored Cross-Site Scripting XSS vulnerability in the Markdown rendering engine. An attacker can inject malicious JavaScript into a Markdown text/note. When another user clicks...

CVE-2026-25647 Lute has a Stored Cross-Site Scripting (XSS) via Markdown hyperlink

Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier as used in SiYuan before has a Stored Cross-Site Scripting XSS vulnerability in the Markdown rendering engine. An attacker can inject malicious JavaScript into a Markdown text/note. When another user clicks...

CVE-2026-25647

Lute

Pydantic AI has Stored XSS via Path Traversal in Web UI CDN URL

Summary A Path Traversal vulnerability in the Pydantic AI web UI allows an attacker to serve arbitrary JavaScript in the context of the application by crafting a malicious URL. If a victim clicks the link or visits it via an iframe, attacker-controlled code executes in their browser, enabling the...

CVE-2026-24903

OrcaStatLLM Researcher is an LLM Based Research Paper Generator. A Stored Cross-Site Scripting XSS vulnerability was discovered in the Log Message in the Session Page in OrcaStatLLM-Researcher that allows attackers to inject and execute arbitrary JavaScript code in victims' browsers through...

CVE-2026-24903

CVE-2026-24903 affects OrcaStatLLM Researcher (LLM-based research paper generator). A stored XSS in the Session Page log message allows attacker-supplied inputs to inject and execute JavaScript in victims’ browsers. CVSSv4 base score 5.3 (Medium): Network, Low attack complexity, no privileges, us...

CVE-2026-24903 OrcaStatLLM Researcher Stored Cross-Site Scripting (XSS) via Log Message Injection in Session Page

OrcaStatLLM Researcher is an LLM Based Research Paper Generator. A Stored Cross-Site Scripting XSS vulnerability was discovered in the Log Message in the Session Page in OrcaStatLLM-Researcher that allows attackers to inject and execute arbitrary JavaScript code in victims' browsers through...