CVE-2026-50703 Frappe Framework 17.0.0-dev - Stored XSS in Desktop Icon label rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...

CVE-2026-52932

In the Linux kernel, CVE-2026-52932 fixes an issue in the xfrm: ipcomp path where destination pages could leak on acomp errors. The patch moves the out_free_req label to ensure the allocated destination SG list is freed on error as well as on success, preventing a potential resource leak. The des...

Label Studio - Sensitive Information Exposure

An attacker can construct a filter chain to filter tasks based on sensitive fields for all user accounts on the platform by exploiting Django's Object Relational Mapper ORM. Since the results of query can be manipulated by the ORM filter, an attacker can leak these sensitive fields character by...

Label Studio - Cross-Site Scripting

Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. id: CVE-2023-47115 info: name: Label Studio - Cross-Site Scripting author: isaca...

Label Studio < 1.16.0 - Cross-Site Scripting

Label Studio prior to version 1.16.0 contains a cross-site scripting caused by rendering unsanitized user-provided HTML in the /projects/upload-example endpoint, letting attackers execute arbitrary JavaScript via crafted labelconfig in a GET request, exploit requires victims to visit malicious UR...

WordPress White Label CMS <2.2.9 - Cross-Site Scripting

WordPress White Label CMS plugin before 2.2.9 contains a reflected cross-site scripting vulnerability. It does not sanitize and validate the wlcmslogincustomjs parameter before outputting it back in the response while previewing. id: CVE-2022-0422 info: name: WordPress White Label CMS 2.2.9 -...

GHSA-XHF5-7WJV-PQXP containerd CRI — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull

Impact A bug was found in containerd where the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via a plugin that consumes container labels for some operations. Patch...

CVE-2026-56099

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

CVE-2026-56099

OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read in sys/netmpls/mpls_input.c:mpls_do_error, allowing remote disclosure of kernel stack memory by crafting MPLS frames with 16 labels and no Bottom-of-Stack bit. Affected component is the MPLS input handling path; root cause ...

kernel: ipv6: use RCU in ip6_xmit()

A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...

kernel: ipv6: use RCU in ip6_xmit()

A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...

CVE-2026-50091

CVE-2026-50091 affects Aqara Home Android (package com.lumiunited.aqarahome, version 6.0.0 and white-label clients embedding liblumidevsdk.so). The vulnerability arises from hard-coded cryptographic keys (CWE-321) in the related library, as described in the NVD/CVE entries. The CVSS v3.1 base sco...

CVE-2026-50639

Metric injection vulnerability in Metrics::Any::Adapter::SignalFx for Perl: versions before 0.04 do not protect against metric injections. The issue spans the StatsD protocol and its extensions (dogstatsd); per-packet metrics can include multiple metrics separated by newlines. The _labels functio...

CVE-2026-46642

CVE-2026-46642 affects draw.io prior to 29.7.12. A crafted .drawio file can execute arbitrary JavaScript in the editor’s origin when opened. The root cause is a feature-detection routine in the Text Format panel that reads the raw cell label and assigns it to a detached element’s innerHTML withou...

CVE-2026-46642 draw.io: XSS via crafted cell label when opening a .drawio file

draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when the file is opened. The vulnerability is not in the label sanitizer which works correctly on the rendering path but in...

SUSE-SU-2026:22075-1 Security update for elemental-operator

This update for elemental-operator fixes the following issue - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260277. Changes for elemental-operator: - Changes on top of v1.7.5: 41f54076 Fix reference in labels 3bdb93...

Malicious code in @listings/energy-labels (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41caac3ab1f9c35a72841357174aeeec16c142c08cc28030a875b2dba85f04ba The package declares "preinstall": "node index.js || true" in package.json, so on every npm install the script executes automatically and silently...

MAL-2026-5327 Malicious code in @listings/energy-labels (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41caac3ab1f9c35a72841357174aeeec16c142c08cc28030a875b2dba85f04ba The package declares "preinstall": "node index.js || true" in package.json, so on every npm install the script executes automatically and silently...

CVE-2026-0096

In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-4300

The Robo Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Loading Label' setting in all versions up to, and including, 5.1.3. The plugin uses a custom |...| marker pattern in its fixJsFunction method to embed raw JavaScript function references within JSON-encoded...