CVE-2026-44428

creationtimestamp| type| source ---|---|--- 2026-05-15 01:51:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlu7toomzp2k...

CVE-2026-44673

creationtimestamp| type| source ---|---|--- 2026-05-15 01:40:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlu77cs2dv2v...

AMD Graphics Driver 代码问题漏洞

AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. There are code vulnerabilities in AMD Graphics Driver, which stem from DLL hijacking. These vulnerabilities may allow attackers to gain elevated privileges and execute arbitrary code...

Tabby 操作系统命令注入漏洞

Tabby Terminus is a highly configurable terminal emulator, SSH, and serial client developed by Eugene’s individual developers. Versions of Tabby before 1.0.233 contained an operating system command injection vulnerability. This vulnerability stemmed from the tabby:// URL scheme handler executing ...

APM – Agent Package Manager 后置链接漏洞

APM – Agent Package Manager is an open-source AI-based dependency management tool developed by Microsoft. In versions 0.5.4 to 0.12.4 of APM, there was a post-link vulnerability. This vulnerability stemmed from calls to functions like Path.glob and Path.rglob, which followed symbolic links. As a...

PT-2026-41269

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dt default button' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes i...

GHSA-5V57-8RXJ-3P2R

creationtimestamp| type| source ---|---|--- 2026-05-14 22:10:29+00:00| seen| https://gist.github.com/alon710/b6fd947590993b5b0ed338c431321ca8...

pyLoad is vulnerable to stored XSS in Downloads view via unsanitized link URL in packages.js template literal

Summary The packages.js template at src/pyload/webui/app/themes/modern/templates/js/packages.js:172 interpolates a stored link URL into a template literal inside single-quoted HTML and then writes the result to the DOM via $div.htmlhtml. No escaping runs between the API value and innerHTML. An...

GHSA-FCJQ-435V-JX94 pyLoad is vulnerable to stored XSS in Downloads view via unsanitized link URL in packages.js template literal

Summary The packages.js template at src/pyload/webui/app/themes/modern/templates/js/packages.js:172 interpolates a stored link URL into a template literal inside single-quoted HTML and then writes the result to the DOM via $div.htmlhtml. No escaping runs between the API value and innerHTML. An...

Open WebUI Vulnerable to SSRF via OAuth Profile Picture URL in _process_picture_url (oauth.py)

Summary A Server-Side Request Forgery SSRF vulnerability exists in processpictureurl in backend/openwebui/utils/oauth.py line 1338. The function fetches arbitrary URLs from OAuth picture claims without applying validateurl, allowing an attacker to force the server to make HTTP requests to interna...

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS via the profileimageurl parameter in the webhook creation or update process. An attacker can execute arbitrary JavaScript in the context of the application by supplying a crafted SVG...

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the missing MIME-type validation of profileimageurl field. An attacker can execute arbitrary HTML or JavaScript in the context of user's browser by injecting malicious HTML or...

GHSA-7RX4-C5VX-G8W3

creationtimestamp| type| source ---|---|--- 2026-05-14 18:40:28+00:00| seen| https://gist.github.com/alon710/260608e1e5e80ae5e3b0acd83fc48ee1...

Improper Encoding or Escaping of Output

Overview launder is an A sanitize module for the people. Built for ApostropheCMS. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the linkHref field handling. An attacker can execute arbitrary JavaScript by supplying a javascript: URL in an image...

Improper Encoding or Escaping of Output

Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the linkHref field handling. An attacker can execute arbitrary JavaScript by supplying a javascript: URL in an image widget's link URL field and having it rendered on the page. This affects...

CVE-2026-8584

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515 2026-05-14 21:56:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mltsqdeozq2e 2026-05-17 18:00:00+00:00| seen|...

CVE-2026-8583

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515 2026-05-14 21:46:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlts673t6w2o...

CVE-2026-8587

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515 2026-05-14 22:01:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mltsxz465x2o 2026-05-17 18:00:00+00:00| seen|...

CVE-2026-8574

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515 2026-05-14 21:31:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mltrcj6i2q2k...

CVE-2026-8580

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515 2026-05-14 21:41:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mltrur5oyb2i 2026-05-15 01:30:26+00:00| seen|...