CVE-2025-68467

Dark Reader is an accessibility browser extension that makes web pages colors dark. The dynamic dark mode feature of the extension works by analyzing the colors of web pages found in CSS style sheet files. In order to analyze cross-origin style sheets stored on websites different from the origina...

CVE-2025-68467 Dark Reader gives users the ability to request style sheets from local web servers

Dark Reader is an accessibility browser extension that makes web pages colors dark. The dynamic dark mode feature of the extension works by analyzing the colors of web pages found in CSS style sheet files. In order to analyze cross-origin style sheets stored on websites different from the origina...

EUVD-2024-2965

Malicious code in bioql PyPI...

CVE-2025-7346

Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages...

pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages

Summary Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages. Details Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages. Thi...

Duplicate Advisory: GHSA-x698-5hjm-w2m5

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x698-5hjm-w2m5. This link is maintained to preserve external references. Original Description Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to creat...

GHSA-2WCM-VX67-3X4Q Duplicate Advisory: GHSA-x698-5hjm-w2m5

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x698-5hjm-w2m5. This link is maintained to preserve external references. Original Description Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to creat...

CVE-2025-7346

Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages...

CVE-2025-7346

Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages...

CVE-2025-7346

Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages...

PT-2025-28355 · Pyload +1 · Pyload +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated attacker can bypass the localhost restrictions imposed by the application, allowing them to create arbitrary packages. Recommendations: At the moment, there is no...

CVE-2024-49753 Denied Host Validation Bypass in Zitadel Actions

Zitadel is open-source identity infrastructure software. Versions prior to 2.64.1, 2.63.6, 2.62.8, 2.61.4, 2.60.4, 2.59.5, and 2.58.7 have a flaw in the URL validation mechanism of Zitadel actions allows bypassing restrictions intended to block requests to localhost 127.0.0.1. The isHostBlocked...