EUVD-2026-33677

Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15.4, 1.16.0 to before 1.16.3, 1.17.0 to before 1.17.1, and 1.18.0 to before 1.18.1, a malicious user with access to an end-to-end encrypted files drop link was able to also drop files into other end-to-e...

SOPlanning Cross-Site Scripting Vulnerabilities

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the /process/uploadbackup endpoint, which was vulnerable to storage-based cross-site scripti...

PT-2026-45357

SOPlanning is vulnerable to Stored Cross-Site Scripting XSS via /process/upload backup endpoint. An authenticated attacker with access to the backup functionality can upload a crafted ZIP archive containing a malicious user.csv file with embedded JavaScript. The injected code is executed in the...

libvirt: Denial of service in XML parsing

A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvirt to allocate too...

CVE-2021-27043

An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application...

CVE-2026-27154 Discourse has XSS when editing a malicious post

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, a user full name can be evaluated as raw HTML when the following settings are set: displaynameonposts = true; and prioritizeusernameinux = false. Editing a post of a malicious user would trigger ...

CVE-2021-31813

Zoho ManageEngine Applications Manager before 15130 is vulnerable to Stored XSS while importing malicious user details e.g., a crafted user name from AD...

CVE-2021-31798

The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files...

CVE-2022-23340

Joplin 2.6.10 allows remote attackers to execute system commands through malicious code in user search results...

CVE-2020-12595

An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4...

CVE-2022-26951

Archer 6.x through 6.10 6.10.0.0 contains a reflected XSS vulnerability. A remote SAML-unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the...

CVE-2025-66554

Contacts app for Nextcloud easily syncs contacts from various devices with your Nextcloud and allows editing. Prior to 5.5.4, 6.0.6, and 7.2.5, a malicious user was able to modify their organisation and title field to load additional CSS files. Javascript and other options were correctly blocked ...

Calendar attachments of local files are offered to downloaded

None...

PT-2025-49291

Name of the Vulnerable Software and Affected Versions Nextcloud Tables versions prior to 0.8.6 Nextcloud Tables versions prior to 0.9.3 Description A malicious user could create a table and move a column into another user's table. This action was possible in versions before 0.8.6 and 0.9.3...

Nextcloud Tables 安全漏洞

Nextcloud Tables is a table application from Nextcloud Open Source. A security vulnerability exists in Nextcloud Tables versions prior to 0.8.6 and prior to 0.9.3, which stems from a malicious user being able to move columns to the victim table, potentially leading to data tampering...

CVE-2025-64325

Emby Server is a personal media server. Prior to version 4.8.1.0 and prior to Beta version 4.9.0.0-beta, a malicious user can send an authentication request with a manipulated X-Emby-Client value, which gets added to the devices section of the admin dashboard without sanitization. This issue has...

HSEC-2024-0009 Public key confusion in third-party blocks

Public key confusion in third-party blocks Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it: - the public key of t...

Weseek Growi 跨站脚本漏洞

Weseek Growi is an open source wiki system that can be written in Markdown by the Japanese company Weseek. A cross-site scripting vulnerability exists in Weseek Growi versions prior to 7.2.10, which originates when a malicious user creates a page containing specially crafted content that could le...

Talos-Apache-Log-Oversight-Scanner

Talos-Apache-Log-Oversight-Scanner Overview The Talos-Ap...

CVE-2025-37728 Kibana Insufficiently Protected Credentials in the CrowdStrike Connector

Insufficiently Protected Credentials in the Crowdstrike connector can lead to Crowdstrike credentials being leaked. A malicious user can access cached credentials from a Crowdstrike connector in another space by creating and running a Crowdstrike connector in a space to which they have access...