70 matches found
EUVD-2026-11190
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. MQTT v5 Variable Byte Integer parsing out-of-bounds: getvarinteger accepts 5-byte varints without bounds checks; reliably triggers OOB read / crash when built with ASan. This affects 0.24.6 and earlier...
EUVD-2025-205461
NanoMQ MQTT Broker NanoMQ is an Edge Messaging Platform. Prior to version 0.24.2, there is a classical data racing issue about sub info list which could result in heap use after free crash. This issue has been patched in version 0.24.2...
EUVD-2023-28006
Malicious code in bioql PyPI...
EUVD-2025-9368
Malicious code in bioql PyPI...
EUVD-2022-45044
Malicious code in bioql PyPI...
CVE-2025-11025
Insertion of Sensitive Information Into Sent Data vulnerability in Vimesoft Information Technologies and Software Inc. Vimesoft Corporate Messaging Platform allows Retrieve Embedded Sensitive Data.This issue affects Vimesoft Corporate Messaging Platform: from V1.3.0 before V2.0.0...
CVE-2025-11025 Information Disclosure in Vimeosoft Information Technologies' Vimesoft Corporate Messaging Platform
Insertion of Sensitive Information Into Sent Data vulnerability in Vimesoft Information Technologies and Software Inc. Vimesoft Corporate Messaging Platform allows Retrieve Embedded Sensitive Data. This issue affects Vimesoft Corporate Messaging Platform: from V1.3.0 before V2.0.0...
CVE-2025-11025
Insertion of Sensitive Information Into Sent Data vulnerability in Vimesoft Information Technologies and Software Inc. Vimesoft Corporate Messaging Platform allows Retrieve Embedded Sensitive Data. This issue affects Vimesoft Corporate Messaging Platform: from V1.3.0 before V2.0.0...
Vimesoft Messaging Platform 安全漏洞
Vimesoft Messaging Platform is an enterprise instant messaging platform from the Turkish company Vimesoft. A security vulnerability exists in Vimesoft Messaging Platform version V1.3.0 up to and including version V2.0.0, which stems from the embedding of sensitive information in the sent data and...
PT-2025-39637
Name of the Vulnerable Software and Affected Versions Vimesoft Corporate Messaging Platform versions 1.3.0 through 1.9.9 Description A flaw exists in Vimesoft Corporate Messaging Platform that allows for the retrieval of embedded sensitive data. This issue involves the insertion of sensitive...
The Trump Administration Sure Is Having Trouble Keeping Its Comms Private
In the wake of SignalGate, a knockoff version of Signal used by a high-ranking member of the Trump administration was hacked. Today on Uncanny Valley, we discuss the platforms used for government communications...
CVE-2025-31132
Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10...
CVE-2025-31132
Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10...
CVE-2025-31132 Raven allows Remote Code Execution due to improper validation
Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10...
The vulnerability of the MFlash secure data exchange platform lies in the lack of mechanisms for neutralizing elements related to CSV files, allowing attackers to execute arbitrary commands.
The vulnerability of the MFlash secure messaging platform is related to the lack of mechanisms for neutralizing elements related to CSV files. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
BIT-DISCOURSE-2022-46148 Discourse allows self-XSS through malicious composer message
Discourse is an open-source messaging platform. In versions 2.8.10 and prior on the stable branch and versions 2.9.0.beta11 and prior on the beta and tests-passed branches, users composing malicious messages and navigating to drafts page could self-XSS. This vulnerability can lead to a full XSS o...
Line Security Breach
Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v13.6.1, which stems from a kimono-oldnew applet that may disclose access tokens...
Line Security Breach
Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v13.6.1, which originates from the myGAKUYA applet that may disclose access tokens...
Line Security Breach
Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line v13.6.1, which originates in the CHIGASAKI BAKERY applet that may disclose access tokens...
Line Security Breach
Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v13.6.1, which stems from a UNITED BOXING GYM applet that may disclose access tokens...