PT-2026-22761

Name of the Vulnerable Software and Affected Versions Nokia IMPACT versions through 19.11.2.10-20210118042150283 Description A Cross-Site Request Forgery CSRF issue exists in Nokia IMPACT. This allows a remote attacker to import and overwrite the entire application configuration. The issue is due...

EUVD-2025-27482

Malicious code in bioql PyPI...

CVE-2025-58430

listmonk is a standalone, self-hosted, newsletter and mailing list manager. In versions up to and including 1.1.0, every http request in addition to the session cookie session there included nonce. The value is not checked and validated by the backend, removing nonce allows the requests to be...

The vulnerability of the wptodo_addcomment function in the WordPress To Do plugin, a content management system for websites, allows a hacker to perform a CSRF attack.

The vulnerability of the wptodoaddcomment function in the WordPress To Do plugin, a content management system for websites, is related to the of cross-site requests due to incorrect validation of the value of the nonce cookie. Exploiting this vulnerability could allow an attacker to execute a CSR...