CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: crossplane, vcluster, nfpm, flux-kustomize-controller, q, crossplane-provider-aws-cloudfront, wal-g, witness, terragrunt, crossplane-provider-aws-cloudwatchlogs, crossplane-provider-aws-memorydb, kots, crossplane-provider-aws-s3, xeol, cerbos,...

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Vulnerabilities for packages: crossplane, vcluster, nfpm, flux-kustomize-controller, q, crossplane-provider-aws-cloudfront, wal-g, witness, terragrunt, crossplane-provider-aws-cloudwatchlogs, crossplane-provider-aws-memorydb, kots, crossplane-provider-aws-s3, xeol, cerbos,...

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: terraform-fips, crossplane-provider-family-azure, openbao-fips, cert-manager-cmctl, packer-fips, apko-fips, crossplane-provider-aws-dynamodb-fips, policy-controller, buildkitd, hydra, hydra-fips, tekton-pipelines-fips, crossplane-provider-aws-lambda-fips, wolfictl,...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in qs-6.13.0.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in qs-6.13.0.tgz Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. SummaryThe arrayLimit option in qs does not enforce...

CVE-2026-27896 MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity

The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing in versions prior to 1.3.1. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc...

[SECURITY] Fedora 42 Update: python-pyasn1-0.6.2-1.fc42

This is an implementation of ASN.1 types and codecs in the Python programming language...

PT-2026-21362

ASN.1 TypeScript ESM library, including codecs for Basic Encoding Rules BER and Distinguished Encoding Rules DER. In versions 11.0.5 and below, in some cases, decoding an INTEGER could leak the underlying ArrayBuffer. This issue is expected to be fixed in version 11.0.6...

CVE-2025-65519

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

ezBookkeeping 安全漏洞

ezBookkeeping is a lightweight personal accounting application developed by mayswind developers. Versions of ezBookkeeping 1.2.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation of nested depths during the processing of JSON and XML file...

CVE-2026-25494

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

CVE-2026-25925

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...

CVE-2026-25925 PowerDocu Affected by Remote Code Execution via Insecure Deserialization

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...

CVE-2026-25925

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...

GHSA-M5R2-8P9X-HP5M Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via Alternative IP Notation

I observed a recent commit intended to mitigate Server-Side Request Forgery SSRF vulnerabilities. While the implemented defense mechanisms are an improvement, I have identified two methods to bypass these protections. This report details the first bypass method involving alternative IP notation,...

Server-side Request Forgery (SSRF)

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the saveAsset mutation in GraphQL when alternative IP notations are used in the URL parameter. An attacker can access internal cloud metadata services by...

Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via Alternative IP Notation

I observed a recent commit intended to mitigate Server-Side Request Forgery SSRF vulnerabilities. While the implemented defense mechanisms are an improvement, I have identified two methods to bypass these protections. This report details the first bypass method involving alternative IP notation,...

CVE-2026-25494

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

CVE-2026-25494

Craft CMS versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21 are affected by a vulnerability in the saveAsset GraphQL mutation, where filter_var(..., FILTER_VALIDATE_IP) blocks a defined IP list but fails to recognize hexadecimal or mixed notations, allowing bypass of the blocklist t...

PT-2026-7144

Name of the Vulnerable Software and Affected Versions Craft versions 4.0.0-RC1 through 4.16.17 Craft versions 5.0.0-RC1 through 5.8.21 Description The saveAsset GraphQL mutation in Craft does not properly validate IP addresses used to access cloud metadata services. The application uses filter...

CVE-2026-25632 EPyT-Flow has unsafe JSON deserialization (__type__)

EPyT-Flow is a Python package designed for the easy generation of hydraulic and water quality scenario data of water distribution networks. Prior to 0.16.1, EPyT-Flow’s REST API parses attacker-controlled JSON request bodies using a custom deserializer myloadfromjson that supports a type field...