6 matches found
OESA-2026-2974 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.8.2 has an integer overflow in storeAtts.CVE-2026-56403 libexpat before 2.8.2 has an integer overflow in...
OESA-2026-2973 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.8.2 has an integer overflow in storeAtts.CVE-2026-56403 libexpat before 2.8.2 has an integer overflow in...
CVE-2026-25494 Craft has a SSRF in GraphQL Asset Mutation via Alternative IP Notation
Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...
CVE-2026-25494 Craft has a SSRF in GraphQL Asset Mutation via Alternative IP Notation
Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...
CVE-2026-25494
Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...
CVE-2025-1364
creationtimestamp| type| source ---|---|--- 2025-02-16 23:15:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lidef4gpi22i 2025-02-17 00:40:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4704 2025-02-17 01:29:37+00:00| seen| https://t.me/cvedetector/18213...