2 matches found
CVE-2026-28785
Ghostfolio prior to version 2.244.0 is vulnerable to arbitrary SQL execution via the getHistorical() method due to symbol validation bypass, potentially allowing read/modify/delete of sensitive financial data for all users. Affected software: Ghostfolio open source wealth management. Root cause: ...
CVE-2025-65947
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the threadamount function calls CreateToolhelp32Snapshot but fails to close the return...