chrisbao_package1 (>=1.0.0 <=1.0.1), dss-bloodrelation (>=1.0.0 <=1.0.6) +4 more potentially affected by unknown CVE via @antv/g6-plugins (=1.0.9)

@antv/g6-plugins NPM version =1.0.9 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/g6-plugins and may be impacted: - chrisbaopackage1 =1.0.0, =1.0.0, =0.1.0, =1.3.7, =1.1.0, =1.1.2 Source cves: unknown CVE Source advisory:...

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

CVE-2026-6341

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

CVE-2026-6342

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to appropriately check for valid namespaces which allows plugin users to create subscriptions to groups that were not whitelisted via creating groups that share the same prefix as a whitelisted group. Mattermost Advisory ID:...

CVE-2026-6341

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

CVE-2026-6341

Mattermost advisories describe a vulnerability in Mattermost Plugins affecting versions

EUVD-2026-30746

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

CVE-2026-6341 Incomplete group locking implementation

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

CVE-2026-6341 Incomplete group locking implementation

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

CVE-2026-6342

Mattermost plugins vulnerable to a namespace prefix-matching bypass. Affected: Mattermost Plugins versions

CVE-2026-6342

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to appropriately check for valid namespaces which allows plugin users to create subscriptions to groups that were not whitelisted via creating groups that share the same prefix as a whitelisted group. Mattermost Advisory ID:...

CVE-2026-6342 Group prefix matching bypass for subscriptions

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to appropriately check for valid namespaces which allows plugin users to create subscriptions to groups that were not whitelisted via creating groups that share the same prefix as a whitelisted group. Mattermost Advisory ID:...

CVE-2026-3220 Multiple Plugins - Unauthenticated Stored XSS via Minify Library

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.5, 11.1.5, 10.13.11, and 11.3.4.0 of Mattermost Plugins contain security vulnerabilities. These...

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.5, 11.1.5, 10.13.11, and 11.3.4.0 of Mattermost Plugins have security vulnerabilities. These...

FacturaScripts 输入验证错误漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2026 contained a vulnerability related to input validation errors. This vulnerability stemmed from the Plugins::add function not properly verifying the file paths in...

PT-2026-41765

Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Description When handling 'PUT /containers/id/archive' requests with compressed archives, the daemon decompresses them using external system binaries. Due to incorrect operation ordering, these binaries a...

PT-2026-41646

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.5, 11.1.5, 10.13.11, and 11.3.4.0 of Mattermost Plugins contain security vulnerabilities. These...

WordPress多款产品 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...