CVE-2026-42157 Flowsint: Stored XSS on map node marker in map page

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, a remote attacker can create a map node with a malicious label that contains arbitrary HTML. When the map tab is selected and a map node marker is...

PT-2026-21846

Name of the Vulnerable Software and Affected Versions InvenTree versions prior to 1.2.3 Description InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom...

PT-2025-52862

Name of the Vulnerable Software and Affected Versions LangChain versions prior to 0.3.37 @langchain/core versions prior to 0.3.80 LangChain versions prior to 1.2.3 @langchain/core versions prior to 1.1.8 Description LangChain is a framework designed for building applications powered by Large...

CVE-2022-36829

PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent...

Trudesk 信息泄露漏洞

Chris Brame Trudesk is an open source help desk/ticketing solution from Chris Brame, U.S.A. An information disclosure vulnerability exists in versions prior to Chris Brame Trudesk 1.2.3, which stems from the application exposing sensitive information to unauthorized participants. An attacker coul...

Chris Brame Trudesk 输入验证错误漏洞

Chris Brame Trudesk is an open source helpdesk/ticketing solution from Chris Brame USA. A security vulnerability exists in versions prior to Chris Brame Trudesk 1.2.3 that stems from an integer overflow or wrap around in the application...