CVE-2026-40184 Unauthenticated Access to Uploaded Files in TREK

TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2...

EulerOS Virtualization 2.13.1 : expat (EulerOS-SA-2025-2622)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted fo...

PT-2025-37445

Name of the Vulnerable Software and Affected Versions Expat versions prior to 2.7.2 Description libexpat allows attackers to trigger large dynamic memory allocations via a small document submitted for parsing. This can lead to crashes or unpredictable behavior. Recommendations Update to a version...

PYSEC-2023-197

Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs.Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from the fact that tf.rawops.SparseTensorToCSRSparseMatrix does not ful...

PT-2021-9741 · Comodo +1 · Combodo Itop +1

Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 2.7.2 and 3.0.0 Description: The issue affects Combodo iTop, a web-based IT Service Management tool. By modifying the target browser's local storage, an XSS can be generated in the iTop console breadcrumb...

AZL-34973 CVE-2019-14274 affecting package mcpp for versions less than 2.7.2-28

MCPP 2.7.2 has a heap-based buffer overflow in the domsg function in support.c...