HashiCorp Vault 安全漏洞

HashiCorp Vault is a private key access management tool developed by the American company HashiCorp. Versions of HashiCorp Vault prior to 2.0.0, as well as versions prior to 1.21.5, 1.20.10, and 1.19.16, contain security vulnerabilities. These vulnerabilities stem from Vault’s practice of...

CVE-2026-4393

The CVE-2026-4393 issue is a CSRF vulnerability in the Drupal Automated Logout module. The Root Cause: the logout routes are not sufficiently protected against CSRF, enabling an authenticated user to trigger unintended actions. Affected software: Drupal Automated Logout module; affected versions ...

Mozilla Firefox < 3.0.15

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 3.0.15. It is, therefore, affected by a vulnerability as referenced in the mfsa2009-55 advisory. - Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute...

PT-2025-41618

Name of the Vulnerable Software and Affected Versions Drupal Facets versions prior to 2.0.10 Drupal Facets versions prior to 3.0.1 Description A flaw exists in Drupal Facets that allows for Cross-Site Scripting XSS. This occurs due to improper neutralization of input during web page generation. T...

PT-2024-40433 · Surrealdb · Surrealdb

Name of the Vulnerable Software and Affected Versions: SurrealDB versions prior to 2.0.4 Description: The issue occurs when the parser fails to handle the conversion of an empty string to a SurrealDB value, such as when casting to a record, duration, or datetime, or when parsing an empty string t...