EUVD-2026-16315

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backends. The AllAuth rate limiting configuration...

PT-2026-28471

Name of the Vulnerable Software and Affected Versions Tandoor Recipes versions prior to 2.6.0 Description Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions prior to 2.6.0 configure Django REST Framework with BasicAuthentication as a...

Tandoor Recipes 安全漏洞

Tandoor Recipes is an open-source application designed for managing recipes, planning meals, creating shopping lists, and more. Versions of Tandoor Recipes prior to 2.6.0 contained security vulnerabilities. These vulnerabilities stemmed from the image processing pipeline skipping the EXIF metadat...

CVE-2026-22863

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.6.0, node:crypto doesn't finalize cipher. The vulnerability allows an attacker to have infinite encryptions. This can lead to naive attempts at brute forcing, as well as more refined attacks with the goal to learn the server...

CVE-2025-32088

Improper conditions check for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially...

CVE-2025-32732

Summary (CVE-2025-32732): Intel® QuickAssist Technology (QAT) Windows software pre-2.6.0 is vulnerable to a buffer overflow in the Ring 3 user application, which can be exploited by a local, authenticated, low-complexity attacker to cause a denial of service. Impacts may include low confidentiali...

Intel QAT 缓冲区错误漏洞

Intel QAT Windows software refers to the collection of Intel® Data Protection and Compression Acceleration Technology software components that provide support for the Windows operating system. An out-of-bounds write vulnerability exists in Intel QAT Windows software that originates from an...

PT-2024-14517 · Unknown · Paddlepaddle

Name of the Vulnerable Software and Affected Versions: PaddlePaddle versions prior to 2.6.0 Description: The issue is related to a command injection in the get online pass interval function, allowing the execution of arbitrary commands on the operating system. Recommendations: For versions prior ...

PYSEC-2023-134

Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...

MuhammaraJS 代码问题漏洞

MuhammaraJS is a node module with c/cpp bindings by the individual developer Julian Hille. A security vulnerability exists in MuhammaraJS versions prior to 2.6.0. An attacker exploited the vulnerability to cause a denial of service via a specially crafted PDF file...

Google TensorFlow数字错误漏洞

Google TensorFlow is an end-to-end open source machine learning platform. An integer division by zero error vulnerability exists in the implementation of tf.rawops.SparseReshape in versions prior to Google TensorFlow 2.6.0. No details of the vulnerability are currently available...

PT-2021-21775 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can cause undefined behavior via binding a reference to null pointer...

OIC Exponent CMS 输入验证错误漏洞

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. An input validation error vulnerability exists in Exponen...

OIC Exponent CMS 输入验证错误漏洞

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. An input validation error vulnerability exists in Exponen...

CVE-2020-16118

In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imapmboxconnect in libbalsa/imap/imap-handle.c...