GHSA-F9F8-RM49-7JV2 Github Actions issued GITHUB_TOKEN disclosure in GitHub Actions logs

Summary Composer leaks the full contents of tokens configured as GitHub OAuth tokens if they do not match Composer's expected format for such tokens to stderr. GitHub has introduced a new format for GitHub Actions GITHUBTOKEN values. These tokens are validated in the same way by Composer on GitHu...

GHSA-MWMH-MQ4G-G6GR Electron: Registry key path injection in app.setAsDefaultProtocolClient on Windows

Impact On Windows, app.setAsDefaultProtocolClientprotocol did not validate the protocol name before writing to the registry. Apps that pass untrusted input as the protocol name may allow an attacker to write to arbitrary subkeys under HKCU\Software\Classes, potentially hijacking existing protocol...

EUVD-2026-18276

Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logssmtp.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open call, which allows command injection due to an incomplete...

CVE-2026-34791

Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logsproxy.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open call, which allows command injection due to an incomplete...

PT-2026-29757

Name of the Vulnerable Software and Affected Versions Endian Firewall versions 3.3.25 and prior Description Endian Firewall versions 3.3.25 and earlier allow authenticated users to execute arbitrary OS commands through the DATE parameter in the '/cgi-bin/logs smtp.cgi' endpoint. The vulnerability...

CVE-2026-34430

ByteDance DeerFlow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...

CVE-2026-32770

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.19 and 8.6.43, a remote attacker can crash the Parse Server by subscribing to a LiveQuery with an invalid regular expression pattern. The server process terminates when the...

EUVD-2026-14952

Host and event action script input is validated with a regex set by the administrator, but the validation runs in multiline mode. If ^ and $ anchors are used in user input validation, an injected newline lets authenticated users bypass the check and inject shell commands...

CVE-2026-32770 Parse Server: LiveQuery subscription with invalid regular expression crashes server

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.19 and 8.6.43, a remote attacker can crash the Parse Server by subscribing to a LiveQuery with an invalid regular expression pattern. The server process terminates when the...

CVE-2026-32770

CVE-2026-32770 affects the Parse Server project via the LiveQuery feature. The issue occurs when a remote attacker subscribes to LiveQuery with an invalid regular expression pattern, which can cause the server process to crash and lead to a denial of service for all connected clients. Affected ve...

GHSA-827P-G5X5-H86C Parse Server LiveQuery subscription with invalid regular expression crashes server

Impact A remote attacker can crash the Parse Server by subscribing to a LiveQuery with an invalid regular expression pattern. The server process terminates when the invalid pattern reaches the regex engine during subscription matching, causing denial of service for all connected clients. Patches...

EUVD-2006-4515

Malware in sbrugna...

EUVD-2024-36468

Malicious code in bioql PyPI...

EUVD-2022-1482

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-10640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Community and Enterprise Edition before 11.7.10, 11.8.x before 11.8.6, and 11.9.x before 11.9.4. A regex input validation issu...

Linux Distros Unpatched Vulnerability : CVE-2023-39365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links...

PT-2025-26255 · Powsybl · Powsybl

Name of the Vulnerable Software and Affected Versions: PowSyBl versions prior to 6.7.2 Description: The issue is a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the PowSyBl's DataSource mechanism. This vulnerability can be exploited when the listNamesString rege...

CVE-2024-52289

authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirecturi value received as an allowed redirect URI, without escaping...

CVE-2024-37155

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Prior to version 6.1.9, the regex validation used to prevent Introspection queries can be bypassed by removing the extra whitespace, carriage return, and line feed...

CVE-2024-37155

CVE-2024-37155 (OpenCTI) affects OpenCTI prior to 6.1.9. The issue arises from a bypass of the GraphQL introspection validation: removing whitespace, carriage returns, and line feeds (\r\n) defeats the regex, enabling unauthenticated full Introspection queries and potential data exposure. This ca...