502 matches found
protobufjs: Memory amplification from preserved unknown fields in binary decode
Summary protobufjs 8.2.0 added support for preserving unknown fields encountered during binary decode. Affected versions preserved unknown wire elements in message.$unknowns and did not provide a decode-time option to discard unknown fields before retaining them. A crafted protobuf payload...
GHSA-X4VX-RJVF-J5P4 DOMPurify: `IN_PLACE` mode trusts attacker-controlled `nodeName` on live non-form nodes, allowing script retention and XSS via attacker-supplied DOM objects
Summary When DOMPurify.sanitizeroot, INPLACE: true is called on an attacker-supplied live DOM node, DOMPurify still trusts currentNode.nodeName for non-form nodes in the main sanitizeElements pipeline. A real child node whose observable nodeName is attacker-controlled can therefore be misclassifi...
PT-2026-49585
Name of the Vulnerable Software and Affected Versions protobufjs versions 8.2.0 through 8.4.2 Description protobufjs preserves unknown wire elements in message.$unknowns during binary decode but lacks a decode-time option to discard these fields before retention. A crafted protobuf payload...
CVE-2026-53867 Capgo < 12.128.2 - Orphaned File Retention via Profile Image Replacement
Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage when users replace or remove them. Attackers can access orphaned image files through previously generated URLs, allowing unauthorized retrieval of user-uploaded content...
CVE-2026-53867
Capgo before 12.128.2 does not delete previously uploaded profile images, leaving orphaned files accessible via previously generated URLs, enabling unauthorized retrieval of user-uploaded content. This affects Capgo's backend storage handling when users replace or remove images. The CVE notes MED...
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
TrendAI™ integrates the Claude Compliance API into TrendAI Vision One™ through two collectors that bring AI-aware visibility and detection to Claude Enterprise usage: one keeps all data inside the environment, while the other feeds TrendAI Vision One™ for deeper correlation and compliance...
GHSA-X4GW-5CX5-PGMH Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes
SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates ctx.alloc.bufferhandshakeLength line 161. The guard at line 140 is handshakeLength maxClientHelloLength && maxClientHelloLength != 0, and the...
Unveiling Privacy Risks in Multi-Modal Large Language Models: Task-Specific Vulnerabilities and Mitigation Challenges
Privacy risks in text-only Large Language Models LLMs are well studied, particularly their tendency to memorize and leak sensitive information. However, Multi-modal Large Language Models MLLMs, which process both text and images, introduce unique privacy challenges that remain underexplored...
PT-2026-47587
SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates ctx.alloc.bufferhandshakeLength line 161. The guard at line 140 is handshakeLength maxClientHelloLength && maxClientHelloLength != 0, and the...
CVE-2026-0209
Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured...
CVE-2026-8405
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2026-46424 Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour
Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...
CVE-2026-8405
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
UBUNTU-CVE-2026-45984
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...
CVE-2026-8405
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2026-8405 IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2026-8405 IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
EUVD-2026-32501
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2026-8405
The vulnerability CVE-2026-8405 affects IBM Guardium Data Protection (Guardium Data Protection add-on) with the Long Term Retention (LTR) feature, where sensitive credentials can be exposed in debug mode. Affected versions are 12.2.1 and 12.2.2; the issue is described as CWE-200 (Exposure of Sens...
CVE-2026-8903
The Two-factor authentication formerly IP Vault plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing or incorrect nonce validation on the ipvsavechanges function. This makes it possible for unauthenticated attackers to...