Rocket.Chat <3.9.1 - Information Disclosure

Rocket.Chat through 3.9.1 is susceptible to information disclosure. An attacker can enumerate email addresses via the password reset function and thus potentially access sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-28208 info: name: Rocket.Chat 3.9.1 -...

EUVD-2025-17566

Malicious code in bioql PyPI...

EUVD-2022-1309

Malicious code in bioql PyPI...

EUVD-2022-1759

Malicious code in bioql PyPI...

EUVD-2022-1572

Malicious code in bioql PyPI...

EUVD-2022-6385

Malicious code in bioql PyPI...

CVE-2025-5892

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression...

CVE-2025-5892

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression...

CVE-2025-5892

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression...

CVE-2025-5892 RocketChat parseMessage.js parseMessage redos

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression...

CVE-2025-5892 RocketChat parseMessage.js parseMessage redos

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression...

CVE-2025-5892

CVE-2025-5892 affects Rocket.Chat up to 7.6.1. The issue is in the parseMessage.js function (parseMessage) where manipulation of the line argument causes inefficient regular expression complexity, enabling a potential remote attack. Public exploit information is present in the sources. Remediatio...

PT-2025-24553 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: RocketChat versions up to 7.6.1 Description: A problematic issue has been found in RocketChat, affecting the parseMessage function of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the line argument...

CVE-2022-34802

Jenkins RocketChat Notifier Plugin 1.5.2 and earlier stores the login password and webhook token unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2022-28138

A cross-site request forgery CSRF vulnerability in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential...

CVE-2022-28139

A missing permission check in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-21830

A blind self XSS vulnerability exists in RocketChat LiveChat...

@rocket.chat/core-typings (>=6.3.0 <=6.3.13), @rocket.chat/rest-typings (>=6.3.0 <=6.3.13) potentially affected by CVE-2024-46935 via @rocket.chat/message-parser (=0.31.24)

@rocket.chat/message-parser NPM version =0.31.24 is affected by a known vulnerability. The following packages have a transitive dependency on @rocket.chat/message-parser and may be impacted: - @rocket.chat/core-typings =6.3.0, =6.3.0, =6.3.13 Source cves: CVE-2024-46935 Source advisory:...

RocketChat LiveChat Security Breach

RocketChat LiveChat is a small, lightweight application from RocketChat, Inc. designed to provide B2C business-to-customer communication between agents and website visitors. A security vulnerability exists in RocketChat LiveChat that stems from the presence of a NoSQL injection that can leak...

Jenkins RocketChat Notifier Plugin信息泄露漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An information disclosure vulnerability...