JLSEC-2026-47

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

Exploit for CVE-2025-48757

🛡️ Supabase Sentinel A Claude Skill that audits your Supaba...

MiracleLinux 9 : postgresql:16 (AXSA:2024-9501:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9501:01 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

TencentOS Server 4: postgresql16 (TSSA-2024:0908)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0908 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

KB5068406 - Description of the security update for SQL Server 2022 CU21: November 11, 2025

KB5068406 - Description of the security update for SQL Server 2022 CU21: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information File information...

KB5068405 - Description of the security update for SQL Server 2019 GDR: November 11, 2025

KB5068405 - Description of the security update for SQL Server 2019 GDR: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

KB5068402 - Description of the security update for SQL Server 2017 CU31: November 11, 2025

KB5068402 - Description of the security update for SQL Server 2017 CU31: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

KB5068403 - Description of the security update for SQL Server 2017 GDR: November 11, 2025

KB5068403 - Description of the security update for SQL Server 2017 GDR: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

KB5068407 - Description of the security update for SQL Server 2022 GDR: November 11, 2025

KB5068407 - Description of the security update for SQL Server 2022 GDR: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

KB5068404 - Description of the security update for SQL Server 2019 CU32: November 11, 2025

KB5068404 - Description of the security update for SQL Server 2019 CU32: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information File information...

EUVD-2023-26958

Malicious code in bioql PyPI...

EUVD-2025-16441

Malicious code in bioql PyPI...

EUVD-2025-16474

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-10976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and...

Apache Superset < 4.1.2 Multiple Vulnerabilities

According to its self-reported version, the Apache Superset is prior to 4.1.2. It is, therefore, affected by multiple vulnerabilities. - Improper Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions...

BIT-SUPERSET-2025-48912 Apache Superset: Improper authorization bypass on row level security via SQL Injection

An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allowed the execution of sub-queries to evade parsing defenses ultimately granting unauthorized access to data. This issue affects...

SQL Injection

Apache Superset is vulnerable to SQL injection. The vulnerability is due to improper input handling in the sqlExpression fields, allowing attackers to inject sub-queries and bypass row-level security...

CVE-2025-48757

An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote unauthenticated attackers to read or write to arbitrary database tables of generated sites. NOTE: this is disputed by the Supplier because each individual customer of the Lovable platform accepts a...

Apache Superset: Improper authorization bypass on row level security via SQL Injection

An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allowed the execution of sub-queries to evade parsing defenses ultimately granting unauthorized access to data. This issue affects...

GHSA-8W7F-8PR9-XGWJ Apache Superset: Improper authorization bypass on row level security via SQL Injection

An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allowed the execution of sub-queries to evade parsing defenses ultimately granting unauthorized access to data. This issue affects...