SUSE CVE-2026-47712

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes ...

EUVD-2026-36186

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes ...

PT-2026-48378

Name of the Vulnerable Software and Affected Versions yt-dlp versions 2023.09.24 through 2026.06.08 Description When curl is used as an external downloader, cookies may be leaked to an unintended host during an HTTP redirect or when the host for download fragments differs from the parent manifest...

GHSA-555P-6GRF-MH7F Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`

Impact dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes - path separators /, , parent-directory components .., and other filename-hostile characters e.g. : were preserved verbatim and...

CVE-2026-50235

Affected software: Lyrion Music Server 9.2.0. Vulnerability: reflected XSS in advanced search parameters that fail to sanitize user input before displaying it in search forms. Impact: can execute arbitrary JavaScript in users’ browsers and potentially steal session information. Exploitation/Detai...

PT-2026-46954

Lyrion Music Server 9.2.0 contains a reflected cross-site scripting vulnerability in advanced search parameters that fail to properly sanitize user input before displaying it in search forms. Attackers can inject malicious scripts through unfiltered search parameters to execute arbitrary JavaScri...

SUSE CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

SUSE CVE-2026-42502

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

EUVD-2026-32093

The Auto Thumbnail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'thumbnails' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on the shortcode's 'width' and 'height' attributes in the athnthumbnail...

DEBIAN-CVE-2026-42502

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

CVE-2026-42502

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

CVE-2026-42502

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

UBUNTU-CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-underscore (UTSA-2026-016621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016621 advisory. The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function,...

bug-bounty-reports

Bug Bounty Reports — Josef Basner Sanitized, redacted, resp...

CVE-2026-5364 Drag and Drop File Upload for Contact Form 7 <= 1.1.3 - Unauthenticated Arbitrary File Upload via sanitize_file_name Bypass

The Drag and Drop File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.1.3. This is due to the plugin extracting the file extension before sanitization occurs and allowing the file type parameter to be controlled by the...

CLSA-2026-1776687226 Fix CVE(s): CVE-2024-52005

SECURITY UPDATE: ANSI escape sequence injection via sideband - debian/patches/CVE-2024-52005.patch: add strbufaddsanitized to mask control characters in sideband output in sideband.c. - CVE-2024-52005...

GHSA-2943-CRP8-38XX goshs is Missing Write Protection for Parametric Data Values

Summary The SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. Details Here is the issue: go // helper.go:155-215 func cmdFileroot string, r sftp.Request, ip string, sftpServer SFTPServer error fullPath...

CVE-2026-40188 goshs is Missing Write Protection for Parametric Data Values

goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...