CVE-2026-12050 pgAdmin 4: SQL injection in named restore point endpoint

SQL injection in pgAdmin 4's named restore point endpoint POST /browser/server/restorepoint/gid/sid. The user-supplied 'value' field was interpolated directly into the SQL string with str.format instead of being passed as a bound parameter, allowing an authenticated pgAdmin user with a connected...

CVE-2026-12050

SQL injection in pgAdmin 4's named restore point endpoint POST /browser/server/restorepoint/gid/sid. The user-supplied 'value' field was interpolated directly into the SQL string with str.format instead of being passed as a bound parameter, allowing an authenticated pgAdmin user with a connected...

Malicious code in node-vfs-polyfill (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb213e524ed75dcb54961d6d2ee9431ea6a32f4fdcb9d777bc260102920d81b On install, postinstall.js executes automatically and exfiltrates host reconnaissance data to attacker-controlled subdomains on oastify.com Burp...

MAL-2026-6143 Malicious code in node-vfs-polyfill (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb213e524ed75dcb54961d6d2ee9431ea6a32f4fdcb9d777bc260102920d81b On install, postinstall.js executes automatically and exfiltrates host reconnaissance data to attacker-controlled subdomains on oastify.com Burp...

Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints

Summary signalk-server versions up to and including 2.27.0 contain a Server-Side Request Forgery SSRF vulnerability in three administrative endpoints used for remote Signal K server connection management. The makeRemoteRequest function accepts attacker-controlled host, port, useTLS, and...

GHSA-Q59X-JC9F-GFQF Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints

Summary signalk-server versions up to and including 2.27.0 contain a Server-Side Request Forgery SSRF vulnerability in three administrative endpoints used for remote Signal K server connection management. The makeRemoteRequest function accepts attacker-controlled host, port, useTLS, and...

PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks

Summary JWSVerifier::getAlgorithm in src/Library/Signature/JWSVerifier.php line 144 merges protected and unprotected headers using PHP's spread operator: php $completeHeader = ...$signature-getProtectedHeader, ...$signature-getHeader; In PHP, when spreading arrays with duplicate string keys, the...

GHSA-JC38-X7X8-2XC8 PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks

Summary JWSVerifier::getAlgorithm in src/Library/Signature/JWSVerifier.php line 144 merges protected and unprotected headers using PHP's spread operator: php $completeHeader = ...$signature-getProtectedHeader, ...$signature-getHeader; In PHP, when spreading arrays with duplicate string keys, the...

spomky-labs/otphp: Mass-assignment in Factory::loadFromProvisioningUri lets a hostile provisioning URI corrupt OTP state or leak an uncaught TypeError

Summary OTPHP\Factory::loadFromProvisioningUri parses an attacker-supplied otpauth:// URI and forwards every query key to OTP::setParameter$key, $value. setParameter resolves the name with propertyexists$this, $parameter and performs a dynamic write $this-$parameter = $value src/OTP.php:196-197...

GHSA-2JX3-65F3-XR8R spomky-labs/otphp: Mass-assignment in Factory::loadFromProvisioningUri lets a hostile provisioning URI corrupt OTP state or leak an uncaught TypeError

Summary OTPHP\Factory::loadFromProvisioningUri parses an attacker-supplied otpauth:// URI and forwards every query key to OTP::setParameter$key, $value. setParameter resolves the name with propertyexists$this, $parameter and performs a dynamic write $this-$parameter = $value src/OTP.php:196-197...

OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns

Summary OpenClaw's exec allowlist supported optional argPattern entries to restrict the arguments accepted for an allowlisted executable. In affected releases, Linux and macOS gateways skipped argPattern checks and treated a matching executable path as sufficient to satisfy the allowlist. This...

GHSA-V2WW-5RH7-2H5V OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns

Summary OpenClaw's exec allowlist supported optional argPattern entries to restrict the arguments accepted for an allowlisted executable. In affected releases, Linux and macOS gateways skipped argPattern checks and treated a matching executable path as sufficient to satisfy the allowlist. This...

Exploit for OS Command Injection in Fortinet Fortisandbox

CVE-2026-39808 !Pythonhttps://img.shields.io/badge/Python...

CVE-2026-47846

Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRAUSER environment variable, the container initialization script creates the new superuser account but fails to drop the built-in cassand...

OpenClaw: Exported session HTML could keep unsafe markdown links

Summary Exported session HTML could keep unsafe markdown links. In affected versions, content rendered into an exported session could preserve unsafe javascript: or data: links in generated HTML. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...

GHSA-W9HF-3PP7-PVXV OpenClaw: Exported session HTML could keep unsafe markdown links

Summary Exported session HTML could keep unsafe markdown links. In affected versions, content rendered into an exported session could preserve unsafe javascript: or data: links in generated HTML. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple issues in Hugging Face Transformers [CVE-2025-14924, CVE-2025-14928, CVE-2025-14929, CVE-2025-14930]

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple issues in Hugging Face Transformers CVE-2025-14924, CVE-2025-14928, CVE-2025-14929, CVE-2025-14930. Hugging Face Transformers is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the details for...

SOC127---SQL-Injection-Detected

SOC127---SQL-Injection-Detected detected sql injection and inv...

Exploit for CVE-2026-7515

CVE-2026-7515: BetterDocs Pro views-get"layouts/encyclopedia...

Unix Command Shell, Bind TCP (via socat)

Creates an interactive shell via socat Module Options msf use payload/cmd/unix/bindsocattcp msf payloadbindsocattcp show actions ...actions... msf payloadbindsocattcp set ACTION msf payloadbindsocattcp show options ...show and set options... msf payloadbindsocattcp run This module requires...