8 matches found
CVE-2026-47225
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...
CVE-2026-47225
Type: CVE-2026-47225 affects Typesense search engine. A cache isolation flaw in versions prior to 29.1 and 30.2 affects requests that use both server-side search result caching and Scoped Search API Keys. Under certain request ordering, cached results could be reused across requests with differen...
EUVD-2026-36511
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...
CVE-2026-47225 Improper Search Cache Isolation for Scoped Search API Keys in Typesense
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...
PT-2026-48945
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...
GHSA-8P34-64R3-MWG8 Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument
Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...
SQL injection vulnerability in the searchKeys parameter of the showresult.jsp page of the newspaper system of Beijing Zixin Newspaper Technology Development Co.
Zixin Newspaper Digital Newspaper System is a professional information-based multimedia publishing platform for internal journals, newspapers and magazines in different industries, such as newspapers, magazines, schools, groups of enterprises, governments and non-profit organizations. A SQL...
SQL injection vulnerability in the searchKeys parameter of newspaper system advresult.jsp page at Beijing Zixin Newspaper Technology Development Co.
Zixin Newspaper Digital Newspaper System is a professional information-based multimedia publishing platform for internal journals, newspapers and magazines in different industries, such as newspapers, magazines, schools, groups of enterprises, governments and non-profit organizations. A SQL...