1397991 matches found
CVE-2026-54243
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...
CVE-2026-54163 secure_headers: CSP directive injection via sandbox, plugin_types, and report_to when given untrusted input
secureheaders manages application of security headers with many safe defaults. Prior to 7.3.0, secureheaders builds the Content-Security-Policy value by stitching directives with ; separators, and buildsandboxlistdirective, buildmediatypelistdirective, and buildreporttodirective interpolate...
CVE-2026-54163
secureheaders manages application of security headers with many safe defaults. Prior to 7.3.0, secureheaders builds the Content-Security-Policy value by stitching directives with ; separators, and buildsandboxlistdirective, buildmediatypelistdirective, and buildreporttodirective interpolate...
Flask-Reuploaded: Extension-denylist bypass via case-folding asymmetry in name-override path (incomplete-fix variant of CVE-2026-27641)
Header | Field | Value | |---|---| | Title | Extension-denylist bypass via case-folding asymmetry in name-override path incomplete-fix variant of CVE-2026-27641 | | Project | Flask-Reuploaded flaskuploads | | Affected | extension"shell.php" = "php" - extensionallowed"php" - DENY correct...
Prompty: Arbitrary code execution via JavaScript frontmatter in TypeScript loader
Summary The TypeScript Prompty loader used gray-matter without overriding executable frontmatter engines. gray-matter supports JavaScript frontmatter blocks such as ---js and evaluates them while parsing. An attacker-controlled .prompty file could therefore execute arbitrary JavaScript during...
EUVD-2026-44939
Prompty: Arbitrary code execution via JavaScript frontmatter in TypeScript loader...
CVE-2026-50151
CVE-2026-50151 affects oras-go prior to 2.6.1. During monolithic blob uploads, blobStore.completePushAfterInitialPost reuses the initial POST’s Authorization header for a subsequent PUT, while following a registry-controlled Location header. A malicious registry can return a cross-host Location a...
CVE-2026-4938
CVE-2026-4938 affects IBM Verify Identity Access (11.0–11.0.2) and IBM Security Verify Access (10.0–10.0.9.1) plus their Identity Access/Verify Access Containers. The vulnerability allows an attacker with read-only privileges to perform unauthorized modifications and deployments outside their ass...
CVE-2026-4942
IBM i 7.3–7.6 (5770-SS1) is affected by CVE-2026-4942, which allows a remote attacker to send a crafted message that downgrades TLS to a version disabled by server configuration. The CVSSv3.1 base score is 5.9 (Impact: Confidentiality High, Integrity/Availability None; Attack Vector Network, Atta...
CVE-2026-4942 IBM i is Affected by Algorithm Downgrade in Transport Layer Security []
IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security TLS protocol to a version disabled in the server configuration...
CVE-2026-7364
CVE-2026-7364 affects IBM Verify Identity Access (11.0–11.0.2), IBM Security Verify Access (10.0–10.0.9.1), and corresponding Identity/Access Containers. The issue is an open redirect vulnerability that could enable a remote attacker to phishing victims via specially crafted requests redirecting ...
CVE-2026-7364 Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access
IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 and IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 could allow a remote attacker to conduct phishing attacks, caused by an...
CVE-2026-50185
RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. From 0.1.1 until 0.5.4, the aarch64 implementations of Cmov and CmovEq in cmov/src/backends/aarch64.rs assume high bits ar...
CVE-2026-53712
SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. Prior to 3.3, a flaw in com.ongres.scram:scram-client and com.ongres.scram:scram-common allows an attacker capable of a TLS...
CVE-2026-8861 Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access
IBM Security Verify could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...
CVE-2026-8861
The CVE-2026-8861 entry concerns IBM Security Verify products (Identity Access and Security Verify Access). The issue arises when a detailed technical error message is returned in the browser, enabling a remote attacker to disclose sensitive information and potentially facilitate further attacks....
EUVD-2026-45257
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 commit 94981c443d4918517b9e8163d70fc598dc33a32d contain a code injection vulnerability in the Policies component's ToolGuard integration that bypasses the allowcustomcomponents=false security control. The vulnerability exists...
plone.restapi: Stored XSS by spoofing mime type
Impact A stored XSS affecting RichText fields. RichTextValue.output returns the raw, unsanitized stored value whenever the stored mimeType equals the outputMimeType. Because the safe-HTML output type text/x-html-safe is the type that signifies "already sanitized", any value whose stored mimeType...
CVE-2026-53712
The CVE describes a vulnerability in the OnGres SCRAM library (com.ongres.scram:scram-client and scram-common) where, prior to version 3.3, a TLS MITM can silently downgrade SCRAM-SHA-256-PLUS with channel binding to SCRAM-SHA-256 without channel binding when an X.509 certificate uses modern sign...
CVE-2026-48016
Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, the Store API endpoint /store-api/handle-payment in src/Core/Checkout/Payment/SalesChannel/HandlePaymentMethodRoute.php accepts a user-controlled orderId and forwards it to src/Core/Checkout/Payment/PaymentProcessor.php witho...