CVE-2026-45046

Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive...

CVE-2025-52659

CVE-2025-52659 affects HCL AION version 2, a AI lifecycle management platform. The vulnerability is a Cacheable HTTP Response issue that can cause unintended storage of sensitive or dynamic content, potentially enabling unauthorized access or information disclosure. The CVSS v3.1 base score is 7....

EUVD-2022-35164

Malicious code in bioql PyPI...

Improper Access Control

contao/contao is vulnerable to Improper Access Control. The vulnerability is due to protected content elements rendered as fragments being indexed in the front-end search, which allows an attacker to access sensitive content publicly...

PT-2024-24280 · Ibm · Ibm Openbmc

Name of the Vulnerable Software and Affected Versions: IBM OpenBMC versions FW1050.00 through FW1050.10 Description: The BMCWeb HTTPS server component in IBM OpenBMC could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. Recommendations: For versions...

CVE-2022-2943 WordPress Infinite Scroll – Ajax Load More <= 5.5.3 - Authenticated (Admin+) Arbitrary File Read

The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary file reading in versions up to, and including, 5.5.3 due to insufficient file path validation on the almrepeatersexport function. This makes it possible for authenticated attackers, with administrative...