348 matches found
EUVD-2026-10907
Wisp Vulnerable to Path Traversal...
Directory Traversal
Overview std/os is a Go standard library package std/os Affected versions of this package are vulnerable to Directory Traversal. Go Vulnerability Report:On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file...
CVE-2026-29087 @hono/node-server: Authorization bypass for protected static paths via encoded slashes in Serve Static Middleware
@hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @hono/node-server's static file serving together with route-based middleware protections e.g. protecting /admin/, inconsistent URL decoding can allow protected static resources to be accessed...
CVE-2026-29045
CVE-2026-29045 affects the Hono web framework used by IBM App Connect Enterprise/Certified Container. Prior to 4.12.4, using serveStatic with route-based middleware protections could bypass authorization due to a mismatch: the router decoded with decodeURI while serveStatic used decodeURIComponen...
Directory Traversal
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the static file serving API. An attacker can access files outside the intended directory by placing symbolic links within the root directory and requesting those...
CVE-2026-27199 Werkzeug safe_join() allows Windows special device names
Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...
CVE-2026-27199 Werkzeug safe_join() allows Windows special device names
Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...
Werkzeug safe_join() allows Windows special device names
Werkzeug's safejoin function allows Windows device names as filenames if when preceded by other path segments. This was previously reported as https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safejoin accepts...
Open5GS 安全漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the function...
CVE-2025-70297
A stored cross-site scripting XSS vulnerability in the recipe asset upload and media serving component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary web script or HTML via an uploaded SVG file that is served as image/svg+xml and rendered by a victim s browser...
CVE-2025-70297
A stored cross-site scripting XSS vulnerability in the recipe asset upload and media serving component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary web script or HTML via an uploaded SVG file that is served as image/svg+xml and rendered by a victim s browser...
CVE-2025-70297
A stored cross-site scripting XSS vulnerability in the recipe asset upload and media serving component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary web script or HTML via an uploaded SVG file that is served as image/svg+xml and rendered by a victim s browser...
PT-2026-7650
A stored cross-site scripting XSS vulnerability in the recipe asset upload and media serving component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary web script or HTML via an uploaded SVG file that is served as image/svg+xml and rendered by a victim s browser...
CVE-2025-70297
A stored cross-site scripting XSS vulnerability in the recipe asset upload and media serving component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary web script or HTML via an uploaded SVG file that is served as image/svg+xml and rendered by a victim s browser...
CVE-2025-70297
Mealie 3.3.1 contains a stored XSS in the recipe asset upload and media serving component. Remote authenticated users can inject arbitrary scripts via an uploaded SVG file served as image/svg+xml and rendered in a victim’s browser. The reports across NVD/Red Hat/OSV indicate the vulnerability aff...
Rethinking Latency Denial-Of-Service: Attacking the LLM Serving Framework, Not the Model
Large Language Models face an emerging and critical threat known as latency attacks. Because LLM inference is inherently expensive, even modest slowdowns can translate into substantial operating costs and severe availability risks. Recently, a growing body of research has focused on algorithmic...
fluoriclogppka (>=0.1.0 <=0.2.7), h2o-wave-ml (>=0.3.0 <=0.5.0) +3 more potentially affected by CVE-2024-5986 via h2o (>=3.18.0.8 <=3.44.0.3)
h2o PYPI version =3.18.0.8, =0.1.0, =0.3.0, =0.4.5, =0.0.1, =0.0.102 - tsanalysis =0.1.0 Source cves: CVE-2024-5986 Source advisory: OSV:GHSA-WJ3H-WX8G-X699...
GHSA-Q5C6-H22R-QPWR NocoDB Vulnerable to Stored Cross-Site Scripting via SVG upload
Summary A stored Cross-site Scripting XSS vulnerability exists in NocoDB’s attachment handling mechanism. Authenticated users can upload malicious SVG files containing embedded JavaScript, which are later rendered inline and executed in the browsers of other users who view the attachment. Because...
NocoDB Vulnerable to Stored Cross-Site Scripting via SVG upload
Summary A stored Cross-site Scripting XSS vulnerability exists in NocoDB’s attachment handling mechanism. Authenticated users can upload malicious SVG files containing embedded JavaScript, which are later rendered inline and executed in the browsers of other users who view the attachment. Because...
EUVD-2026-3138
A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly...