EUVD-2026-0914

A flaw has been found in bg5sbk MiniCMS up to 1.8. Impacted is the function deletepage of the file /minicms/mc-admin/page.php of the component File Recovery Request Handler. This manipulation causes improper authentication. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-24010 Vite allows any websites to send any requests to the development server and read the response

Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation on the Origin header for WebSocket connections. This vulnerability is fixed in 6.0.9, 5.4.12, and...

WordPress Essential Addons for Elementor plugin <= 6.0.9 - Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by wesley wcraft in WordPress Plugin Essential Addons for Elementor versions = 6.0.9...

bboss 代码注入漏洞

bboss is a J2EE framework in the bboss open source. A security vulnerability exists in bboss bboss-persistent v6.0.9 and earlier versions, which stems from a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool...

DEBIAN-CVE-2021-3470

A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use...