EUVD-2025-18266

Malicious code in bioql PyPI...

Directory Traversal

org.noear:solon-faas-luffy is vulnerable to Directory Traversal. The vulnerability is due to improper input validation in the solon-faas-luffy component, which allows a remote attacker to conduct XSS attacks...

org.noear:solon.luffy (>=3.1.2 <=3.1.3-RC) potentially affected by CVE-2025-46096 via org.noear:solon-faas-luffy (>=3.1.2 <=3.1.3-RC)

org.noear:solon-faas-luffy MAVEN version =3.1.2, =3.1.2, =3.1.3-RC Source cves: CVE-2025-46096 Source advisory: OSV:GHSA-M63Q-4HR8-5R5H...

org.noear:solon.luffy (>=3.1.2 <=3.1.3-RC) potentially affected by CVE-2025-46096 via org.noear:solon-faas-luffy (>=3.1.2 <=3.1.3-RC)

org.noear:solon-faas-luffy MAVEN version =3.1.2, =3.1.2, =3.1.3-RC Source cves: CVE-2025-46096 Source advisory: SNYK:JAVA-ORGNOEAR-10558115...

GHSA-M63Q-4HR8-5R5H Solon Vulnerable to Directory Traversal

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

Solon Vulnerable to Directory Traversal

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

OpenSolon 安全漏洞

OpenSolon is a full-scenario Java enterprise application development framework open-sourced by OpenSolon. A security vulnerability exists in OpenSolon version 3.1.2, which stems from the presence of directory traversal in the solon-faas-luffy component, which could lead to a cross-site scripting...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

PT-2025-25410 · Unknown +1 · Solon-Faas-Luffy +1

Name of the Vulnerable Software and Affected Versions: solon version 3.1.2 Description: A Directory Traversal issue allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component. Recommendations: For solon version 3.1.2, consider restricting access to the solon-faas-luffy...

CVE-2025-46096

CVE-2025-46096 affects Solon v3.1.2, with a directory traversal vulnerability in the solon-faas-luffy component that enables a remote attacker to trigger XSS. The issue is supported by multiple sources (Red Hat, GHSA, NVD, Snyk) and has remediation guidance to upgrade the affected component to ve...