12019 matches found
CVE-2026-8722
Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...
Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend
Impact The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling: - XML External Entity XXE attacks to read local files or cause denial of service - Decompression bombs zip bombs to exhaust memory and disk space - Unbounded archive extraction...
GHSA-8646-J5J9-6R62 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets
When using React Router v7's unstable RSC APIs, there exists a potential client-side XSS issue in the RSC redirect handling if redirects are coming from untrusted sources !NOTE This only impacts your application if you are using the unstable RSC APIs in React Router...
CVE-2025-14772
creationtimestamp| type| source ---|---|--- 2026-06-03 06:01:01+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-545 2026-06-03 11:44:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mneztvokii2u 2026-06-03 16:12:05+00:00| seen|...
CVE-2026-10701
creationtimestamp| type| source ---|---|--- 2026-06-03 04:52:24+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-prodotti-mozilla-6 2026-06-03 12:25:14+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnf44jhtx423...
CVE-2026-47201
creationtimestamp| type| source ---|---|--- 2026-06-02 23:00:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mndp5rge442i 2026-06-02 23:28:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndqqez4742e...
CVE-2026-5076
creationtimestamp| type| source ---|---|--- 2026-06-02 20:57:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndibeexqb2m 2026-06-02 21:00:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mndih7w5ct25 2026-06-03 02:06:19+00:00| seen|...
CVE-2026-5073
creationtimestamp| type| source ---|---|--- 2026-06-02 20:49:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndhtf445z2f 2026-06-02 21:00:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mndigzd4da22...
EUVD-2026-34028
authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an account in one of the configured sources can log into any account. This issue has been patched in versions 2025.12.6, 2026.2.4, an...
EUVD-2026-33994
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
CVE-2026-34077
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
CVE-2026-34077
React Router upstream vulnerability CVE-2026-34077 affects versions 7.7.0–7.13.1 where, when using unstable React Server Components APIs, the RSC redirect handling can lead to a client-side XSS if redirects come from untrusted sources. The issue does not impact non-RSC applications. A fix is avai...
CVE-2026-33245 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
CVE-2026-33245 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
CVE-2026-33245
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
CVE-2026-33245
CVE-2026-33245 affects React Router versions 7.7.0–7.13.1 when using unstable React Server Components (RSC) APIs. The issue is a client-side XSS vulnerability in the RSC redirect handling if redirects originate from untrusted sources. Applications not using the unstable RSC APIs are not affected....
CVE-2026-25260
creationtimestamp| type| source ---|---|--- 2026-06-02 06:00:25+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mnbw5isizs2f 2026-06-02 06:00:34+00:00| seen| https://infosec.exchange/users/offseq/statuses/116678985188082035...
CVE-2026-34906
creationtimestamp| type| source ---|---|--- 2026-06-02 03:55:00+00:00| seen| https://cert.pl/en/posts/2026/06/CVE-2026-34906 2026-06-02 10:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116680047071361908 2026-06-02 11:34:19+00:00| seen|...
PT-2026-45826
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
PT-2026-45828
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...