Nhost 数据伪造问题漏洞

Nhost is an open-source backend service platform developed by Nhost. Versions of Nhost prior to 0.12.0 had a data manipulation vulnerability. This vulnerability stemmed from the file upload processing mechanism in the storage service, which trusted the Content-Type header provided by the client...

CVE-2025-66488

Discourse is an open source discussion platform. A vulnerability present in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 affects anyone who uses S3 for uploads. While scripts may be executed, they will only be run in the context of the S3/CDN domain, with no site credentials...