16 matches found
PT-2026-42177
Name of the Vulnerable Software and Affected Versions phoenix storybook versions 0.4.0 through 1.0.x Description An authorization bypass occurs due to user-controlled keys, allowing cross-session PubSub topic injection via a URL query parameter. The function handle params/3 in...
Gitlab -- vulnerabilities
Gitlab reports: Cross-Site Request Forgery issue in GraphQL API impacts GitLab CE/EE GitLab Improper Resolution of Path Equivalence issue in Web IDE asset impacts GitLab CE/EE Cross-site Scripting issue in Storybook impacts GitLab CE/EE Denial of Service issue in discussions endpoint impacts GitL...
Security Bulletin: Vulnerabilities in Storybook affects IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Potential vulnerability in Storybook has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-68429 DESCRIPTION:...
TencentOS Server 4: grafana (TSSA-2026:0165)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0165 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
@boxcustodia/library (>=1.5.1-canary.0 <=1.5.1-canary.2), @buttery/cli (>=0.4.2 <=0.4.11) +24 more potentially affected by CVE-2026-27148 via storybook (>=8.1.1 <=8.6.16)
storybook NPM version =8.1.1, =1.5.1-canary.0, =0.4.2, =0.1.3, =1.0.0-canary.12734, =0.11.4, =0.12.4, =0.0.1-3d99df6-20260330104634, =7.33.6-qa-airteam-7.35.1.0, =0.0.3, =2.0.0-beta.1, =0.2.36, =0.1.51, =0.1.3, =8.3.3, =8.2.0, =8.6.16 and more Source cves: CVE-2026-27148 Source advisory:...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @cedarjs/cli-storybook-vite (>=1.0.0-canary.12742 <=1.0.0-canary.12784) +15 more potentially affected by CVE-2026-27148 via storybook (>=8.7.0-alpha.0 <=9.1.18)
storybook NPM version =8.7.0-alpha.0, =0.0.1, =1.0.0-canary.12742, =2.0.0-beta.3, =0.0.2-alpha.0, =1.0.0, =0.1.80, =9.0.0-alpha.0, =8.7.0-alpha.0, =9.0.0, =9.0.0-alpha.0, =1.2.1, =0.0.75-beta.11, =1.1.3-beta.3 and more Source cves: CVE-2026-27148 Source advisory: OSV:GHSA-MJF5-7G4M-GX5W...
@asherng/storybook (>=0.0.18 <=0.1.14), @bluefin-exchange/starship-v2 (>=1.1.1 <=1.1.16) +32 more potentially affected by CVE-2026-27148 via storybook (>=7.0.12 <=7.6.20)
storybook NPM version =7.0.12, =0.0.18, =1.1.1, =0.0.1, =0.0.4, =1.2.108, =3.50.0-next.2, =9.0.0-next.4, =1.0.967, =0.0.1, =1.0.0, =1.2.2, =0.0.1, =0.0.1, =7.6.4-next.32, =6.0.0-canary.234, =6.0.0-canary.318 and more Source cves: CVE-2026-27148 Source advisory: SNYK:JS-STORYBOOK-15353401...
Linux Distros Unpatched Vulnerability : CVE-2025-68429
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Storybook is a frontend workshop for building user interface components and pages in isolation. A vulnerability present starting in versions 7.0.0 and prior to...
@cedarjs/cli-storybook-vite (>=1.0.0-canary.12742 <=1.0.0-canary.12784), @cyberskill/shared (=1.176.0) +11 more potentially affected by CVE-2025-68429 via storybook (>=9.0.0 <=9.1.16)
storybook NPM version =9.0.0, =1.0.0-canary.12742, =0.0.2-alpha.0, =1.0.0, =0.1.80, =9.0.0, =9.0.0, =1.2.1, =0.0.75-beta.11, =0.2.7, =9.0.0, =9.1.16 Source cves: CVE-2025-68429 Source advisory: OSV:GHSA-8452-54WP-RMV6...
@asherng/storybook (>=0.0.18 <=0.1.14), @bluefin-exchange/starship-v2 (>=1.1.1 <=1.1.16) +32 more potentially affected by CVE-2025-68429 via storybook (>=7.0.12 <=7.6.20)
storybook NPM version =7.0.12, =0.0.18, =1.1.1, =0.0.1, =0.0.4, =1.2.108, =3.50.0-next.2, =9.0.0-next.4, =1.0.967, =0.0.1, =1.0.0, =1.2.2, =0.0.1, =0.0.1, =7.6.4-next.32, =6.0.0-canary.234, =6.0.0-canary.318 and more Source cves: CVE-2025-68429 Source advisory: OSV:GHSA-8452-54WP-RMV6...
CVE-2025-68429
Storybook is a frontend workshop for building user interface components and pages in isolation. A vulnerability present starting in versions 7.0.0 and prior to versions 7.6.21, 8.6.15, 9.1.17, and 10.1.10 relates to Storybook’s handling of environment variables defined in a .env file, which could...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @cedarjs/cli-storybook-vite (>=1.0.0-canary.12742 <=1.0.0-canary.12784) +14 more potentially affected by CVE-2025-68429 via storybook (>=9.0.0-alpha.0 <=9.1.16)
storybook NPM version =9.0.0-alpha.0, =0.0.1, =1.0.0-canary.12742, =0.0.2-alpha.0, =1.0.0, =0.1.80, =9.0.0-alpha.0, =9.0.0, =9.0.0, =9.0.0-alpha.0, =1.2.1, =0.0.75-beta.11, =0.2.7, =0.2.8 and more Source cves: CVE-2025-68429 Source advisory: SNYK:JS-STORYBOOK-14534871...
CVE-2025-68429 Storybook manager bundle may expose environment variables during build
Storybook is a frontend workshop for building user interface components and pages in isolation. A vulnerability present starting in versions 7.0.0 and prior to versions 7.6.21, 8.6.15, 9.1.17, and 10.1.10 relates to Storybook’s handling of environment variables defined in a .env file, which could...
CVE-2025-68429 Storybook manager bundle may expose environment variables during build
Storybook is a frontend workshop for building user interface components and pages in isolation. A vulnerability present starting in versions 7.0.0 and prior to versions 7.6.21, 8.6.15, 9.1.17, and 10.1.10 relates to Storybook’s handling of environment variables defined in a .env file, which could...
Storybook 安全漏洞
Storybook is an open source UI component development environment from Storybook. A security vulnerability exists in Storybook versions prior to 7.6.21, 8.6.15, 9.1.17, and 10.1.10, which stems from the handling of environment variables in .env files that may be accidentally packaged into build...
PT-2025-51974
Name of the Vulnerable Software and Affected Versions Storybook versions prior to 7.6.21 Storybook versions prior to 8.6.15 Storybook versions prior to 9.1.17 Storybook versions prior to 10.1.10 Description Storybook’s handling of environment variables defined in a .env file can, in certain...