3 matches found
CVE-2026-52808 Gogs: Write-level collaborators can mutate admin-only repository settings via API
Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent...
PT-2025-50771
Name of the Vulnerable Software and Affected Versions LibreChat versions 0.8.0 and below Description A flaw exists in LibreChat versions 0.8.0 and below where modification of the iconURL parameter in a POST request allows an attacker to store malicious code within a chat. Sharing this chat with...
Mozilla Firefox Security Advisory (MFSA2025-28) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2025-28. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...