CVE-2025-71281

XenForo before 2.3.7 does not properly restrict methods callable from within templates. A loose prefix match was used instead of a stricter first-word match for methods accessible through callbacks and variable method calls in templates, potentially allowing unauthorized method invocations...

EUVD-2022-26896

Malicious code in bioql PyPI...

Authorization

wasmCloud Host Runtime is a server process that securely hosts and provides dispatch for web assembly WASM actors and capability providers. In versions prior to 0.52.2 actors can bypass capability authorization. Actors are normally required to declare their capabilities for inbound invocations, b...

CVE-2022-21707 Incorrect Authorization in wasmCloud

wasmCloud Host Runtime is a server process that securely hosts and provides dispatch for web assembly WASM actors and capability providers. In versions prior to 0.52.2 actors can bypass capability authorization. Actors are normally required to declare their capabilities for inbound invocations, b...

PT-2022-15054 · Unknown · Wasmcloud Host Runtime

Name of the Vulnerable Software and Affected Versions: wasmCloud Host Runtime versions prior to 0.52.2 Description: The issue affects the security model of actors in the wasmCloud Host Runtime, allowing them to bypass capability authorization. Normally, actors are required to declare their...