2 matches found
CVE-2026-5125
A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...
PT-2024-11927 · Wallabag · Wallabag
Name of the Vulnerable Software and Affected Versions: wallabag versions 2.5.2 through 2.5.3 Description: The issue allows attackers to arbitrarily delete user accounts via the "/account/delete" endpoint. This is a Cross-Site Request Forgery CSRF vulnerability. Recommendations: For wallabag...