652 matches found
Astra Linux – Vulnerability in libde265
libde265 v1.0.4 contains a heap buffer overflow vulnerability in the mmloadlepi64 function, which can be exploited through a specially crafted file...
EUVD-2026-37650
Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...
CVE-2026-22327
Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...
CVE-2026-22327
CVE-2026-22327 : WordPress Restaurt theme
PT-2026-49348
Administrator Server Side Request Forgery SSRF in PopAd = 1.0.4 versions...
CVE-2026-47177
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...
EUVD-2026-36277
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...
CVE-2026-47177 Quest Bot: Ticket transcripts can disclose private ticket contents to a lower-visibility channel
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...
CVE-2026-47176 Quest Bot: Logging module can disclose private-channel message contents to a lower-visibility log channel
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...
CVE-2026-47176 Quest Bot: Logging module can disclose private-channel message contents to a lower-visibility log channel
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...
CVE-2026-47176
CVE-2026-47176 affects the Quest Bot (open-source Discord bot) prior to version 1.0.4. The vulnerability arises in the logging module: a user who can configure bot settings can enable logging and select a logging channel they can read, which allows the bot to log deleted and edited message conten...
EUVD-2026-36275
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text in public bot replies without disabling mention parsing. A moderator who does not have permission to mention everyone can...
MAL-2026-5623 Malicious code in edu-npm-dependency-chain-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5a2508b833cc9048538d7b995e19fdc3abb6807800a2650ef808f248a3502139 The OpenSSF Package Analysis project identified 'edu-npm-dependency-chain-demo' @ 1.0.4 npm as malicious. It is considered malicious because: -...
PT-2026-48716
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...
PT-2026-48715
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...
PT-2026-48714
Name of the Vulnerable Software and Affected Versions Quest Bot versions prior to 1.0.4 Description Several moderation commands echo user-controlled reason text in public bot replies without disabling mention parsing. This allows a moderator who lacks the permission to mention everyone to force t...
CVE-2026-45544
Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...
CVE-2026-43899
DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulnerable to an arbitrary protocol execution bypass RCE. While the patch correctly restricted...
Malicious code in hello244a (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02e5f7412a9593e0ec3d0d8c28082c01edff82746bd48966c6fb88a3b1f88866 The package contains no library code, no main entry, and no documented functionality. Its only file is package.json, which declares a postinstall...
CVE-2026-45544 Nextcloud: Information Disclosure of view filter metdata via Broken Sensitive Data Masking in ViewService
Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...