CVE-2025-69149

Unauthenticated Local File Inclusion in Top Dog = 1.0.5 versions...

CVE-2025-69149 WordPress Top Dog theme <= 1.0.5 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Top Dog = 1.0.5 versions...

CVE-2026-47189

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...

EUVD-2026-36279

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...

CVE-2026-47189

CVE-2026-47189 — Quest Bot AutoMod removal : The issue affects Quest Bot (Discord bot) prior to version 1.0.5, where the AutoMod remove flow looks up and deletes rules by a global database ID without verifying that the rule belongs to the guild where the command runs. An attacker can learn a vict...

CVE-2026-47188 Quest Bot: Unban and unwarn reason fields still allow bot-powered mass mentions.

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several moderation commands, but /unban and /unwarn still echo user-controlled reason text in public bot messages without allowedMentions. A...

EUVD-2026-36278

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several moderation commands, but /unban and /unwarn still echo user-controlled reason text in public bot messages without allowedMentions. A...

PT-2026-48719

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...

Quest Bot 安全漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.5 contained security vulnerabilities. These vulnerabilities stemmed from the AutoMod deletion process not verifying the server to which the rules belong, potential...

PT-2026-48195

Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the qossetting function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

Tenda PW201A 安全漏洞

The Tenda PW201A is a power line network adapter produced by the Chinese company Tenda. Version 1.0.5 of the Tenda PW201A contains a security vulnerability. This vulnerability stems from a buffer overflow in the page parameter within the qossetting function, which could allow attackers to cause...

Tenda PW201A 安全漏洞

The Tenda PW201A is a power line network adapter produced by the Chinese company Tenda. Version 1.0.5 of the Tenda PW201A contains a security vulnerability. This vulnerability stems from a buffer overflow in the page parameter of the SafeMacFilter function, which could allow attackers to cause...

CVE-2025-65122

Regex Denial of Service in youtube-regex npm package through version 1.0.5...

CVE-2026-40978

SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

EUVD-2026-33722

Thor Vector Graphics ThorVG is a production-ready vector graphics engine. Prior to version 1.0.5, a null pointer dereference in SvgLoader::run allows any caller that passes untrusted SVG data to Picture::load to crash the process with a 6-byte payload. This issue has been patched in version 1.0.5...

CVE-2026-45729

Thor Vector Graphics ThorVG is a production-ready vector graphics engine. Prior to version 1.0.5, a null pointer dereference in SvgLoader::run allows any caller that passes untrusted SVG data to Picture::load to crash the process with a 6-byte payload. This issue has been patched in version 1.0.5...

CVE-2026-45729 ThorVG: Null pointer dereference in SVG loader causes crash via 6-byte malformed input

Thor Vector Graphics ThorVG is a production-ready vector graphics engine. Prior to version 1.0.5, a null pointer dereference in SvgLoader::run allows any caller that passes untrusted SVG data to Picture::load to crash the process with a 6-byte payload. This issue has been patched in version 1.0.5...

CVE-2026-45729 ThorVG: Null pointer dereference in SVG loader causes crash via 6-byte malformed input

Thor Vector Graphics ThorVG is a production-ready vector graphics engine. Prior to version 1.0.5, a null pointer dereference in SvgLoader::run allows any caller that passes untrusted SVG data to Picture::load to crash the process with a 6-byte payload. This issue has been patched in version 1.0.5...

WordPress Top Dog theme <= 1.0.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Top Dog versions = 1.0.5...

auth0-templates-scripts (=80.0.4) potentially affected by unknown CVE via auth0-templates-scripts-utils (=1.0.5)

auth0-templates-scripts-utils NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on auth0-templates-scripts-utils and may be impacted: - auth0-templates-scripts =80.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4490...