25 matches found
CLEANSTART-2026-UW03847 Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-24051, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-35469, CVE-2026-39883, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3, ghsa-pc3f-x583-g7j2 applied in versions: 1.34.2-r0, 1.35.0-r0, 1.35.3-r0, 1.35.3-r1, 1.35.3-r2
Multiple security vulnerabilities affect the kubernetes package. These issues are resolved in later releases. See references for individual vulnerability details...
agentic-kernel (>=0.1.0 <=0.1.10), agentiq-semantic-kernel (>=1.0.0 <=1.1.0a20250428) +7 more potentially affected by CVE-2026-26030 via semantic-kernel (>=1.0.0rc1 <=1.35.3)
semantic-kernel PYPI version =1.0.0rc1, =0.1.0, =1.0.0, =1.1.0, =0.1.1, =0.1.0, =0.2.0, =1.2.0, =0.0.1, =1.0.0, =1.0.3 Source cves: CVE-2026-26030 Source advisory: SNYK:PYTHON-SEMANTICKERNEL-15323118...
Vaultwarden 安全漏洞
Vaultwarden is an alternative implementation of the Bitwarden server API, developed by Daniel García using Rust. Versions of Vaultwarden prior to 1.35.3 contained a security vulnerability. This vulnerability stemmed from improper access control for endpoints, ciphers, and organization-details,...
PT-2026-7721
Name of the Vulnerable Software and Affected Versions vaultwarden versions prior to 1.35.3 Description vaultwarden, an unofficial Bitwarden compatible server written in Rust, previously known as bitwarden rs, had a flaw where a standard organization member could access all ciphers within an...
CVE-2025-66460
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, Lookyloo passed improperly escaped values to cells rendered in datatables using the orthogonal-data feature. It is definitely exploitable from the popu...
CVE-2025-66459
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, a XSS vulnerability can be triggered when a user submits a list of URLs to capture, one of them contains a HTML element, and the capture fails. Then, t...
CVE-2025-66459
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, a XSS vulnerability can be triggered when a user submits a list of URLs to capture, one of them contains a HTML element, and the capture fails. Then, t...
CVE-2025-66458
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, there are multiple XSS due to unsafe use of f-strings in Markup. The issue requires a malicious 3rd party server responding with a JSON document...
CVE-2025-66460 Lookyloo vulnerable to XSS due to lack of escaping in HTML elements passed to Datatables
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, Lookyloo passed improperly escaped values to cells rendered in datatables using the orthogonal-data feature. It is definitely exploitable from the popu...
CVE-2025-66460 Lookyloo vulnerable to XSS due to lack of escaping in HTML elements passed to Datatables
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, Lookyloo passed improperly escaped values to cells rendered in datatables using the orthogonal-data feature. It is definitely exploitable from the popu...
CVE-2025-66459 Lookyloo vulnerable to XSS due to unescaped error message passed to innerHTML
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, a XSS vulnerability can be triggered when a user submits a list of URLs to capture, one of them contains a HTML element, and the capture fails. Then, t...
CVE-2025-66459 Lookyloo vulnerable to XSS due to unescaped error message passed to innerHTML
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, a XSS vulnerability can be triggered when a user submits a list of URLs to capture, one of them contains a HTML element, and the capture fails. Then, t...
EUVD-2025-200304
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, a XSS vulnerability can be triggered when a user submits a list of URLs to capture, one of them contains a HTML element, and the capture fails. Then, t...
CVE-2025-66459 Lookyloo vulnerable to XSS due to unescaped error message passed to innerHTML
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, a XSS vulnerability can be triggered when a user submits a list of URLs to capture, one of them contains a HTML element, and the capture fails. Then, t...
CVE-2025-66458 Lookyloo has multiple XSS due to unsafe use of f-strings in Markup
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, there are multiple XSS due to unsafe use of f-strings in Markup. The issue requires a malicious 3rd party server responding with a JSON document...
CVE-2025-66458 Lookyloo has multiple XSS due to unsafe use of f-strings in Markup
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, there are multiple XSS due to unsafe use of f-strings in Markup. The issue requires a malicious 3rd party server responding with a JSON document...
EUVD-2025-200306
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, there are multiple XSS due to unsafe use of f-strings in Markup. The issue requires a malicious 3rd party server responding with a JSON document...
Lookyloo 跨站脚本漏洞
Lookyloo is a website capture tool from Lookyloo open source. A cross-site scripting vulnerability exists in Lookyloo versions prior to 1.35.3, which stems from improperly escaping orthogonal data in datatables and could lead to a cross-site scripting attack...
PT-2025-48751
Name of the Vulnerable Software and Affected Versions Lookyloo versions prior to 1.35.3 Description Lookyloo is a web interface used to capture website pages and display a tree of domains that interact with each other. Prior to version 1.35.3, multiple Cross-Site Scripting XSS issues exist due to...
PT-2025-48753
Name of the Vulnerable Software and Affected Versions Lookyloo versions prior to 1.35.3 Description Lookyloo is a web interface used to capture and display a tree of domains that interact with each other. Versions of Lookyloo prior to 1.35.3 improperly escape values passed to cells rendered in...