4 matches found
CVE-2026-35515
Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.18, SseStream.transform interpolates message.type and message.id directly into Server-Sent Events text protocol output without sanitizing newline characters \r, \n. Since the SSE protocol treats both \r and ...
CVE-2026-35515
Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.18, SseStream.transform interpolates message.type and message.id directly into Server-Sent Events text protocol output without sanitizing newline characters \r, \n. Since the SSE protocol treats both \r and ...
CVE-2025-20896
Use of implicit intent for sensitive communication in EasySetup prior to version 11.1.18 allows local attackers to access sensitive information...
PT-2025-4178 · Easysetup · Easysetup
Name of the Vulnerable Software and Affected Versions: EasySetup versions prior to 11.1.18 Description: The issue concerns the use of implicit intent for sensitive communication in EasySetup, allowing local attackers to access sensitive information. Recommendations: For versions prior to 11.1.18,...