CLEANSTART-2026-JW58725 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2x5j-vhc8-9cwm, ghsa-2xsj-vh29-9cwm, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r, ghsa-r6j8-c6r2-37rr applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.0.22-r0, 3.0.23-r0, 3.0.23-r1, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4

Multiple security vulnerabilities affect the argo-cd package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2025-15524

CVE-2025-15524 affects the WordPress plugin Gallery by FooGallery (versions up to and including 3.1.9). A missing capability check in ajax_get_gallery_info() allows authenticated users with Subscriber-level access and above to enumerate gallery IDs and retrieve private/draft/password-protected ga...

CVE-2023-25992

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in CreativeMindsSolutions CM Answers plugin = 3.1.9 versions...

Eclipse Jersey 竞争条件问题漏洞

Eclipse Jersey is a Java Web services development framework from the Eclipse Foundation. A Competitive Conditions Issue vulnerability exists in Eclipse Jersey versions 2.45, 3.0.16, and 3.1.9, which stems from a competitive condition that could lead to the omission of critical SSL configurations,...

PT-2025-45097

Name of the Vulnerable Software and Affected Versions Graphina – Elementor Charts and Graphs plugin for WordPress versions through 3.1.8 Description The Graphina – Elementor Charts and Graphs plugin for WordPress is susceptible to Stored Cross-Site Scripting through multiple chart widgets. This i...

EUVD-2023-50393

Malicious code in bioql PyPI...

EUVD-2024-23224

Malicious code in bioql PyPI...

EUVD-2023-29879

Malicious code in bioql PyPI...

EUVD-2023-27917

Malicious code in bioql PyPI...

EUVD-2022-7603

Malicious code in bioql PyPI...

EUVD-2022-7735

Malicious code in bioql PyPI...

EUVD-2025-31085

Malicious code in bioql PyPI...

CVE-2025-10449

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Saysis Computer Systems Trade Ltd. Co. Saysis Web Portal allows Path Traversal.This issue affects Saysis Web Portal: from 3.1.9 & 3.2.0 before 3.2.1...

CVE-2025-10449 Path Traversal in Saysis Computer Systems' Saysis Web Portal

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Saysis Computer Systems Trade Ltd. Co. Saysis Web Portal allows Path Traversal.This issue affects Saysis Web Portal: from 3.1.9 & 3.2.0 before 3.2.1...

CVE-2025-10449

CVE-2025-10449 affects Saysis Web Portal versions 3.1.9 and 3.2.0 prior to 3.2.1. Root cause is improper limitation of a pathname to a restricted directory, enabling path traversal. Evidence from multiple sources (CVE entries and PT-2025-39365) confirms the issue and lists 3.2.1 as the fixed vers...

PT-2025-39365

Name of the Vulnerable Software and Affected Versions Saysis Web Portal versions 3.1.9 through 3.2.0 Description A Path Traversal issue exists in Saysis Web Portal. The issue allows unauthorized access due to improper limitation of a pathname to a restricted directory. Recommendations Update to...

Saysis Web Portal 路径遍历漏洞

Saysis Web Portal is a web portal product from Saysis, Turkey. A path traversal vulnerability exists in Saysis Web Portal version 3.1.9 and versions 3.2.0 through prior to 3.2.1, which stems from an improperly restricted pathname and could lead to a path traversal attack...

Linux Distros Unpatched Vulnerability : CVE-2025-30472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack- based buffer overflow in orftokenendianconvert in...

Linux Distros Unpatched Vulnerability : CVE-2023-29827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration...

CVE-2024-25922

Missing Authorization vulnerability in Peach Payments Peach Payments Gateway.This issue affects Peach Payments Gateway: from n/a through 3.1.9...