EUVD-2025-205851

serverless MCP Server vulnerable to Command Injection in list-projects tool...

PT-2025-54216

Name of the Vulnerable Software and Affected Versions Serverless Framework versions 4.29.0 through 4.29.2 Description The Serverless Framework includes a command injection issue within the built-in MCP server package @serverless/mcp. This affects users utilizing the experimental MCP server featur...

CVE-2024-22206

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth in the App Router or getAuth in the Pages Router. This vulnerability was patched in version 4.29.3...

Privilege escalation

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth in the App Router or getAuth in the Pages Router. This vulnerability was patched in version 4.29.3...

CVE-2024-22206 @clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR)

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth in the App Router or getAuth in the Pages Router. This vulnerability was patched in version 4.29.3...

Github authelia 授权问题漏洞

Github authelia is an application from Github USA. An open source authentication and authorization server that provides 2-factor authentication and single sign-on SSO to applications through a web portal. Authelia versions prior to 4.29.3 have an authorization issue vulnerability that allows a...