CVE-2026-33709 JupyterHub has an Open Redirect Vulnerability

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an...

CVE-2026-33709

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an...

CVE-2026-33709 JupyterHub has an Open Redirect Vulnerability

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an...

CVE-2026-33709

JupyterHub (multi-user Jupyter notebook server) is affected by an open redirect in versions prior to 5.4.4. The vulnerability allows crafted links to redirect users from the JupyterHub login page to an attacker-controlled site, bypassing the login-page redirect protection. The issue is mitigated ...

Joomla! Access Control Vulnerability (20260301)

Joomla! is prone to an access control vulnerability. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2026-32418

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: from n/a through = 5.4.4...

EUVD-2026-11941

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: from n/a through = 5.4.4...

CVE-2026-32418 WordPress Meow Gallery plugin <= 5.4.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: from n/a through = 5.4.4...

WordPress plugin Meow Gallery SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2025-46246

Name of the Vulnerable Software and Affected Versions Auto Amazon Links – Amazon Associates Affiliate Plugin versions prior to 5.4.4 Description The Auto Amazon Links – Amazon Associates Affiliate Plugin for WordPress is susceptible to unauthorized access to arbitrary files. This is possible...

EUVD-2022-1790

Malicious code in bioql PyPI...

EUVD-2023-0805

Malicious code in bioql PyPI...

CVE-2025-53528

Cadwyn (FastAPI-based API versioning tool) is affected by CVE-2025-53528 due to a Reflected XSS vulnerability in the version parameter of the /docs endpoint. The issue allows an attacker to execute JavaScript in a user’s session via a crafted link. The vulnerability is fixed in version 5.4.3; rem...

CVE-2023-32121

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Highfivery LLC Zero Spam for WordPress allows SQL Injection.This issue affects Zero Spam for WordPress: from n/a through 5.4.4...

CVE-2025-39367

Missing Authorization vulnerability in SeventhQueen Kleo kleo.This issue affects Kleo: from n/a through 5.4.4...

CVE-2025-39367

CVE-2025-39367 describes a missing/unauthorized access issue in the WordPress theme KLEO (SeventhQueen Kleo). Affected versions are prior to 5.4.4 ; the root cause is a missing authorization (a broken access control) vulnerability. The vulnerability is addressed in version 5.4.4 or later. CVSSv3....

WordPress plugin SeventhQueen Kleo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

CVE-2024-56209 WordPress Kleo theme < 5.4.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SeventhQueen Kleo allows Reflected XSS.This issue affects Kleo: from n/a before 5.4.4...

WordPress plugin Kleo 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

PT-2024-35929 · Analytify · Analytify

Name of the Vulnerable Software and Affected Versions: Analytify versions prior to 5.4.4 Description: The issue is related to the exposure of sensitive system information to an unauthorized control sphere. This could potentially allow unauthorized access to sensitive data. Recommendations: For...