CVE-2026-40495

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the hideversionpublic security setting. The FOSSBilling version is embedded in the query string of every...

CVE-2026-40495 FOSSBilling version exposed via asset cache buster

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the hideversionpublic security setting. The FOSSBilling version is embedded in the query string of every a...

EUVD-2026-34175

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the hideversionpublic security setting. The FOSSBilling version is embedded in the query string of every a...

CVE-2026-40495

FOSSBilling prior to 0.8.0 leaks the exact system version via asset cache buster parameters in HTML output. The version is embedded in the query string of every [removed] and tag created by the script_tag and stylesheet_tag Twig filters, making it visible to all visitors, including unauthenticat...

CVE-2026-40495 FOSSBilling version exposed via asset cache buster

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the hideversionpublic security setting. The FOSSBilling version is embedded in the query string of every a...

CVE-2026-42051

CVE-2026-42051 affects Kirby CMS. The issue: the /api/system endpoint exposed installed Kirby version and license data to authenticated users due to missing authorization. It is patched in Kirby 4.9.0 and 5.4.0, with the fix enforcing the access.system permission to restrict exposure. Impact is а...

Curl 7.33.0 < 8.19.0 Token Leak with Redirect and Netrc

The version of curl installed on the remote host is 7.33.0 prior to 8.19.0. It is, therefore, affected by a token leak with redirect and netrc vulnerability: - When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that...

EUVD-2002-0405

Malware in sbrugna...

EUVD-2002-0242

Malware in sbrugna...

EUVD-2002-0863

Malware in sbrugna...

EUVD-2002-2170

Malware in sbrugna...

EUVD-2023-37456

Malicious code in bioql PyPI...

EUVD-2022-34105

Malicious code in bioql PyPI...

EUVD-2024-50409

Malicious code in bioql PyPI...

EUVD-2025-24820

Malicious code in bioql PyPI...

EUVD-2022-44937

Malicious code in bioql PyPI...

EUVD-2023-42802

Malicious code in bioql PyPI...

SUSE: Security Advisory (SUSE-SU-2025:01939-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-26691

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...

CVE-2024-22200

vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0...