2 matches found
CVE-2026-34405 Nuxt OG Image vulnerable to reflected XSS via query parameter injection into HTML attributes
Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a vulnerability that allows injection of arbitrary attributes into the HTML page body. This issue has been patched in...
CVE-2025-47754
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!ConvMacroData function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution...