CVE-2026-33036

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references &NNN;, &xHH; and standard XML entities completely evade the entity expansion limits e.g.,...

Security Bulletin: IBM FileNet Content Manager GraphQL Cross-site request forgery security vulnerability

Summary IBM FileNet Content Manager in GraphQL, there is a Cross-site request forgery security vulnerability. Vulnerability Details CVEID:CVE-2020-4745 DESCRIPTION: IBM FileNet Content Manager is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...

GNUBOARD5 访问控制错误漏洞

GNUBOARD5 is a web forum system based on PHP and MySQL. A security vulnerability exists in GNUBOARD5 versions 5.5.4 and 5.5.5, which stems from the presence of insecure privileges and can be exploited by an attacker to change all users' passwords without knowing the victim's original password...