@1771technologies/oneplay (>=0.0.1 <=0.0.6), @cedarjs/cli-storybook-vite (>=1.0.0-canary.12742 <=1.0.0-canary.12784) +15 more potentially affected by CVE-2026-27148 via storybook (>=8.7.0-alpha.0 <=9.1.18)

storybook NPM version =8.7.0-alpha.0, =0.0.1, =1.0.0-canary.12742, =2.0.0-beta.3, =0.0.2-alpha.0, =1.0.0, =0.1.80, =9.0.0-alpha.0, =8.7.0-alpha.0, =9.0.0, =9.0.0-alpha.0, =1.2.1, =0.0.75-beta.11, =1.1.3-beta.3 and more Source cves: CVE-2026-27148 Source advisory: OSV:GHSA-MJF5-7G4M-GX5W...

PT-2026-2483

Name of the Vulnerable Software and Affected Versions Pega Customer Service Framework versions 8.7.0 through 25.1.0 Description A flaw exists in Pega Customer Service Framework that allows a privileged user to upload a malicious file due to an unrestricted file upload. Recommendations Update Pega...

EasyVirt DC NetScope 安全漏洞

EasyVirt DC NetScope is an application from EasyVirt, Inc. provides network insight into the different network layers in the VMware infrastructure. A security vulnerability exists in EasyVirt DC NetScope version 8.7.0 and earlier, which stems from improper handling of the lang, keyboardlayout,...

Cross site scripting

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the Add Field module. The affected versions are before version 8.7.0...