EUVD-2026-5619

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...

Data Visualization MCP Server 代码注入漏洞

The Data Visualization MCP Server is a context-based protocol server developed by Isaac Wasserman, designed for data visualization purposes. The Data Visualization MCP Server has a code injection vulnerability, which stems from incorrect handling of the vegalitespecification parameter, potentiall...

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Versions of FUXA 1.2.9 and earlier contain security vulnerabilities. These vulnerabilities stem from information leaks, which may lead to the retrieval of sensitive management database credentials...

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Versions of FUXA 1.2.9 and earlier contain security vulnerabilities. These vulnerabilities stem from authorization bypasses, which could allow unverified remote attackers to modify device labels...

PT-2026-7186

Name of the Vulnerable Software and Affected Versions FUXA versions through 1.2.9 Description FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. A path traversal issue allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server...

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Version 1.2.7 of FUXA contains a security vulnerability. This vulnerability stems from the project import function not properly cleaning or sandboxing the scripts provided by users. As a result, remote code execution may...

com.codbex.atlas:codbex-atlas-application (=2.108.0), org.eclipse.dirigible:dirigible-application (=12.91.0) +4 more potentially affected by CVE-2026-25128 via org.webjars.npm:fast-xml-parser (=5.2.5)

org.webjars.npm:fast-xml-parser MAVEN version =5.2.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:fast-xml-parser and may be impacted: - com.codbex.atlas:codbex-atlas-application =2.108.0 - org.eclipse.dirigible:dirigible-application...

PIDSMaker: Building and Evaluating Provenance-Based Intrusion Detection Systems

Recent provenance-based intrusion detection systems PIDSs have demonstrated strong potential for detecting advanced persistent threats APTs by applying machine learning to system provenance graphs. However, evaluating and comparing PIDSs remains difficult: prior work uses inconsistent preprocessi...

EUVD-2026-4973

An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is...

B&R Industrial Automation Process Visualization Interface log information leakage vulnerability

B&R Industrial Automation Process Visualization Interface is a process visualization tool developed by B&R Industrial Automation in Austria. Versions of the B&R Industrial Automation Process Visualization Interface prior to version 6.5 contained a vulnerability related to log information leakage...

@mwater/visualization (>=5.4.0 <=5.7.0) potentially affected by CVE-2026-1513 via billboard.js (>=3.12.2 <=3.14.0)

billboard.js NPM version =3.12.2, =5.4.0, =5.7.0 Source cves: CVE-2026-1513 Source advisory: SNYK:JS-BILLBOARDJS-15135694...

Introducing SITF: The First Threat Framework Dedicated to SDLC Infrastructure

Moving beyond simple checklists to visualize, map, and block attacks on production SDLC infrastructure...

Predicting Tail-Risk Escalation in IDS Alert Time Series

Network defenders face a steady stream of attacks, observed as raw Intrusion Detection System IDS alerts. The sheer volume of alerts demands prioritization, typically based on high-level risk classifications. This work expands the scope of risk measurement by examining alerts not only through the...

CVE-2026-21883 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

GHSA-793V-589G-574V vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

CVE-2026-21883 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

GHSA-793V-589G-574V vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

CVE-2026-21892

Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...

CVE-2021-27390

A vulnerability has been identified in JT2Go All versions V13.1.0.3, Teamcenter Visualization All versions V13.1.0.3. The TIFFloader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end...

CVE-2021-33738

A vulnerability has been identified in JT2Go All versions V13.2.0.2, Teamcenter Visualization All versions V13.2.0.2. The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds read past th...