Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.9 views

PT-2026-56253

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.24 Description Dashboard text components render stored content using Vue v-html without server-side HTML sanitization. This allows an authenticated user with permissions to edit dashboard component data to injec...

5.1CVSS6.2AI score0.00269EPSS
Exploits0References7
NVD
NVD
added 2026/03/06 5:16 p.m.8 views

CVE-2026-29082

Kestra is an event-driven orchestration platform. In versions from 1.1.10 and prior, Kestra’s execution-file preview renders user-supplied Markdown .md with markdown-it instantiated as html:true and injects the resulting HTML with Vue’s v-html without sanitisation. At time of publication, there a...

7.3CVSS0.00232EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/04 8:51 a.m.3 views

Malicious code in vue-integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0efc0a22034000a68b77f7b5cfddbb864cc72d9bb239e7fe1af0feb7643d1ae3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/03/04 8:51 a.m.7 views

MAL-2025-2139 Malicious code in vue-integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0efc0a22034000a68b77f7b5cfddbb864cc72d9bb239e7fe1af0feb7643d1ae3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder