CVE-2026-32047

This CVE ID has been rejected...

CVE-2025-23042

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...

📄 WhatsApp Android Contact Gating Bypass

WhatsApp Android has a contact gating bypass in groups that leads to interaction-less media download. Background To prevent security issues and spam, WhatsApp for Android requires some form of user interaction to automatically download files from non-contacts: a. After adding someone as a contact...

CVE-2025-62047 WordPress Case Addons plugin < 1.3.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Case-Themes Case Addons case-addons.This issue affects Case Addons: from n/a through 1.3.0...

EUVD-2006-0766

Malware in sbrugna...

EUVD-2010-3093

Malware in sbrugna...

EUVD-2008-2540

Malware in sbrugna...

EUVD-2018-9653

Malware in sbrugna...

EUVD-2021-1513

Malware in sbrugna...

EUVD-2006-4216

Malware in sbrugna...

EUVD-2008-4341

Malware in sbrugna...

EUVD-2018-9666

Malware in sbrugna...

CVE-2024-11739

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Case Informatics Case ERP allows SQL Injection. This issue affects Case ERP: before V2.0.1...

CVE-2024-6701

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type...

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.20

Logging for Red Hat OpenShift - 5.8.20 Logging for Red Hat OpenShift - 5.8.20 logging-loki-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html （CVE-2024-45338）...

GHSA-43QF-4RQW-9Q2G Flask-CORS vulnerable to Improper Handling of Case Sensitivity

corydolphin/flask-cors version 5.0.1 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

CVE-2024-6866

corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

CVE-2024-6866 Case-Insensitive Path Matching in corydolphin/flask-cors

corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

CVE-2024-6866

CVE-2024-6866 concerns corydolphin/flask-cors. The issue arises from using the host-oriented try_match for path matching, making path comparisons effectively case-insensitive while URLs are case-sensitive. This can allow unauthorized origins to access restricted paths and potentially expose data....

CVE-2025-24399

Jenkins OpenId Connect Authentication Plugin 4.452.v2849bd3945fa and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configured with a case-sensitive OpenID Connect provider to log in as any user by providing a username that...