CVE-2026-27596

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

EUVD-2026-9214

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Creator role can inject arbitrary SQL via the DATEADD formula's unit parameter. This issue has been patched in version 0.301.3...

EUVD-2026-9208

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Editor role can inject arbitrary HTML into Rich Text cells by bypassing the TipTap editor and sending raw HTML via the API. This issue has been patched in version 0.301.3...

CVE-2025-52470

Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting XSS vulnerability exists in the sessioncategoryadd.php script. The vulnerability is caused by improper sanitization of the Category Name field, allowing privileged users to inject persistent JavaScrip...

CVE-2025-52564 Chamilo: HTML injection via open parameter

Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML, such as underlined text, via a crafted URL. This issue has been patched in version 1.11.30...

CVE-2025-52563

Chamilo (LMS) is affected by a reflected XSS vulnerability in the session/add_users_to_session.php endpoint caused by insufficient sanitization of the page parameter. The issue exists before version 1.11.30 and is patched in v1.11.30. Evidence across sources (CVE-2025-52563) confirms the vulnerab...

CVE-2025-52475 Chamilo: Reflected XSS via keyword_inactive parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability in the admin/userlist.php endpoint. The keywordinactive parameter is not properly sanitized, allowing attackers to inject malicious JavaScript through a crafted URL. This...

EUVD-2025-208177

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability due to improper sanitization of the keywordactive parameter in admin/userlist.php. This issue has been patched in version 1.11.30...

CVE-2025-52469 Chamilo: Friend Request Workflow Bypass - Unauthorized Friend Addition and ID Validation Bypass

Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo’s social network module allows an authenticated user to forcibly add any user as a friend by directly calling the AJAX endpoint. The attacker can bypass the normal fl...

EUVD-2025-208162

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injection vulnerability in /plugin/vchamilo/views/import.php with the POST tomaindatabase parameter. This issue has been patched in version 1.11.30...

PT-2026-22636

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 0.301.3 Description NocoDB is software for building databases as spreadsheets. An authenticated user with Creator role can inject arbitrary SQL via the DATEADD formula's unit parameter. The issue affects versions prior...

CVE-2026-27153

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, moderators could export user Chat DMs via the CSV export endpoint by exploiting an overly permissive allowlist in canexportentity?. The method allowed moderators to export any entity not explicit...

CVE-2026-27627

Karakeep is a elf-hostable bookmark-everything app. In version 0.30.0, when the Reddit metascraper plugin returns readableContentHtml, the HTML parsing subprocess uses it directly without running it through DOMPurify. Every other content source in the crawler goes through Readability + DOMPurify,...

PT-2026-22183

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2025.12.2 Discourse versions prior to 2026.1.1 Discourse versions prior to 2026.2.0 Description Discourse is an open source discussion platform. Before versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint...

EUVD-2026-8705

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Message Center accepts the URL parameter showall=yes and passes it to getPnotesByUser, which returns all internal messages all users’ notes. The backend does not...

EUVD-2026-7414

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a continue statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger ...

CVE-2026-25985 Memory allocation with excessive without limits in the internal SVG decoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate 674 GB of memory, leading to an out-of-memory abort. Versions...

CVE-2026-25982 ImageMagick Has Heap Out-of-Bounds Read in DCM Decoder (ReadDCMImage)

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the coders/dcm.c module. When processing DICOM files with a specific configuration, the decoder loop incorrect...

CVE-2026-25971

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs, leading to a stack overflow. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

CVE-2026-25968

ImageMagick vulnerabilty CVE-2026-25968: a stack buffer overflow occurs in msl.c when processing an attribute, where a long value overflows a fixed-size stack buffer, causing memory corruption. Affected versions are 7.1.2-15 and 6.9.13-40, which include a patch. The CVE affects ImageMagick, an op...