CVE-2026-6658 Cross-site Scripting (XSS) in jupyter/nbconvert

A vulnerability in jupyter/nbconvert versions tag. This vulnerability impacts any server using nbconvert to render notebooks as HTML, allowing attackers to execute arbitrary JavaScript in the context of users viewing the HTML export...

STIGQter 路径遍历漏洞

STIGQter is a compliance checklist generation and reporting tool developed by Jon Hood. Versions of STIGQter from 0.1.2 to 1.2.7 contained a path traversal vulnerability. This vulnerability occurred when processing malicious.stigqter files, allowing attackers to execute local code during the user...

CVE-2026-25731 Calibre Affected by Arbitrary Code Execution via Server-Side Template Injection in Calibre HTML Export

calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection SSTI vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via the --template-html or --template-html-index...

Malicious code in unix-web-export-key-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d60838cb059ad234ae83460587017a2a0124557f3c34684256b7ffcf37b12d3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175816

Malicious code in unix-web-export-key-data npm...

UBUNTU-CVE-2021-36401

In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk...

Skype v8.x - History Export v7 Web Vulnerability

Document Title: =============== Skype v8.x - History Export v7 Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2187 Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2019/08/11/skype MSRC: VULN-007910 Release Date:...