chrisbao_package1 (>=1.0.0 <=1.0.1), dss-bloodrelation (>=1.0.0 <=1.0.6) +4 more potentially affected by unknown CVE via @antv/g6-plugins (=1.0.9)

@antv/g6-plugins NPM version =1.0.9 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/g6-plugins and may be impacted: - chrisbaopackage1 =1.0.0, =1.0.0, =0.1.0, =1.3.7, =1.1.0, =1.1.2 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3994...

Joern 4.0.537

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench

Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.1.2 Vulnerability Details CVEID:CVE-2026-6951 DESCRIPTION: Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that block...

Joern 4.0.533

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

CVE-2026-35178

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an...

CVE-2026-34951

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site scripting vulnerability via the footerScripts parameter, which does not sanitize user-supplied input...

CVE-2026-35178

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an...

EUVD-2026-19450

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an...

CVE-2026-35178

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an...

CVE-2026-35178 Workbench Affected by Remote Code Execution (RCE) via Malicious Cookie in Timezone Conversion

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an...

CVE-2026-35178 Workbench Affected by Remote Code Execution (RCE) via Malicious Cookie in Timezone Conversion

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an...

CVE-2026-35178

The CVE-2026-35178 affects Salesforce Workbench (admin/developer tooling) prior to version 65.0.0. A remote code execution vulnerability exists in the timezone conversion flow that processes attacker-controlled cookie values in an unsafe manner. Impact is described as high for confidentiality and...

CVE-2026-34951

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site scripting vulnerability via the footerScripts parameter, which does not sanitize user-supplied input...

CVE-2026-34951 Reflected XSS in footer.php in Workbench Allows Attackers to Hijack Authenticated Sessions

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site scripting vulnerability via the footerScripts parameter, which does not sanitize user-supplied input...

EUVD-2026-19357

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site scripting vulnerability via the footerScripts parameter, which does not sanitize user-supplied input...

CVE-2026-34951 Reflected XSS in footer.php in Workbench Allows Attackers to Hijack Authenticated Sessions

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site scripting vulnerability via the footerScripts parameter, which does not sanitize user-supplied input...

CVE-2026-34951

What is affected: Salesforce Workbench (admin/developer tooling for Force.com APIs). Vulnerability: Reflected cross-site scripting via the footerScripts parameter that does not sanitize user input before rendering in the page response. Root cause / detail: Improper neutralization of input during ...

Workbench 跨站脚本漏洞

Workbench is an open-source web tool suite for managing Salesforce data and metadata, developed by Force.com. Versions of Workbench prior to 65.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-type cross-site scripting vulnerability in the...

PT-2026-30669

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site scripting vulnerability via the footerScripts parameter, which does not sanitize user-supplied input...

Workbench 代码注入漏洞

Workbench is an open-source web tool suite for managing Salesforce data and metadata, developed by Force.com. Versions of Workbench prior to 65.0.0 contained a code injection vulnerability. This vulnerability stemmed from the handling of cookie values during the time zone conversion process, whic...