413484 matches found
EUVD-2026-33432
The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...
EUVD-2026-33431
FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import with the regex /\bimport\s/.testcode. JavaScript syntax accepts a block comment between import and ; the regex matches only ASCII...
EUVD-2026-33430
FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...
EUVD-2026-30803
amazon-redshift-python-driver vulnerable to Remote Code Execution via eval Injection...
EUVD-2026-33429
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...
EUVD-2026-33428
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...
EUVD-2026-33427
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and Referer. The validity check isfieldvalue is run before decoding, so encode...
EUVD-2026-33426
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::settrustedproxies with a non-empty trusted-proxy list, an attacker can send an HTTP request that includes an X-Forwarded-For header whose value parses to no valid ...
EUVD-2026-33425
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder::readpayload function in cpp-httplib httplib.h parses the chunk-size field o...
EUVD-2026-33424
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmdsearch.c:bytepatternsearch due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe...
EUVD-2026-33423
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47...
EUVD-2026-33422
Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/save-submission. This vulnerability is fixed in 2.2.21 and 3.1.26...
EUVD-2026-33421
Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields with Default value → Custom that were evaluated as Twig during submission handling, which could lead to serious compromise of the Craft site depending ...
EUVD-2026-33420
A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...
EUVD-2026-33419
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
EUVD-2026-33418
Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl method in InteractsWithMedia.php...
EUVD-2026-33417
StrongDM Desktop Application before 23.74.0 Desktop Client before 53.77.0 on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\.sdm\state.kv. The file is protected only by default...
EUVD-2026-33394
In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas...
EUVD-2026-33393
In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts...
EUVD-2026-33392
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible...
EUVD-2026-33391
In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible...
EUVD-2026-33390
In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin...
EUVD-2026-33388
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible...
EUVD-2026-33389
In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible...
EUVD-2026-33386
In JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletion...
EUVD-2026-33387
In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names...
EUVD-2026-33385
In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters...
EUVD-2026-33383
In JetBrains TeamCity before 2026.1, 2025.11.5 reflected XSS was possible on the repository download page...
EUVD-2026-33384
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin...
EUVD-2026-33381
In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings...
EUVD-2026-33380
In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible...
EUVD-2026-33382
In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...
EUVD-2026-33378
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests...
EUVD-2026-33379
In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible...
EUVD-2026-33377
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages...
EUVD-2026-33415
In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account...
EUVD-2026-33416
In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible...
EUVD-2026-33414
In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion...
EUVD-2026-33413
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...
EUVD-2026-33412
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a signature...
EUVD-2026-33411
There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure. Successful exploitation requires an attacker to send...
EUVD-2026-33410
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user without the permission required to mutate orders. The order detail actions cancel, mark paid, mark...
EUVD-2026-33409
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's totaluse counter. Under concurrent checkout pressure Black Friday, flash sale, viral coupon, the global usagelimit was...
EUVD-2026-30838
ExifReader is vulnerable to denial of service via crafted ICC mluc tag...
EUVD-2026-30842
ExifReader is vulnerable to denial of service via unbounded decompression of image metadata...
EUVD-2026-33405
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...
EUVD-2026-33404
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...
EUVD-2026-33403
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...
EUVD-2026-33402
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern relies on cookie-session for authentication, storing all session data user handle,...
EUVD-2026-33401
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...