Advisories

Due to unsafe serialization of stdio commands in the MCP adapter, an authenticated attacker can add an MCP stdio server with an arbitrary command, achieving command execution.

A Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass the intended API documentation constraints and redirect requests to sensitive internal services, potentially leading to internal network reconnaissance and data exfiltration.

A Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass the intended API documentation constraints and redirect requests to sensitive internal services, potentially leading to internal network reconnaissance and data exfiltration.

A Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass the intended API documentation constraints and redirect requests to sensitive internal services, potentially leading to internal network reconnaissance and data exfiltration.

A Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass the intended API documentation constraints and redirect requests to sensitive internal services, potentially leading to internal network reconnaissance and data exfiltration.

The attacker provides an intranet address through the base url field configured in the Execute Flow node → Bypass checkDenyList / resolveAndValidate in httpSecurity.ts (not called) → Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or detect internal network services

The attacker provides an intranet address through the base url field configured in the Execute Flow node → Bypass checkDenyList / resolveAndValidate in httpSecurity.ts (not called) → Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or detect internal network services

@fastify/reply-from and @fastify/http-proxy process the client's Connection header after the proxy has added its own headers via rewriteRequestHeaders. This allows attackers to retroactively strip proxy-added headers (like access control or identification headers) from upstream requests by listing them in the Connection header value. This affects applications using these plugins with custom header injection for routing, access control, or security purposes.

@fastify/reply-from and @fastify/http-proxy process the client's Connection header after the proxy has added its own headers via rewriteRequestHeaders. This allows attackers to retroactively strip proxy-added headers (like access control or identification headers) from upstream requests by listing them in the Connection header value. This affects applications using these plugins with custom header injection for routing, access control, or security purposes.

What kind of vulnerability is it? Who is impacted? Command Injection vulnerabilities in electerm: A command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac() function appends attacker-controlled remote releaseInfo.name directly into an exec("open …") command without validation. Who is impacted: Users who run npm install -g electerm in Mac OS. An attacker who can control the remote release metadata (version string or release name) served by the project's update server could …

What kind of vulnerability is it? Who is impacted? Two Command Injection vulnerabilities in electerm: macOS Installer (electerm_CommandInjection_02): A command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac() function appends attacker-controlled remote releaseInfo.name directly into an exec("open …") command without validation. Linux Installer (electerm_CommandInjection_01): A command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux() function appends attacker-controlled remote version strings directly into an exec("rm -rf …") command without validation. Who is impacted: …

In src/purify.ts:1117-1123, ADD_TAGS as a function (via EXTRA_ELEMENT_HANDLING.tagCheck) bypasses FORBID_TAGS due to short-circuit evaluation. The condition: !(tagCheck(tagName)) && (!ALLOWED_TAGS[tagName] || FORBID_TAGS[tagName]) When tagCheck(tagName) returns true, the entire condition is false and the element is kept — FORBID_TAGS[tagName] is never evaluated.

An unauthenticated debug endpoint in Dgraph Alpha exposes the full process command line, including the configured admin token from –security "token=…". This does not break token validation logic directly; instead, it discloses the credential and enables unauthorized admin-level access by reusing the leaked token in X-Dgraph-AuthToken.

An unauthenticated debug endpoint in Dgraph Alpha exposes the full process command line, including the configured admin token from –security "token=…". This does not break token validation logic directly; instead, it discloses the credential and enables unauthorized admin-level access by reusing the leaked token in X-Dgraph-AuthToken.

An unauthenticated debug endpoint in Dgraph Alpha exposes the full process command line, including the configured admin token from –security "token=…". This does not break token validation logic directly; instead, it discloses the credential and enables unauthorized admin-level access by reusing the leaked token in X-Dgraph-AuthToken.

Hot Chocolate's Utf8GraphQLParser is a recursive descent parser with no recursion depth limit. A crafted GraphQL document with deeply nested selection sets, object values, list values, or list types can trigger a StackOverflowException on payloads as small as 40 KB. Because StackOverflowException is uncatchable in .NET (since .NET 2.0), the entire worker process is terminated immediately. All in-flight HTTP requests, background IHostedService tasks, and open WebSocket subscriptions on that worker …

Details A buffer overflow vulnerability exists in Zlib::GzipReader. The zstream_buffer_ungets function prepends caller-provided bytes ahead of previously produced output but fails to guarantee the backing Ruby string has enough capacity before the memmove shifts the existing data. This can lead to memory corruption when the buffer length exceeds capacity. Recommended action We recommend to update the zlib gem to version 3.2.3 or later. In order to ensure compatibility with bundled …

The authenticated middleware uses unanchored regular expressions to match public (no-auth) endpoint patterns against ctx.request.url. Since ctx.request.url in Koa includes the query string, an attacker can access any protected endpoint by appending a public endpoint path as a query parameter. For example, POST /api/global/users/search?x=/api/system/status bypasses all authentication because the regex /api/system/status/ matches in the query string portion of the URL.

The authenticated middleware uses unanchored regular expressions to match public (no-auth) endpoint patterns against ctx.request.url. Since ctx.request.url in Koa includes the query string, an attacker can access any protected endpoint by appending a public endpoint path as a query parameter. For example, POST /api/global/users/search?x=/api/system/status bypasses all authentication because the regex /api/system/status/ matches in the query string portion of the URL.

basic-ftp@5.2.2 is vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to Client.list(), causing the client process to consume memory until it becomes unstable or crashes.

basic-ftp@5.2.2 is vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to Client.list(), causing the client process to consume memory until it becomes unstable or crashes.

There is no CSRF protection on the cache feature on most integrations clients.

There is no CSRF protection on the cache feature on most integrations clients.

protobufjs compiles protobuf definitions into JS functions. Attackers can manipulate these definitions to execute arbitrary JS code.

protobufjs could execute generated JavaScript code derived from protobuf schema metadata. When loading a crafted JSON descriptor, schema-controlled type names and type references could reach runtime code generation without sufficient validation.

The password reset endpoint (/api/v1/@apostrophecms/login/reset-request) exhibits a measurable timing side channel that allows unauthenticated attackers to enumerate valid usernames and email addresses. When a user is not found, the handler returns after a fixed 2-second artificial delay, but when a valid user is found, it performs database writes and SMTP operations with no equivalent delay normalization, producing a distinguishable timing profile.

The @apostrophecms/color-field module bypasses color validation for values prefixed with – (intended for CSS custom properties), but performs no HTML sanitization on these values. When styles containing attacker-controlled color values are rendered into <style> tags — both in the global stylesheet (editors only) and in per-widget style elements (all visitors) — the lack of escaping allows an editor to inject </style> followed by arbitrary HTML/JavaScript, achieving stored XSS against all …

The getRestQuery method in the @apostrophecms/piece-type module checks whether a MongoDB projection has already been set before applying the admin-configured publicApiProjection. An unauthenticated attacker can supply a project query parameter in the REST API request to pre-populate the projection state, causing the security-enforced publicApiProjection to be skipped entirely. This allows disclosure of fields that the site administrator explicitly restricted from public access.

The choices and counts query parameters in the Apostrophe CMS REST API allow unauthenticated users to extract distinct field values for any schema field that has a registered query builder, completely bypassing publicApiProjection restrictions that are intended to limit which fields are exposed publicly. Fields protected by viewPermission are similarly exposed.

The example example_xcom that was included in airflow documentation implemented unsafe pattern of reading value from xcom in the way that could be exploited to allow UI user who had access to modify XComs to perform arbitrary execution of code on the worker. Since the UI users are already highly trusted, this is a Low severity vulnerability. It does not affect Airflow release - example_dags are not supposed to be …

JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix. Users are recommended to upgrade to version 3.2.0, which fixes this issue.

A Server-Side Request Forgery (SSRF) vulnerability exists in @angular/platform-server due to improper handling of URLs during Server-Side Rendering (SSR). When an attacker sends a request such as GET /\evil.com/ HTTP/1.1 the server engine (Express, etc.) passes the URL string to Angular’s rendering functions. Because the URL parser normalizes the backslash to a forward slash for HTTP/HTTPS schemes, the internal state of the application is hijacked to believe the current origin …

A Server-Side Request Forgery (SSRF) vulnerability exists in @angular/platform-server due to improper handling of URLs during Server-Side Rendering (SSR). When an attacker sends a request such as GET /\evil.com/ HTTP/1.1 the server engine (Express, etc.) passes the URL string to Angular’s rendering functions. Because the URL parser normalizes the backslash to a forward slash for HTTP/HTTPS schemes, the internal state of the application is hijacked to believe the current origin …

The webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write and deletion via path traversal. A malicious ACME server can supply a crafted challenge token containing ../ sequences, causing lego to write attacker-influenced content to any path writable by the lego process.

The webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write and deletion via path traversal. A malicious ACME server can supply a crafted challenge token containing ../ sequences, causing lego to write attacker-influenced content to any path writable by the lego process.

The webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write and deletion via path traversal. A malicious ACME server can supply a crafted challenge token containing ../ sequences, causing lego to write attacker-influenced content to any path writable by the lego process.

The token exchange path accepts RFC7636-invalid code_verifier values (including one-character strings) for S256 PKCE flows. Because short/weak verifiers are accepted and failed verifier attempts do not consume the authorization code, an attacker who intercepts an authorization code can brute-force code_verifier guesses online until token issuance succeeds.

The token exchange path accepts RFC7636-invalid code_verifier values (including one-character strings) for S256 PKCE flows. Because short/weak verifiers are accepted and failed verifier attempts do not consume the authorization code, an attacker who intercepts an authorization code can brute-force code_verifier guesses online until token issuance succeeds.

@fastify/static v9.1.0 and earlier decodes percent-encoded path separators (%2F) before filesystem resolution, but Fastify's router treats them as literal characters. This creates a routing mismatch: route guards on /admin/* do not match /admin%2Fsecret.html, but @fastify/static decodes it to /admin/secret.html and serves the file. Applications that rely on route-based middleware or guards to protect files served by @fastify/static can be bypassed with encoded path separators.

@fastify/static v9.1.0 and earlier serves directory listings outside the configured static root when the list option is enabled. A request such as /public/../outside/ causes dirList.path() to resolve a directory outside the root via path.join() without a containment check. A remote unauthenticated attacker can obtain directory listings for arbitrary directories accessible to the Node.js process, disclosing directory names and filenames that should not be exposed. File contents are not disclosed.

@fastify/middie v9.3.1 and earlier does not read the deprecated (but still functional) top-level ignoreDuplicateSlashes option, only reading from routerOptions. This creates a normalization gap: Fastify's router normalizes duplicate slashes but middie does not, allowing middleware bypass via URLs with duplicate leading slashes (e.g., //admin/secret). This only affects applications using the deprecated top-level configuration style (fastify({ ignoreDuplicateSlashes: true })). Applications using routerOptions: { ignoreDuplicateSlashes: true } are not affected. This is …

@fastify/middie v9.3.1 and earlier incorrectly re-prefixes middleware paths when propagating them to child plugin scopes. When a child plugin is registered with a prefix that overlaps with a parent-scoped middleware path, the middleware path is modified during inheritance and silently fails to match incoming requests. This results in complete bypass of middleware security controls for all routes defined within affected child plugin scopes, including nested (grandchild) scopes. Authentication, authorization, rate …

@fastify/express v4.0.4 contains a path handling bug in the onRegister function that causes middleware paths to be doubled when inherited by child plugins. This results in complete bypass of Express middleware security controls for all routes defined within child plugin scopes that share a prefix with parent-scoped middleware. No special configuration is required — this affects the default Fastify configuration.

@fastify/express v4.0.4 fails to normalize URLs before passing them to Express middleware when Fastify router normalization options are enabled. This allows complete bypass of path-scoped authentication middleware via two vectors: Duplicate slashes (//admin/dashboard) when ignoreDuplicateSlashes: true is configured Semicolon delimiters (/admin;bypass) when useSemicolonDelimiter: true is configured In both cases, Fastify's router normalizes the URL and matches the route, but @fastify/express passes the original un-normalized URL to Express middleware, which fails …

downloadPackageManager() in vite-plus/binding accepts an untrusted version string and uses it directly in filesystem paths. A caller can supply ../ segments to escape the VP_HOME/package_manager/<pm>/ cache root and cause Vite+ to delete, replace, and populate directories outside the intended cache location.

downloadPackageManager() in vite-plus/binding accepts an untrusted version string and uses it directly in filesystem paths. A caller can supply ../ segments to escape the VP_HOME/package_manager/<pm>/ cache root and cause Vite+ to delete, replace, and populate directories outside the intended cache location.

Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with access in one org, to use the query() plugin, in a notebook cell, to run VQL queries on other orgs which they may not have access to. The user's permissions in the other org are the same as the …

Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Although an allowlist exists, certain allowed commands (npm, npx) accept argument flags that enable execution of arbitrary OS commands. Maliciously crafted MCP tasks may lead to remote code execution with the privileges of the Upsonic process. In version 0.72.0 Upsonic added a …

A Double Free / Use-After-Free (UAF) vulnerability has been identified in the IntoIter::drop and ThinVec::clear implementations of the thin_vec crate. Both vulnerabilities share the same root cause and can trigger memory corruption using only safe Rust code — no unsafe blocks required. Undefined Behavior has been confirmed via Miri and AddressSanitizer (ASAN).

A Double Free / Use-After-Free (UAF) vulnerability has been identified in the IntoIter::drop and ThinVec::clear implementations of the thin_vec crate. Both vulnerabilities share the same root cause and can trigger memory corruption using only safe Rust code — no unsafe blocks required. Undefined Behavior has been confirmed via Miri and AddressSanitizer (ASAN).

The /api/auth/login endpoint contains a logic flaw that allows unauthenticated remote attackers to enumerate valid usernames by measuring the application's response time.

The /api/auth/login endpoint contains a logic flaw that allows unauthenticated remote attackers to enumerate valid usernames by measuring the application's response time.

A denial of service vulnerability exists when parsing crafted multipart/form-data requests with large preamble or epilogue sections.

Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage (COS). If the database is configured to use Tencent COS as the storage backend, an attacker could extract the secret_key configuration value from the Pyroscope API. To exploit this vulnerability, an attacker needs direct access to the Pyroscope API. We highly recommend limiting the public internet exposure of all our databases, such …

An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values.

An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values.

Attackers can fill the body of the clientData JWT in LoginPacket with lots of junk properties, causing the server to flood warning messages, as well as wasting CPU time. This happens because the JsonMapper instance used to process the JWT body is configured to warn on unexpected properties instead of rejecting them outright. While this behaviour increases flexibility for random changes introduced by Microsoft, it also creates vulnerabilities if not …

The Velbus asset import path parses attacker-controlled XML without explicit XXE hardening. An authenticated user who can call the import endpoint may trigger XML external entity processing, which can lead to server-side file disclosure and SSRF. The target file must be less than 1023 characters.

The Velbus asset import path parses attacker-controlled XML without explicit XXE hardening. An authenticated user who can call the import endpoint may trigger XML external entity processing, which can lead to server-side file disclosure and SSRF. The target file must be less than 1023 characters.

An authorization bypass exists in OAuth2 Proxy as part of the email_domain enforcement option. An attacker may be able to authenticate with an email claim such as attacker@evil.com@company.com and satisfy an allowed domain check for company.com, even though the claim is not a valid email address. The issue ONLY affects deployments that rely on email_domain restrictions and accept email claim values from identity providers or claim mappings that do not …

A configuration-dependent authentication bypass exists in OAuth2 Proxy. Deployments are affected when all of the following are true: OAuth2 Proxy is configured with –reverse-proxy and at least one rule is defined with –skip_auth_routes or the legacy –skip-auth-regex OAuth2 Proxy may trust a client-supplied X-Forwarded-Uri header when –reverse-proxy is enabled and –skip-auth-route or –skip-auth-regex is configured. An attacker can spoof this header so OAuth2 Proxy evaluates authentication and skip-auth rules against …

A configuration-dependent authentication bypass exists in OAuth2 Proxy. Deployments are affected when all of the following are true: Use of skip_auth_routes or the legacy skip_auth_regex * Use of patterns that can be widened by attacker-controlled suffixes, such as ^/foo/.*/bar$ causing potential exposure of /foo/secret * Protected upstream applications that interpret # as a fragment delimiter or otherwise route the request to the protected base path In deployments that rely on …

A configuration-dependent authentication bypass exists in OAuth2 Proxy. Deployments are affected when all of the following are true: Use of skip_auth_routes or the legacy skip_auth_regex * Use of patterns that can be widened by attacker-controlled suffixes, such as ^/foo/.*/bar$ causing potential exposure of /foo/secret * Protected upstream applications that interpret # as a fragment delimiter or otherwise route the request to the protected base path In deployments that rely on …

NocoBase's workflow HTTP request plugin and custom request action plugin make server-side HTTP requests to user-provided URLs without any SSRF protection. An authenticated user can access internal network services, cloud metadata endpoints, and localhost.

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field

JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution.

A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This allows authenticated users with specific custom roles to gain unauthorized access to subresources, potentially disclosing sensitive information or performing actions they are not permitted to do. Additionally, legitimate users may be denied access to resources.

A Mass Assignment / Broken Object Property Level Authorization (BOPA) vulnerability in the User Preferences API allows any authenticated user (even those with the lowest privileges) to arbitrarily modify restricted financial attributes on their profile, specifically their hourly_rate and internal_rate.

The client-side escapeForHtml() function in KimaiEscape.js, introduced in commit 89bfa82c (#2959) to fix a JavaScript XSS vulnerability, only escapes <, >, and & but does not escape " (double quote) or ' (single quote). When user-controlled data (profile alias) is placed in an HTML attribute context (title="DISPLAY") via the team member form prototype and rendered through innerHTML, the missing quote escaping allows HTML attribute injection, resulting in Stored XSS.

A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly restrict the scope of accessible objects, allowing specific potentially sensitive objects to be reached from within a template. If an application developer passes unvalidated user input directly to the template engine, an unauthenticated remote attacker can bypass the library's protections …

A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly restrict the scope of accessible objects, allowing specific potentially sensitive objects to be reached from within a template. If an application developer passes unvalidated user input directly to the template engine, an unauthenticated remote attacker can bypass the library's protections …

A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly restrict the scope of accessible objects, allowing specific potentially sensitive objects to be reached from within a template. If an application developer passes unvalidated user input directly to the template engine, an unauthenticated remote attacker can bypass the library's protections …

A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly neutralize specific syntax patterns that allow for the execution of unauthorized expressions. If an application developer passes unvalidated user input directly to the template engine, an unauthenticated remote attacker can bypass the library's protections to achieve Server-Side Template Injection (SSTI).

A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly neutralize specific syntax patterns that allow for the execution of unauthorized expressions. If an application developer passes unvalidated user input directly to the template engine, an unauthenticated remote attacker can bypass the library's protections to achieve Server-Side Template Injection (SSTI).

A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly neutralize specific syntax patterns that allow for the execution of unauthorized expressions. If an application developer passes unvalidated user input directly to the template engine, an unauthenticated remote attacker can bypass the library's protections to achieve Server-Side Template Injection (SSTI).

The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/{namespace} Thanks to Prasanth Sundararajan for reporting this vulnerability.

A validation bypass vulnerability exists in Fastify v5.x where request body validation schemas specified via schema.body.content can be completely circumvented by prepending a single space character (\x20) to the Content-Type header. The body is still parsed correctly as JSON (or any other content type), but schema validation is entirely skipped. This is a regression introduced by commit f3d2bcb (fix for CVE-2025-32442).

OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired.

OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired.

OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired.

OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired.

OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired.

OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired.

The OIDC JWKS and Metadata Document caches used an inverted time comparison (isBefore instead of isAfter), causing the cache to never return cached values. Every incoming request triggered a fresh HTTP fetch of the OIDC Metadata Document and JWKS keys from the OIDC provider. The OIDC token cache for the FHIR client connections used an inverted time comparison (isBefore instead of isAfter), causing the cache to never invalidate. Every incoming …

The OIDC JWKS and Metadata Document caches used an inverted time comparison (isBefore instead of isAfter), causing the cache to never return cached values. Every incoming request triggered a fresh HTTP fetch of the OIDC Metadata Document and JWKS keys from the OIDC provider. The OIDC token cache for the FHIR client connections used an inverted time comparison (isBefore instead of isAfter), causing the cache to never invalidate. Every incoming …

The OIDC JWKS and Metadata Document caches used an inverted time comparison (isBefore instead of isAfter), causing the cache to never return cached values. Every incoming request triggered a fresh HTTP fetch of the OIDC Metadata Document and JWKS keys from the OIDC provider. The OIDC token cache for the FHIR client connections used an inverted time comparison (isBefore instead of isAfter), causing the cache to never invalidate. Every incoming …

The OIDC JWKS and Metadata Document caches used an inverted time comparison (isBefore instead of isAfter), causing the cache to never return cached values. Every incoming request triggered a fresh HTTP fetch of the OIDC Metadata Document and JWKS keys from the OIDC provider. The OIDC token cache for the FHIR client connections used an inverted time comparison (isBefore instead of isAfter), causing the cache to never invalidate. Every incoming …

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules). PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84.

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules). PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84.

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules). PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84.

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules). PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84.

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules). PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84.

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules). PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84.

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules). PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84.

The access_key and connection_string connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidently logged to logs, those values could be seen in the logs. Azure Service Bus used those properties to store sensitive values. Possibly other providers could be also affected if they used the same fields …

The package inspect sbom and package inspect documentation subcommands construct output file paths by joining a user-controlled output directory with the package's Metadata.Name field, which is attacker-controlled data read from the package archive. The Metadata.Name field is validated against a regex on create, ^[a-z0-9][a-z0-9-]*$, however a malicious user could unarchive a package to change the .Metadata.Name field and the files inside the SBOMS.tar. This would lead to arbitrary file write …

REST API endpoints like /xwiki/rest/wikis/xwiki/spaces/AnnotationCode/pages/AnnotationConfig/objects/AnnotationCode.AnnotationConfig/0/properties list all available pages as part of the metadata for database list properties, which can exhaust available resources on large wikis.

REST API endpoints like /xwiki/rest/wikis/xwiki/spaces/AnnotationCode/pages/AnnotationConfig/objects/AnnotationCode.AnnotationConfig/0/properties list all available pages as part of the metadata for database list properties, which can exhaust available resources on large wikis.

A reflected cross-site scripting vulnerability (XSS) in the compare view between revisions of a page allows executing JavaScript code in the user's browser. If the current user is an admin, this can not only affect the current user but also the confidentiality, integrity and availability of the whole XWiki instance.

Multiple AVideo JSON endpoints under objects/ accept state-changing requests via $_REQUEST/$_GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious page visited by a logged-in victim can silently: Cast/flip the victim's like/dislike on any comment (objects/comments_like.json.php). Post a comment authored by the victim on any video, with attacker-chosen text (objects/commentAddNew.json.php). Delete assets from any category (objects/categoryDeleteAssets.json.php) when the victim …

Multiple AVideo JSON endpoints under objects/ accept state-changing requests via $_REQUEST/$_GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious page visited by a logged-in victim can silently: Cast/flip the victim's like/dislike on any comment (objects/comments_like.json.php). Post a comment authored by the victim on any video, with attacker-chosen text (objects/commentAddNew.json.php). Delete assets from any category (objects/categoryDeleteAssets.json.php) when the victim …

The YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies to every connected client without sanitizing the msg or callback fields. On the client side, plugin/YPTSocket/script.js contains two eval() sinks fed directly by those relayed fields (json.msg.autoEvalCodeOnHTML at line 568 and json.callback at line 95). Because tokens are minted for anonymous visitors and never revalidated beyond decryption, an unauthenticated attacker can broadcast arbitrary JavaScript that executes in the origin of …

The YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies to every connected client without sanitizing the msg or callback fields. On the client side, plugin/YPTSocket/script.js contains two eval() sinks fed directly by those relayed fields (json.msg.autoEvalCodeOnHTML at line 568 and json.callback at line 95). Because tokens are minted for anonymous visitors and never revalidated beyond decryption, an unauthenticated attacker can broadcast arbitrary JavaScript that executes in the origin of …

objects/commentDelete.json.php is a state-mutating JSON endpoint that deletes comments but performs no CSRF validation. It does not call forbidIfIsUntrustedRequest(), does not verify a CSRF/global token, and does not check Origin/Referer. Because AVideo intentionally sets session.cookie_samesite=None (to support cross-origin embed players), a cross-site request from any attacker-controlled page automatically carries the victim's PHPSESSID. Any authenticated victim who has authority to delete one or more comments (site moderators, video owners, and comment …

objects/commentDelete.json.php is a state-mutating JSON endpoint that deletes comments but performs no CSRF validation. It does not call forbidIfIsUntrustedRequest(), does not verify a CSRF/global token, and does not check Origin/Referer. Because AVideo intentionally sets session.cookie_samesite=None (to support cross-origin embed players), a cross-site request from any attacker-controlled page automatically carries the victim's PHPSESSID. Any authenticated victim who has authority to delete one or more comments (site moderators, video owners, and comment …

The isValidDuration() regex at objects/video.php:918 uses /^[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}/ without a $ end anchor, allowing arbitrary HTML/JavaScript to be appended after a valid duration prefix. The crafted duration is stored in the database and rendered without HTML escaping via echo Video::getCleanDuration() on trending pages, playlist pages, and video gallery thumbnails, resulting in stored cross-site scripting.

The isValidDuration() regex at objects/video.php:918 uses /^[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}/ without a $ end anchor, allowing arbitrary HTML/JavaScript to be appended after a valid duration prefix. The crafted duration is stored in the database and rendered without HTML escaping via echo Video::getCleanDuration() on trending pages, playlist pages, and video gallery thumbnails, resulting in stored cross-site scripting.

Three admin-only JSON endpoints — objects/categoryAddNew.json.php, objects/categoryDelete.json.php, and objects/pluginRunUpdateScript.json.php — enforce only a role check (Category::canCreateCategory() / User::isAdmin()) and perform state-changing actions against the database without calling isGlobalTokenValid() or forbidIfIsUntrustedRequest(). Peer endpoints in the same directory (pluginSwitch.json.php, pluginRunDatabaseScript.json.php) do enforce the CSRF token, so the missing checks are an omission rather than a design choice. An attacker who lures a logged-in admin to a malicious page can create, update, or …

Three admin-only JSON endpoints — objects/categoryAddNew.json.php, objects/categoryDelete.json.php, and objects/pluginRunUpdateScript.json.php — enforce only a role check (Category::canCreateCategory() / User::isAdmin()) and perform state-changing actions against the database without calling isGlobalTokenValid() or forbidIfIsUntrustedRequest(). Peer endpoints in the same directory (pluginSwitch.json.php, pluginRunDatabaseScript.json.php) do enforce the CSRF token, so the missing checks are an omission rather than a design choice. An attacker who lures a logged-in admin to a malicious page can create, update, or …

objects/configurationUpdate.json.php (also routed via /updateConfig) persists dozens of global site settings from $_POST but protects the endpoint only with User::isAdmin(). It does not call forbidIfIsUntrustedRequest(), does not verify a globalToken, and does not validate the Origin/Referer header. Because AVideo intentionally sets session.cookie_samesite=None to support cross-origin iframe embedding, a logged-in administrator who visits an attacker-controlled page will have the browser auto-submit a cross-origin POST that rewrites the site's encoder URL, SMTP …

objects/configurationUpdate.json.php (also routed via /updateConfig) persists dozens of global site settings from $_POST but protects the endpoint only with User::isAdmin(). It does not call forbidIfIsUntrustedRequest(), does not verify a globalToken, and does not validate the Origin/Referer header. Because AVideo intentionally sets session.cookie_samesite=None to support cross-origin iframe embedding, a logged-in administrator who visits an attacker-controlled page will have the browser auto-submit a cross-origin POST that rewrites the site's encoder URL, SMTP …

The allowOrigin($allowAll=true) function in objects/functions.php reflects any arbitrary Origin header back in Access-Control-Allow-Origin along with Access-Control-Allow-Credentials: true. This function is called by both plugin/API/get.json.php and plugin/API/set.json.php — the primary API endpoints that handle user data retrieval, authentication, livestream credentials, and state-changing operations. Combined with the application's SameSite=None session cookie policy, any website can make credentialed cross-origin requests and read authenticated API responses, enabling theft of user PII, livestream keys, and …

The allowOrigin($allowAll=true) function in objects/functions.php reflects any arbitrary Origin header back in Access-Control-Allow-Origin along with Access-Control-Allow-Credentials: true. This function is called by both plugin/API/get.json.php and plugin/API/set.json.php — the primary API endpoints that handle user data retrieval, authentication, livestream credentials, and state-changing operations. Combined with the application's SameSite=None session cookie policy, any website can make credentialed cross-origin requests and read authenticated API responses, enabling theft of user PII, livestream keys, and …

The file git.json.php at the web root executes git log -1 and returns the full output as JSON to any unauthenticated user. This exposes the exact deployed commit hash (enabling version fingerprinting against known CVEs), developer names and email addresses (PII), and commit messages which may contain references to internal systems or security fixes.

The file git.json.php at the web root executes git log -1 and returns the full output as JSON to any unauthenticated user. This exposes the exact deployed commit hash (enabling version fingerprinting against known CVEs), developer names and email addresses (PII), and commit messages which may contain references to internal systems or security fixes.

The directory traversal fix introduced in commit 2375eb5e0 for objects/aVideoEncoderReceiveImage.json.php only checks the URL path component (via parse_url($url, PHP_URL_PATH)) for .. sequences. However, the downstream function try_get_contents_from_local() in objects/functionsFile.php uses explode('/videos/', $url) on the full URL string including the query string. An attacker can place the /videos/../../ traversal payload in the query string to bypass the security check and read arbitrary files from the server filesystem.

The directory traversal fix introduced in commit 2375eb5e0 for objects/aVideoEncoderReceiveImage.json.php only checks the URL path component (via parse_url($url, PHP_URL_PATH)) for .. sequences. However, the downstream function try_get_contents_from_local() in objects/functionsFile.php uses explode('/videos/', $url) on the full URL string including the query string. An attacker can place the /videos/../../ traversal payload in the query string to bypass the security check and read arbitrary files from the server filesystem.

The incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the file_get_contents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com.

The incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the file_get_contents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com.

The incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink() or inlineUrlTag(), allowing javascript: URLs in markdown link syntax to bypass sanitization.

The incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink() or inlineUrlTag(), allowing javascript: URLs in markdown link syntax to bypass sanitization.

The incomplete fix for AVideo's CloneSite deleteDump parameter does not apply path traversal filtering, allowing unlink() of arbitrary files via ../../ sequences in the GET parameter.

The incomplete fix for AVideo's CloneSite deleteDump parameter does not apply path traversal filtering, allowing unlink() of arbitrary files via ../../ sequences in the GET parameter.

The incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL() validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal endpoints.

The incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL() validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal endpoints.

The endpoint plugin/Live/view/Live_restreams/list.json.php contains an Insecure Direct Object Reference (IDOR) vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream configurations, including third-party platform stream keys and OAuth tokens (access_token, refresh_token) for services like YouTube Live, Facebook Live, and Twitch.

The endpoint plugin/Live/view/Live_restreams/list.json.php contains an Insecure Direct Object Reference (IDOR) vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream configurations, including third-party platform stream keys and OAuth tokens (access_token, refresh_token) for services like YouTube Live, Facebook Live, and Twitch.

The isSSRFSafeURL() function in objects/functions.php contains a same-domain shortcircuit (lines 4290-4296) that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares only the hostname and ignores the port, an attacker can reach arbitrary ports on the AVideo server by using the site's public hostname with a non-standard port. The response body is saved to a web-accessible path, enabling full exfiltration.

The isSSRFSafeURL() function in objects/functions.php contains a same-domain shortcircuit (lines 4290-4296) that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares only the hostname and ignores the port, an attacker can reach arbitrary ports on the AVideo server by using the site's public hostname with a non-standard port. The response body is saved to a web-accessible path, enabling full exfiltration.

The locale save endpoint (locale/save.php) constructs a file path by directly concatenating $_POST['flag'] into the path at line 30 without any sanitization. The $_POST['code'] parameter is then written verbatim to that path via fwrite() at line 40. An admin attacker (or any user who can CSRF an admin, since no CSRF token is checked and cookies use SameSite=None) can traverse out of the locale/ directory and write arbitrary .php files …

The locale save endpoint (locale/save.php) constructs a file path by directly concatenating $_POST['flag'] into the path at line 30 without any sanitization. The $_POST['code'] parameter is then written verbatim to that path via fwrite() at line 40. An admin attacker (or any user who can CSRF an admin, since no CSRF token is checked and cookies use SameSite=None) can traverse out of the locale/ directory and write arbitrary .php files …

The CORS origin validation fix in commit 986e64aad is incomplete. Two separate code paths still reflect arbitrary Origin headers with credentials allowed for all /api/* endpoints: (1) plugin/API/router.php lines 4-8 unconditionally reflect any origin before application code runs, and (2) allowOrigin(true) called by get.json.php and set.json.php reflects any origin with Access-Control-Allow-Credentials: true. An attacker can make cross-origin credentialed requests to any API endpoint and read authenticated responses containing user PII, …

The CORS origin validation fix in commit 986e64aad is incomplete. Two separate code paths still reflect arbitrary Origin headers with credentials allowed for all /api/* endpoints: (1) plugin/API/router.php lines 4-8 unconditionally reflect any origin before application code runs, and (2) allowOrigin(true) called by get.json.php and set.json.php reflects any origin with Access-Control-Allow-Credentials: true. An attacker can make cross-origin credentialed requests to any API endpoint and read authenticated responses containing user PII, …

A Server-Side Request Forgery (SSRF) in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying a crafted POST request.

A Broken Object-Level Authorization (BOLA) in the /Settings/UserController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily reset user passwords and perform a full account takeover via supplying a crafted HTTP request.

A Broken Object-Level Authorization (BOLA) in the /Controllers/Lead/LeadController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any lead owned by other users via supplying a crafted GET request.

A Broken Object-Level Authorization (BOLA) in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any contact owned by other users via supplying a crafted GET request.

fio_json_parse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at ~100% instead of returning a parse error. Because iodine vendors the same parser code, the issue also affects iodine when it parses attacker-controlled JSON. The smallest reproducer found is [i. The quoted-value form that originally exposed the issue, [""i, reaches …

fio_json_parse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at ~100% instead of returning a parse error. Because iodine vendors the same parser code, the issue also affects iodine when it parses attacker-controlled JSON. The smallest reproducer found is [i. The quoted-value form that originally exposed the issue, [""i, reaches …

The GET /?redirect endpoint in goshs v2.0.0-beta.6 performs an HTTP redirect to any attacker-supplied url= value and writes any attacker-supplied header=Name: Value pair into the response, without scheme/host validation, without a header-name allow-list, without authentication in the default deployment, and without the checkCSRF() guard that GHSA-jrq5-hg6x-j6g3 added to the other state-changing GET routes (?mkdir, ?delete). The same dispatcher also lacks an fs.Invisible branch, so the endpoint stays responsive in -I …

The GET /?redirect endpoint in goshs v2.0.0-beta.6 performs an HTTP redirect to any attacker-supplied url= value and writes any attacker-supplied header=Name: Value pair into the response, without scheme/host validation, without a header-name allow-list, without authentication in the default deployment, and without the checkCSRF() guard that GHSA-jrq5-hg6x-j6g3 added to the other state-changing GET routes (?mkdir, ?delete). The same dispatcher also lacks an fs.Invisible branch, so the endpoint stays responsive in -I …

A crafted hostAlias argument such as -oProxyCommand=… was passed to ssh/scp without an argument terminator. SSH interprets arguments starting with - as options regardless of position, so the option-injection caused SSH to execute the attacker-supplied ProxyCommand locally on the machine running the MCP server — before any network connection. This bypassed the documented protection of # @password: annotations and exposed local SSH keys, browser cookies, other MCP server credentials, and …

When SpiceDB starts with log level info, the startup "configuration" log will include the full datastore DSN, including the plaintext password, inside DatastoreConfig.URI.

A soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. Affected versions: >= 6.0.0, <= 6.0.2 Not affected: SP1 V5 (all versions) Severity: High

A soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. Affected versions: >= 6.0.0, <= 6.0.2 Not affected: SP1 V5 (all versions) Severity: High

A soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. Affected versions: >= 6.0.0, <= 6.0.2 Not affected: SP1 V5 (all versions) Severity: High

The incomplete fix for SiYuan's bazaar README rendering enables the Lute HTML sanitizer but fails to block <iframe> tags, allowing stored XSS via srcdoc attributes containing embedded scripts that execute in the Electron context.

The incomplete fix for SiYuan's bazaar README rendering enables the Lute HTML sanitizer but fails to block <iframe> tags, allowing stored XSS via srcdoc attributes containing embedded scripts that execute in the Electron context.

Authorization bypass via certificate bag manipulation in sigstore/timestamp-authority verifier An authorization bypass vulnerability exists in sigstore/timestamp-authority verifier (timestamp-authority/v2/pkg/verification): VerifyTimestampResponse function correctly verifies the certificate chain but when the TSA specific constraints are verified in VerifyLeafCert, the first non-CA certificate from the PKCS#7 certificate bag is used instead of the leaf certificate from the certificate chain. An attacker can exploit this by prepending a forged certificate to the certificate bag while …

goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to filesystem paths outside the configured SFTP root, which breaks the intended jail boundary and can expose or modify unrelated server files.

goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to filesystem paths outside the configured SFTP root, which breaks the intended jail boundary and can expose or modify unrelated server files.

goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to filesystem paths outside the configured SFTP root, which breaks the intended jail boundary and can expose or modify unrelated server files.

goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to filesystem paths outside the configured SFTP root, which breaks the intended jail boundary and can expose or modify unrelated server files.

Required Permissions The exploitation requires a few permissions to be enabled in the used GraphQL schema: "Edit assets in the volume" "Create assets in the volume" Details The implementation fails to restrict the URL Scheme. While the application is intended to "upload assets", there is no whitelist forcing http or https. This allows attackers to use the Gopher protocol to wrap raw TCP commands. Impact: Combined with the DWORD bypass, …

Required Permissions The exploitation requires a few permissions to be enabled in the used GraphQL schema: "Edit assets in the volume" "Create assets in the volume" Details The implementation fails to restrict the URL Scheme. While the application is intended to "upload assets", there is no whitelist forcing http or https. This allows attackers to use the Gopher protocol to wrap raw TCP commands. Impact: Combined with the DWORD bypass, …

Serendipity inserts $_SERVER['HTTP_HOST'] directly into the Message-ID SMTP header without any validation beyond CRLF stripping. An attacker who can control the Host header during an email-triggering action can inject arbitrary SMTP headers into outgoing emails, enabling spam relay, BCC injection, and email spoofing.

The serendipity_setCookie() function uses $_SERVER['HTTP_HOST'] without validation as the domain parameter of setcookie(). An attacker can force authentication cookies — including session tokens and auto-login tokens — to be scoped to an attacker-controlled domain, facilitating session hijacking.

It has been reported (by @lopopolo) that the rand library is unsound (i.e. that safe code using the public API can cause Undefined Behaviour) when all the following conditions are met: The log and thread_rng features are enabled A custom logger is defined The custom logger accesses rand::rng() (previously rand::thread_rng()) and calls any TryRng (previously RngCore) methods on ThreadRng The ThreadRng (attempts to) reseed while called from the custom logger …

The pyload application does not properly invalidate or modify sessions upon changes made to a user's permissions.

pyLoad caches role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database. As a result, an already logged-in user can keep old (revoked) privileges until logout/session expiry, enabling continued privileged actions. This is a core authorization/session-consistency issue and is not resolved by toggling an optional security feature.

pyLoad caches role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database. As a result, an already logged-in user can keep old (revoked) privileges until logout/session expiry, enabling continued privileged actions. This is a core authorization/session-consistency issue and is not resolved by toggling an optional security feature.

A command injection vulnerability exists in Podman's HyperV machine backend. The VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $() subexpression injection.

A command injection vulnerability exists in Podman's HyperV machine backend. The VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $() subexpression injection.

The trustedCertPool() function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates (e.g., intermediate + root CA), only the first certificate is loaded. This silently breaks certificate chain validation for mTLS.

The trustedCertPool() function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates (e.g., intermediate + root CA), only the first certificate is loaded. This silently breaks certificate chain validation for mTLS.

The OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience (aud) claim validation at the library level. This allows tokens issued for unrelated services by the same OIDC issuer to be accepted by Oxia.

The OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience (aud) claim validation at the library level. This allows tokens issued for unrelated services by the same OIDC issuer to be accepted by Oxia.

When OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system.

When OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system.

A race condition between session heartbeat processing and session closure can cause the server to panic with send on closed channel. The heartbeat() method uses a blocking channel send while holding a mutex, and under specific timing with concurrent close() calls, this can lead to either a deadlock (channel buffer full) or a panic (send on closed channel after TOCTOU gap in KeepAlive).

A race condition between session heartbeat processing and session closure can cause the server to panic with send on closed channel. The heartbeat() method uses a blocking channel send while holding a mutex, and under specific timing with concurrent close() calls, this can lead to either a deadlock (channel buffer full) or a panic (send on closed channel after TOCTOU gap in KeepAlive).

When installing module packages from attacker-controlled sources, tofu init may use unbounded memory, cause high CPU usage, or deadlock when encountering maliciously-crafted TLS certificate chains or tar archives. Those who depend on modules or providers served from untrusted third-party servers may experience denial of service due to tofu init failing to complete successfully. In the case of unbounded memory usage or high CPU usage, other processes running on the same …

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the user_enabled_invert configuration option is False (the default). The _ldap_res_to_model method in the UserApi class only performed string-to-boolean conversion when user_enabled_invert was True. When False, the raw string value from LDAP (e.g., "FALSE") was used directly. Since non-empty strings are truthy in Python, users marked as disabled in LDAP were …

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads project-local .env and .codex/config.toml files without requiring user confirmation, allowing attackers to embed arbitrary commands that execute immediately.

A stored cross-site scripting (XSS) vulnerability was identified in the SVG sanitization logic. The regex pattern used to strip on* event handler attributes could be bypassed using a crafted payload that exploits how the pattern matches attribute boundaries.

A server-side information disclosure vulnerability was identified in the INI settings parser. PHP's parse_ini_string() function supports ${} syntax for environment variable interpolation. Attackers with Editor access could inject ${APP_KEY}, ${DB_PASSWORD}, or similar patterns into CMS page settings fields, causing sensitive environment variables to be resolved and stored in the template. These values were then returned to the attacker when the page was reopened.

A sandbox bypass vulnerability was identified in the optional Twig safe mode feature (CMS_SAFE_MODE). Certain methods on the collect() helper were not properly restricted, allowing authenticated users with template editing permissions to bypass sandbox protections.

A stored cross-site scripting (XSS) vulnerability was identified in the Event Log mail preview feature. When viewing logged mail messages, HTML content was rendered in an iframe without proper sandboxing, allowing JavaScript execution in the viewer's browser context.

A stored cross-site scripting (XSS) vulnerability was identified in the Backend Editor Settings. The Markup Classes fields (used for paragraph styles, inline styles, table styles, etc.) did not sanitize input to valid CSS class name characters. Malicious values were rendered unsanitized in Froala editor dropdown menus, allowing JavaScript execution when any user opened a RichEditor.

A regression introduced in v7.11.0 is preventing OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. This only impacts deployments that rely on the sign-in page as part of their logout flow. In those setups, a user may be shown the sign-in page while the existing session cookie remains valid, so the browser session is not actually logged out. On shared workstations be it browsers or devices, …

The conditions filter webhook at libs/application-generic/src/usecases/conditions-filter/conditions-filter.usecase.ts line 261 sends POST requests to user-configured URLs using raw axios.post() with no SSRF validation. The HTTP Request workflow step in the same codebase correctly uses validateUrlSsrf() which blocks private IP ranges. The conditions webhook was not included in this protection.

XSS sanitization is incomplete, some attributes are missing such as oncontentvisibilityautostatechange=. This allows for the email preview to render HTML that executes arbitrary JavaScript,

Attacker sends many small, valid JSON messages in one TCP frame → handleData() recurses once per message; buffer shrinks each call → maxBufferSize is never reached; call stack overflows instead → A ~47 KB payload is sufficient to trigger RangeError

Attacker sends many small, valid JSON messages in one TCP frame → handleData() recurses once per message; buffer shrinks each call → maxBufferSize is never reached; call stack overflows instead → A ~47 KB payload is sufficient to trigger RangeError

justhtml 1.16.0 fixes multiple security issues in sanitization, serialization, and programmatic DOM handling. Most of these issues affected one of these advanced paths rather than ordinary parsed HTML with the default safe settings: programmatic DOM input to sanitize() or sanitize_dom() reused or mutated sanitization policy objects custom policies that preserve foreign namespaces such as SVG or MathML

In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP server. This allows a malicious client to bypass authentication. Only mitmproxy instances using the proxyauth option with LDAP are affected. This option is not enabled by default.

What kind of vulnerability is it? Who is impacted? An authentication bypass vulnerability in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allows any user who knows a valid access key to write arbitrary objects to any bucket without knowing the secret key or providing a valid cryptographic signature. Any MinIO deployment is impacted. The attack requires only a valid access key (the well-known default minioadmin, or any key with WRITE permission on a …

What kind of vulnerability is it? Who is impacted? An authentication bypass vulnerability in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allows any user who knows a valid access key to write arbitrary objects to any bucket without knowing the secret key or providing a valid cryptographic signature. Any MinIO deployment is impacted. The attack requires only a valid access key (the well-known default minioadmin, or any key with WRITE permission on a …

Two authentication bypass vulnerabilities in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allow any user who knows a valid access key to write arbitrary objects to any bucket without knowing the secret key or providing a valid cryptographic signature. Any MinIO deployment is impacted. The attack requires only a valid access key (the well-known default minioadmin, or any key with WRITE permission on a bucket) and a target bucket name. There are two …

What kind of vulnerability is it? Who is impacted? Two authentication bypass vulnerabilities in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allow any user who knows a valid access key to write arbitrary objects to any bucket without knowing the secret key or providing a valid cryptographic signature. Any MinIO deployment is impacted. The attack requires only a valid access key (the well-known default minioadmin, or any key with WRITE permission on a …

Microsoft is releasing this security advisory to provide information about a vulnerability in System.Security.Cryptography.Xml. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in EncryptedXml class where an attacker can cause an infinite loop and perform a Denial of Service attack.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in System.Net.Mail where specially crafted data allows an unauthorized attacker to perform a spoofing attack over the network.

Microsoft is releasing this security advisory to provide information about a vulnerability in System.Security.Cryptography.Xml. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in EncryptedXml class where uncontrolled resource consumption can give an attacker to the ability to perform a Denial of Service attack.

MCPHub in versions below 0.11.0 is vulnerable to authentication bypass. Some endpoints are not protected by authentication middleware, allowing an unauthenticated attacker to perform actions in the name of other users and using their privileges.

The port_forward tool in mcp-server-kubernetes constructs a kubectl command as a string and splits it on spaces before passing to spawn(). Unlike all other tools in the codebase which correctly use execFileSync("kubectl", argsArray), port_forward uses string concatenation with user-controlled input (namespace, resourceType, resourceName, localPort, targetPort) followed by naive .split(" ") parsing. This allows an attacker to inject arbitrary kubectl flags by embedding spaces in any of these fields.

In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP server. This allows a malicious client to bypass authentication. Only mitmproxy instances using the proxyauth option with LDAP are affected. This option is not enabled by default.

A Server-Side Request Forgery (SSRF) vulnerability in Kyverno allows authenticated users to induce the admission controller to send arbitrary HTTP requests to attacker-controlled endpoints. When a ClusterPolicy uses apiCall.service.url with variable substitution (e.g. {{request.object.*}}), user-controlled input can influence the request target. The Kyverno admission controller executes these requests from its privileged network position without enforcing any validation or network restrictions. The issue becomes non-blind SSRF, as response data from internal …

A Server-Side Request Forgery (SSRF) vulnerability in Kyverno's CEL HTTP library (pkg/cel/libs/http/) allows users with namespace-scoped policy creation permissions to make arbitrary HTTP requests from the Kyverno admission controller. This enables unauthorized access to internal services in other namespaces, cloud metadata endpoints (169.254.169.254), and data exfiltration via policy error messages.

Kyverno's APICall feature contains a Server-Side Request Forgery (SSRF) vulnerability that allows users with Policy creation permissions to access arbitrary internal resources through Kyverno's high-privilege ServiceAccount. In multi-tenant Kubernetes environments, this constitutes a classic Confused Deputy problem: low-privilege tenants can steal sensitive data from other tenants (such as database passwords and API keys) and cloud platform IAM credentials, completely breaking tenant isolation. This vulnerability does not require cluster-admin privileges and …

kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer … using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header. because context.apiCall.service.url is policy-controlled, this can send the kyverno serviceaccount token to an attacker-controlled endpoint (confused deputy). namespaced policies are blocked from servicecall usage by the namespaced urlPath gate in pkg/engine/apicall/apiCall.go, so this report is scoped to ClusterPolicy and global context usage.

kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer … using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header. because context.apiCall.service.url is policy-controlled, this can send the kyverno serviceaccount token to an attacker-controlled endpoint (confused deputy). namespaced policies are blocked from servicecall usage by the namespaced urlPath gate in pkg/engine/apicall/apiCall.go, so this report is scoped to ClusterPolicy and global context usage.

Kiota versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks (for example: serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata, and default value emission). When malicious values from an OpenAPI description are emitted into generated source without context-appropriate escaping, an attacker can break out of string literals and inject additional code into generated clients.

Kiota versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks (for example: serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata, and default value emission). When malicious values from an OpenAPI description are emitted into generated source without context-appropriate escaping, an attacker can break out of string literals and inject additional code into generated clients.

The Twig sandbox used for invoice templates blocks certain sensitive User methods (password, TOTP secret, etc.) via a blocklist in StrictPolicy::checkMethodAllowed(). However, getApiToken() and getPlainApiToken() are not on the blocklist. An admin who creates an invoice template can embed calls to these methods, causing the bcrypt or sodium hashed API password of any user who generates an invoice using that template to be included in the rendered output. Only relevant …

The SAML authentication success handler in Kimai returns the RelayState POST parameter as a redirect destination without validating the host or scheme. After a user successfully authenticates via SAML, they are redirected to an attacker-controlled URL if the IdP includes a malicious RelayState value. This enables phishing attacks that steal credentials or session tokens post-SSO. Requires SAML to be enabled (non-default configuration).

A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with manage-realm or manage-organizations administrative privileges can exploit a Stored Cross-Site Scripting (XSS) vulnerability. This flaw occurs because the organization.alias is placed into an inline JavaScript onclick handler, allowing a crafted JavaScript payload to execute in a user's browser when they view the login page. Successful exploitation enables arbitrary JavaScript execution, potentially leading to …

Request Smuggling: Attacker injects arbitrary HTTP requests Cache Poisoning: Smuggled responses poison shared caches Access Control Bypass: Smuggled requests bypass frontend security Session Hijacking: Smuggled requests can steal other users' responses

The public Stripe webhook endpoint fully reads the request body into memory before validating the Stripe signature. A remote unauthenticated attacker can send oversized POST bodies and cause substantial memory growth, leading to denial of service.

The public Stripe webhook endpoint fully reads the request body into memory before validating the Stripe signature. A remote unauthenticated attacker can send oversized POST bodies and cause substantial memory growth, leading to denial of service.

An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query string parameter is interpolated directly into a raw SQL expression without parameterization or validation, allowing an attacker to execute arbitrary SQL against the database. This affects all supported database backends (PostgreSQL, MySQL/MariaDB, SQLite). The Admin API is also affected, though exploitation there requires authentication.

A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or Streamable-HTTP transport mode (the documented way to use this server remotely), an unauthenticated attacker on the network can read, write, and overwrite arbitrary files on the host filesystem by supplying crafted filepath arguments to any of the 25 exposed MCP tool handlers. The server is intended to confine file operations to a …

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

When the connected-components:* define specifies an invalid index and out of bound operation will result in an access violation.

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

An incorrect morphology would allow an out of bounds read of a single pixel. ==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7fff047fd8e0 sp 0x7fff047fd8d0 READ of size 4 at 0x5100000002d0 thread T0

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The patch for GHSA-7h7q-j33q-hvpf was incomplete and still allows a stack buffer overflow for the multi frame images.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

The -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

When the PNG encoder fails to write an MNG image it can leak memory.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

The FTXT encoder lacks a boundary check when parsing ftxt:format, resulting in an out of bounds read. ==3040863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000085b2 at pc 0x606c1ee0c6ce bp 0x7ffee30d6150 sp 0x7ffee30d6148 READ of size 1 at 0x5020000085b2 thread T0

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

Heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats.

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

A crafted image could result in an out of bounds heap write when writing a yaml or json output and that could result in a crash.

The OverlappingFieldsCanBeMerged validation rule exhibits quadratic time complexity when processing queries with many repeated fields sharing the same response name. An attacker can send a crafted query like { hello hello hello … } with thousands of repeated fields, causing excessive CPU usage during validation before execution begins. This is not mitigated by existing QueryDepth or QueryComplexity rules. Observed impact (tested on v15.31.4): 1000 fields: ~0.6s 2000 fields: ~2.4s 3000 …

The OverlappingFieldsCanBeMerged validation rule exhibits quadratic time complexity when processing queries with many repeated fields sharing the same response name. An attacker can send a crafted query like { hello hello hello … } with thousands of repeated fields, causing excessive CPU usage during validation before execution begins. This is not mitigated by existing QueryDepth or QueryComplexity rules. Observed impact (tested on v15.31.4): 1000 fields: ~0.6s 2000 fields: ~2.4s 3000 …

goshs leaks file-based ACL credentials through its public collaborator feed when the server is deployed without global basic auth. Requests to .goshs-protected folders are logged before authorization is enforced, and the collaborator websocket broadcasts raw request headers, including Authorization. An unauthenticated observer can capture a victim's folder-specific basic-auth header and replay it to read, upload, overwrite, and delete files inside the protected subtree. I reproduced this on v2.0.0-beta.5, the latest …

goshs leaks file-based ACL credentials through its public collaborator feed when the server is deployed without global basic auth. Requests to .goshs-protected folders are logged before authorization is enforced, and the collaborator websocket broadcasts raw request headers, including Authorization. An unauthenticated observer can capture a victim's folder-specific basic-auth header and replay it to read, upload, overwrite, and delete files inside the protected subtree. I reproduced this on v2.0.0-beta.5, the latest …

goshs contains a cross-site request forgery issue in its state-changing HTTP GET routes. An external attacker can cause an already authenticated browser to trigger destructive actions such as ?delete and ?mkdir because goshs relies on HTTP basic auth alone and performs no CSRF, Origin, or Referer validation for those routes. I reproduced this on v2.0.0-beta.5.

goshs contains a cross-site request forgery issue in its state-changing HTTP GET routes. An external attacker can cause an already authenticated browser to trigger destructive actions such as ?delete and ?mkdir because goshs relies on HTTP basic auth alone and performs no CSRF, Origin, or Referer validation for those routes. I reproduced this on v2.0.0-beta.5.

goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started with -b ':pass' together with -sftp, goshs accepts that configuration but does not install any SFTP password handler. As a result, an unauthenticated network attacker can connect to the SFTP service and access files without a password. I reproduced this on the latest release v2.0.0-beta.5.

goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started with -b ':pass' together with -sftp, goshs accepts that configuration but does not install any SFTP password handler. As a result, an unauthenticated network attacker can connect to the SFTP service and access files without a password. I reproduced this on the latest release v2.0.0-beta.5.

Processing a malformed input containing a < character that is not followed by a > character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of Bounds read or a panic.

Processing a malformed input containing a < character that is not followed by a > character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of Bounds read or a panic.

The ConformityCheck class in giskard-checks rendered the rule parameter through Jinja2's default Template() constructor. Because the rule string is silently interpreted as a Jinja2 template, a developer may not realize that template expressions embedded in rule definitions are evaluated at runtime. In a scenario where check definitions are loaded from an untrusted source (e.g. a shared project file or externally contributed configuration), this could lead to arbitrary code execution. giskard-checks …

The RegexMatching check in the giskard-checks package passes a user-supplied regular expression pattern directly to Python's re.search() without any timeout, complexity guard, or pattern validation. An attacker who can control the regex pattern or the text being matched can craft inputs that trigger catastrophic backtracking in the regex engine, causing the process to hang indefinitely and denying service to all other operations. giskard-checks is a local developer testing library. Check …

The gdown library (tested on v5.2.1) is vulnerable to a Path Traversal attack within its extractall functionality. When extracting a maliciously crafted ZIP or TAR archive, the library fails to sanitize or validate the filenames of the archive members. This allow files to be written outside the intended destination directory, potentially leading to arbitrary file overwrite and Remote Code Execution (RCE).

The gdown library (tested on v5.2.1) is vulnerable to a Path Traversal attack within its extractall functionality. When extracting a maliciously crafted ZIP or TAR archive, the library fails to sanitize or validate the filenames of the archive members. This allow files to be written outside the intended destination directory, potentially leading to arbitrary file overwrite and Remote Code Execution (RCE).

frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style requests, the routing logic uses the username from Proxy-Authorization to select the routeByHTTPUser backend, while the access control check uses credentials from the regular Authorization header. As a result, an attacker who can reach the HTTP vhost entrypoint and knows or can guess the protected routeByHTTPUser value may …

frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style requests, the routing logic uses the username from Proxy-Authorization to select the routeByHTTPUser backend, while the access control check uses credentials from the regular Authorization header. As a result, an attacker who can reach the HTTP vhost entrypoint and knows or can guess the protected routeByHTTPUser value may …

An information disclosure vulnerability in the UDR service allows any unauthenticated attacker with access to the 5G Service Based Interface (SBI) to retrieve stored subscriber identifiers (SUPI/IMSI) with a single HTTP GET request requiring no parameters or credentials.

An improper path validation vulnerability in the UDR service allows any unauthenticated attacker with access to the 5G Service Based Interface (SBI) to delete Traffic Influence Subscriptions by supplying an arbitrary value in place of the expected subs-to-notify path segment.

An improper path validation vulnerability in the UDR service allows any unauthenticated attacker with access to the 5G Service Based Interface (SBI) to create or overwrite Traffic Influence Subscriptions by supplying an arbitrary value in place of the expected subs-to-notify path segment.

An improper path validation vulnerability in the UDR service allows any unauthenticated attacker with access to the 5G Service Based Interface (SBI) to read Traffic Influence Subscriptions by supplying an arbitrary value in place of the expected subs-to-notify path segment.

A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify/{subsId} PUT handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended modification of existing Policy Data notification subscriptions with invalid, empty, or partially processed input, depending on downstream processor behavior.

When an HTTP request follows a cross-domain redirect (301/302/307/308), follow-redirects only strips authorization, proxy-authorization, and cookie headers (matched by regex at index.js:469-476). Any custom authentication header (e.g., X-API-Key, X-Auth-Token, Api-Key, Token) is forwarded verbatim to the redirect target. Since follow-redirects is the redirect-handling dependency for axios (105K+ stars), this vulnerability affects the entire axios ecosystem.

Authenticated users can delete emails imported into the system assigned to another user; where the Email Dropbox is in use.

The OpenRemote IoT platform's rules engine contains two interrelated critical expression injection vulnerabilities that allow an attacker to execute arbitrary code on the server, ultimately achieving full server compromise. Unsandboxed Nashorn JavaScript Engine: JavaScript rules are executed via Nashorn's ScriptEngine.eval() with user-supplied script content and no sandboxing, class filtering, or access restrictions. Critically, any non-superuser with the write:rules role can create JavaScript rulesets. Inactive Groovy Sandbox: The Groovy rules engine …

A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or Streamable-HTTP transport mode (the documented way to use this server remotely), an unauthenticated attacker on the network can read, write, and overwrite arbitrary files on the host filesystem by supplying crafted filepath arguments to any of the 25 exposed MCP tool handlers. The server is intended to confine file operations to a …

goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started with -b ':pass' together with -sftp, goshs accepts that configuration but does not install any SFTP password handler. As a result, an unauthenticated network attacker can connect to the SFTP service and access files without a password. I reproduced this on the latest release v2.0.0-beta.5.

goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started with -b ':pass' together with -sftp, goshs accepts that configuration but does not install any SFTP password handler. As a result, an unauthenticated network attacker can connect to the SFTP service and access files without a password. I reproduced this on the latest release v2.0.0-beta.5.

An unauthenticated user may gain ungrated privileges from a previous request (privilege escalation).

An unauthenticated user may gain ungrated privileges from a previous request (privilege escalation).

An unauthenticated user may gain ungrated privileges from a previous request (privilege escalation).

An unauthenticated user may gain ungrated privileges from a previous request (privilege escalation).

An unauthenticated user may gain ungrated privileges from a previous request (privilege escalation).

The codebase raises code analysis warnings related to security, including CA3075, CA5366, CA5371, CA5368, CA5369, CA5372, CA5379, CA5350, and CA5351. Most of these deal with disabling DTD processing in XML documents, but also includes cryptographic algorithm choices.

This update adds validation of the package ID and version during package download, in addition to the existing package signature validation.

This update adds validation of the package ID and version during package download, in addition to the existing package signature validation.

This update adds validation of the package ID and version during package download, in addition to the existing package signature validation.