GitHub Security Advisories

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

aiosend: Deserialization of request body before signature verification (Pre-auth DoS) in webhook handler

qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set

FileBrowser Quantum: Path traversal in public share PATCH allows file ops outside shared directory

YesWiki: Unauthenticated SQL Injection

ImageMagick: Heap Buffer Over-Read in distributed pixel cache server

ImageMagick: Information Disclosure in distributed pixel cache server because it is not using a challenge–response authentication model

ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking

ImageMagick: Heap Buffer Over-Write in distributed pixel cache server

The Widget Context plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...

The Slider by Soliloquy – Responsive Image Slider for WordPress plugin for WordPress is...

A broken access control vulnerability exists in the TeamViewer DEX Platform (On‑Premises) prior...

The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in...

The FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads,...

The MotoPress Hotel Booking plugin for WordPress is vulnerable to authorization bypass in all...

The Vedrixa Forms – User Registration Form, Signup Form & Drag & Drop Form Builder plugin for...

The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to...

The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable...

The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter...

There is an an information disclosure vulnerability in ZTE MU5250. Due to improper configuration...

The FastX theme for WordPress is vulnerable to unauthorized limited plugin installation and...

The Location Weather plugin for WordPress is vulnerable to unauthorized modification of data due...

Mothra would respect a default value given by a website for HTML file upload forms. An attacker...

The KIA Subtitle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size...

The Alfie – Feed Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site...

The WP Blockade plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...

A malicious actor with access to the network could exploit an Improper Input Validation...

A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows...

A malicious actor with access to the network and low privileges could exploit a Path Traversal...

A malicious actor with access to the network could exploit an Improper Access Control...

A malicious actor with access to the network could exploit a Path Traversal vulnerability found...

A malicious actor with access to the network and high privileges could exploit an Improper Input...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete...

Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments[]...

Concrete CMS 9.5.0 and below is vulnerable to unauthorized file deletion due to an Inverted CSRF...

Concrete CMS 9.5.0 and below is vulnerable to IDOR combined with a missing authentication gate....

Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and...

In Concrete CMS 9.5.0 and below,  the submit_password() method in concrete/controllers...

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The `/ccm/frontend/conversations...

Concrete CMS 9.5.0 and below is subject to Insecure Direct Object Reference (IDOR) in the Express...

Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName because...

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A...

The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing...

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/message_page...

In Concrete CMS 9.5.0 and below, the RSS Displayer block accepts a feed URL from any page editor...

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/get_rating'...

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across...

In the Drupal 7 Term Reference Tree module, two stored XSS vectors exist in the widget/formatter...

Simple Hierarchical Select (SHS) for Drupal 7 contains cross-site scripting risk due to improper...

Webmin before 2.641 contains a stored cross-site scripting vulnerability in the email template...

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing...

Network-AI: Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret

Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host

BoxLite: Permission Bypass Allows Modification of Read-Only Files

ImageMagick: Information Disclosure in PasskeyEncipherImage via AES-CTR nonce reuse

ImageMagick: Division by Zero in binomial kernel

ImageMagick: Heap Buffer Over-Write in json and yaml encoder of a single byte due to incorrect fix

@nevware21/ts-utils: Prototype Pollution in objDeepCopy/objCopyProps via for...in without hasOwnProperty

containerd user ID handling bypass allows runAsNonRoot evasion

js-libp2p: Memory DoS via subscription flood of unique topics

Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

Rust OneNote File Parser: Path traversal in `Parser::parse_notebook` allows reading files outside the notebook directory

SQLAdmin: Authorization Bypass on `ajax_lookup`

Twig: Arbitrary PHP code execution via `_self.(<string>)` macro-reference compilation

Twig: Sandbox property and method bypass via object-destructuring assignment

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend...

Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment...

Concrete CMS 9.5.0 and below has Stored XSS on the height parameter. The controller does not...

Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in the Calendar Block since...

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to ...

Concrete CMS 9.5.0 and below emits a CSRF token in the local_available_update.php view ($token-...

Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install_package() method of...

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to ...

LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update...

Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the...

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to ...

Concrete CMS 9.5.0 and below  is vulnerable to unauthenticated file usage disclosure via missing...

Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via OAuth integration name. The OAuth...

Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure...

The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due...

LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to...

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote...

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated...