Budibase: Builder-to-Admin Privilege Escalation via onboardUsers Endpoint Without SMTP Configuration
n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete
Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens
ruby-jwt: Empty-key HMAC bypass; cross-language sibling of CVE-2026-44351
Formie: Pre-authenticated server-side template injection in Hidden fields
TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection
Creating a "2dsphere_bucket" index on a non-timeseries bucket collection will succeed, but any subsequent attempt to insert a document which triggers updating that index will crash the server. A similar issue occurs when creating "queryable_encrypted_range" indices. This issue a...
A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in theΒ /api/v2/tenants/{tenant}/databases/{db}/...
Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a privilege escalation vulnerability that may allow an authenticated user with limited access privileges to gain unauthorized administrator-level privileges through exploitation of specific system interfaces.
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format (CPF) parser, specifically in CreateCommonPacketFormatStructure() in source/src/enet_encap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled item_count value that is not consistently v...
@tmlmobilidade/utils has prototype pollution in its setValueAtPath
parse-nested-form-data has Prototype Pollution via `__proto__` in FormData field names
async-http-client: Cookie header not stripped on cross-origin redirect
Dozzle: Pre-auth SSRF with response-body reflection via POST /api/notifications/test-webhook (default no-auth deploy)
iskorotkov/avro: CPU Exhaustion in Decoder
CI4MS: Stored XSS in Pages Module Content via Broken html_purify Validation Rule
iskorotkov/avro: Integer Overflow in Decoder
brace-expansion: Large numeric range defeats documented `max` DoS protection
CI4MS Fileeditor allows deletion and rename of critical application files due to missing extension allowlist on destructive operations
An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd