DEV Community

CVE Reports profile picture

CVE Reports

CVEReports provides daily, automated deep-dives into the latest vulnerabilities, transforming emerging threats into comprehensive technical intelligence.

Joined Joined on  Personal website https://www.cvereports.com
GHSA-M3Q2-P4FW-W38M: GHSA-M3Q2-P4FW-W38M: Cross-Site Scripting (XSS) via Unsafe innerHTML Assignment in Nuxt <NoScript> Component
cverports profile

GHSA-M3Q2-P4FW-W38M: GHSA-M3Q2-P4FW-W38M: Cross-Site Scripting (XSS) via Unsafe innerHTML Assignment in Nuxt <NoScript> Component

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-49993: CVE-2026-49993: Proprietary Source Code Exfiltration via Incomplete Same-Origin Verification in Nuxt Dev Servers
cverports profile

CVE-2026-49993: CVE-2026-49993: Proprietary Source Code Exfiltration via Incomplete Same-Origin Verification in Nuxt Dev Servers

#security #cve #cybersecurity
Comments
2 min read
GHSA-69QJ-PVH9-C5WG: GHSA-69QJ-PVH9-C5WG: Command Injection in yt-dlp `--exec` Option
cverports profile

GHSA-69QJ-PVH9-C5WG: GHSA-69QJ-PVH9-C5WG: Command Injection in yt-dlp `--exec` Option

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-7CX2-G3H9-382P: GHSA-7CX2-G3H9-382P: Multiple Vulnerabilities in Crawl4AI Docker API (Arbitrary File Write, SSRF, CRLF Log Injection)
cverports profile

GHSA-7CX2-G3H9-382P: GHSA-7CX2-G3H9-382P: Multiple Vulnerabilities in Crawl4AI Docker API (Arbitrary File Write, SSRF, CRLF Log Injection)

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-F989-C77F-R2CQ: GHSA-f989-c77f-r2cq: LLM Credential Exfiltration and SSRF in Crawl4AI Docker Server
cverports profile

GHSA-F989-C77F-R2CQ: GHSA-f989-c77f-r2cq: LLM Credential Exfiltration and SSRF in Crawl4AI Docker Server

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-365W-HQF6-VXFG: GHSA-365w-hqf6-vxfg: Multiple Critical Vulnerabilities in Crawl4AI Docker API Server
cverports profile

GHSA-365W-HQF6-VXFG: GHSA-365w-hqf6-vxfg: Multiple Critical Vulnerabilities in Crawl4AI Docker API Server

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-534H-C3CW-V3H9: GHSA-534h-c3cw-v3h9: Local Information Disclosure via Abstract-Namespace Socket in Nuxt Dev Server
cverports profile

GHSA-534H-C3CW-V3H9: GHSA-534h-c3cw-v3h9: Local Information Disclosure via Abstract-Namespace Socket in Nuxt Dev Server

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-8RFP-98V4-MMR6: GHSA-8RFP-98V4-MMR6: Protocol-Filtering Bypass via Unicode Obfuscation in Mozilla Bleach
cverports profile

GHSA-8RFP-98V4-MMR6: GHSA-8RFP-98V4-MMR6: Protocol-Filtering Bypass via Unicode Obfuscation in Mozilla Bleach

#security #cve #cybersecurity #ghsa
Comments
3 min read
GHSA-G75F-G53V-794X: GHSA-G75F-G53V-794X: CPU Exhaustion via Unbounded Email Regular Expression Scanning in Bleach
cverports profile

GHSA-G75F-G53V-794X: GHSA-G75F-G53V-794X: CPU Exhaustion via Unbounded Email Regular Expression Scanning in Bleach

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-GR75-JV2W-4656: GHSA-GR75-JV2W-4656: Path Traversal and Sandbox Escape in LangChain File-Search Middleware and Loaders
cverports profile

GHSA-GR75-JV2W-4656: GHSA-GR75-JV2W-4656: Path Traversal and Sandbox Escape in LangChain File-Search Middleware and Loaders

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-M557-WRGG-6RP4: GHSA-m557-wrgg-6rp4: Server-Side Request Forgery via Authority Information Access (AIA) Chasing in phpseclib
cverports profile

GHSA-M557-WRGG-6RP4: GHSA-m557-wrgg-6rp4: Server-Side Request Forgery via Authority Information Access (AIA) Chasing in phpseclib

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-45491: CVE-2026-45491: Directory Traversal via Improper Link Resolution in .NET System.Formats.Tar
cverports profile

CVE-2026-45491: CVE-2026-45491: Directory Traversal via Improper Link Resolution in .NET System.Formats.Tar

#security #cve #cybersecurity
Comments
2 min read
GHSA-GJ48-438W-JH9V: GHSA-GJ48-438W-JH9V: Client-Side HTML Sanitization Bypass in Bleach
cverports profile

GHSA-GJ48-438W-JH9V: GHSA-GJ48-438W-JH9V: Client-Side HTML Sanitization Bypass in Bleach

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-53722: CVE-2026-53722: Reflected DOM-based Cross-Site Scripting (XSS) in Nuxt <NuxtLink>
cverports profile

CVE-2026-53722: CVE-2026-53722: Reflected DOM-based Cross-Site Scripting (XSS) in Nuxt <NuxtLink>

#security #cve #cybersecurity
Comments
2 min read
GHSA-PW6J-QG29-8W7F: GHSA-pw6j-qg29-8w7f: State Persistence and Sensitive Credential Leakage in Tornado CurlAsyncHTTPClient
cverports profile

GHSA-PW6J-QG29-8W7F: GHSA-pw6j-qg29-8w7f: State Persistence and Sensitive Credential Leakage in Tornado CurlAsyncHTTPClient

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-48748: CVE-2026-48748: Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion
cverports profile

CVE-2026-48748: CVE-2026-48748: Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-50010: CVE-2026-50010: Hostname Verification Bypass in Netty TLS Client
cverports profile

CVE-2026-50010: CVE-2026-50010: Hostname Verification Bypass in Netty TLS Client

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-50011: CVE-2026-50011: Unbounded Resource Pre-Allocation in Netty Redis Codec
cverports profile

CVE-2026-50011: CVE-2026-50011: Unbounded Resource Pre-Allocation in Netty Redis Codec

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-50020: CVE-2026-50020: HTTP Request Smuggling in Netty HttpObjectDecoder via Arbitrary Leading Control Bytes
cverports profile

CVE-2026-50020: CVE-2026-50020: HTTP Request Smuggling in Netty HttpObjectDecoder via Arbitrary Leading Control Bytes

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-50560: CVE-2026-50560: Denial of Service in Netty HTTP/2 Codec via Max Header List Size Exception
cverports profile

CVE-2026-50560: CVE-2026-50560: Denial of Service in Netty HTTP/2 Codec via Max Header List Size Exception

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-11417: CVE-2026-11417: OS Command Injection in AWS CDK NodejsFunction Bundling Pipeline
cverports profile

CVE-2026-11417: CVE-2026-11417: OS Command Injection in AWS CDK NodejsFunction Bundling Pipeline

#security #cve #cybersecurity
Comments
2 min read
GHSA-RQ7W-G337-39QQ: GHSA-RQ7W-G337-39QQ: Project Directory Path and Workspace UUID Disclosure in Nuxt Dev Server
cverports profile

GHSA-RQ7W-G337-39QQ: GHSA-RQ7W-G337-39QQ: Project Directory Path and Workspace UUID Disclosure in Nuxt Dev Server

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-48525: CVE-2026-48525: Uncontrolled Resource Consumption in PyJWT Detached JWS Verification
cverports profile

CVE-2026-48525: CVE-2026-48525: Uncontrolled Resource Consumption in PyJWT Detached JWS Verification

#security #cve #cybersecurity
Comments
2 min read
GHSA-WQVQ-JVPQ-H66F: GHSA-WQVQ-JVPQ-H66F: Security Control Bypass in Nodemailer via Transport Serialization
cverports profile

GHSA-WQVQ-JVPQ-H66F: GHSA-WQVQ-JVPQ-H66F: Security Control Bypass in Nodemailer via Transport Serialization

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-268H-HP4C-CRQ3: GHSA-268h-hp4c-crq3: CRLF Injection via List-* Header Comments in Nodemailer
cverports profile

GHSA-268H-HP4C-CRQ3: GHSA-268h-hp4c-crq3: CRLF Injection via List-* Header Comments in Nodemailer

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-48524: CVE-2026-48524: Remote Cache Eviction and Authentication Denial of Service in PyJWT
cverports profile

CVE-2026-48524: CVE-2026-48524: Remote Cache Eviction and Authentication Denial of Service in PyJWT

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-49982: CVE-2026-49982: Path Traversal Bypass via Type Confusion in node-tmp
cverports profile

CVE-2026-49982: CVE-2026-49982: Path Traversal Bypass via Type Confusion in node-tmp

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47347: CVE-2026-47347: Open Redirect Vulnerability in TYPO3 CMS GeneralUtility::sanitizeLocalUrl
cverports profile

CVE-2026-47347: CVE-2026-47347: Open Redirect Vulnerability in TYPO3 CMS GeneralUtility::sanitizeLocalUrl

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47349: CVE-2026-47349: Missing Authorization in TYPO3 CMS DataHandler Record Restoration
cverports profile

CVE-2026-47349: CVE-2026-47349: Missing Authorization in TYPO3 CMS DataHandler Record Restoration

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-11607: CVE-2026-11607: Broken Access Control in TYPO3 CMS Form Framework
cverports profile

CVE-2026-11607: CVE-2026-11607: Broken Access Control in TYPO3 CMS Form Framework

#security #cve #cybersecurity
Comments
2 min read
GHSA-G7R4-M6W7-QQQR: GHSA-G7R4-M6W7-QQQR: Path Traversal and Arbitrary File Read in esbuild Development Server on Windows
cverports profile

GHSA-G7R4-M6W7-QQQR: GHSA-G7R4-M6W7-QQQR: Path Traversal and Arbitrary File Read in esbuild Development Server on Windows

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-GV7W-RQVM-QJHR: GHSA-GV7W-RQVM-QJHR: Remote Code Execution via Missing Binary Integrity Verification in esbuild Deno Integration
cverports profile

GHSA-GV7W-RQVM-QJHR: GHSA-GV7W-RQVM-QJHR: Remote Code Execution via Missing Binary Integrity Verification in esbuild Deno Integration

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-CHGR-C6PX-7XPP: GHSA-chgr-c6px-7xpp: Thread-Safety Data Race in PyO3 Closure Wrapping
cverports profile

GHSA-CHGR-C6PX-7XPP: GHSA-chgr-c6px-7xpp: Thread-Safety Data Race in PyO3 Closure Wrapping

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-CH3Q-CW5R-F4HG: GHSA-CH3Q-CW5R-F4HG: Unbounded SSH field lengths cause excessive memory allocation in ConnectBot SSH Client Library
cverports profile

GHSA-CH3Q-CW5R-F4HG: GHSA-CH3Q-CW5R-F4HG: Unbounded SSH field lengths cause excessive memory allocation in ConnectBot SSH Client Library

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-VC8P-8PXG-RFWG: GHSA-vc8p-8pxg-rfwg: Denial of Service via Integer Overflow and Memory Exhaustion in ConnectBot SSH Client Library
cverports profile

GHSA-VC8P-8PXG-RFWG: GHSA-vc8p-8pxg-rfwg: Denial of Service via Integer Overflow and Memory Exhaustion in ConnectBot SSH Client Library

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-8467: CVE-2026-8467: Unauthenticated Remote Code Execution in phoenix_storybook
cverports profile

CVE-2026-8467: CVE-2026-8467: Unauthenticated Remote Code Execution in phoenix_storybook

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-8469: CVE-2026-8469: Denial of Service via BEAM Atom Table Exhaustion in phoenix_storybook
cverports profile

CVE-2026-8469: CVE-2026-8469: Denial of Service via BEAM Atom Table Exhaustion in phoenix_storybook

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47068: CVE-2026-47068: Authorization Bypass via Cross-Session PubSub Topic Injection in phoenix_storybook
cverports profile

CVE-2026-47068: CVE-2026-47068: Authorization Bypass via Cross-Session PubSub Topic Injection in phoenix_storybook

#security #cve #cybersecurity
Comments
2 min read
GHSA-7QJX-GP9H-65QJ: GHSA-7QJX-GP9H-65QJ: Improper Authorization in Dex Token Exchange
cverports profile

GHSA-7QJX-GP9H-65QJ: GHSA-7QJX-GP9H-65QJ: Improper Authorization in Dex Token Exchange

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2024-29203: CVE-2024-29203: Client-Side Cross-Site Scripting via Unsandboxed Iframes and Legacy Embed Elements in TinyMCE
cverports profile

CVE-2024-29203: CVE-2024-29203: Client-Side Cross-Site Scripting via Unsandboxed Iframes and Legacy Embed Elements in TinyMCE

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-9277: CVE-2026-9277: OS Command Injection in shell-quote via Object-Token Line Terminator Parsing Defect
cverports profile

CVE-2026-9277: CVE-2026-9277: OS Command Injection in shell-quote via Object-Token Line Terminator Parsing Defect

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-11645: CVE-2026-11645: Out-of-Bounds Memory Access in Google Chrome V8 Engine
cverports profile

CVE-2026-11645: CVE-2026-11645: Out-of-Bounds Memory Access in Google Chrome V8 Engine

#security #cve #cybersecurity
Comments
1 min read
CVE-2026-50751: CVE-2026-50751: Authentication Bypass in Check Point Security Gateway IKEv1 Legacy Validation
cverports profile

CVE-2026-50751: CVE-2026-50751: Authentication Bypass in Check Point Security Gateway IKEv1 Legacy Validation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39922: CVE-2026-39922: Server-Side Request Forgery in GeoNode Service Registration Endpoint
cverports profile

CVE-2026-39922: CVE-2026-39922: Server-Side Request Forgery in GeoNode Service Registration Endpoint

#security #cve #cybersecurity
Comments
2 min read
CVE-2022-0492: CVE-2022-0492: Privilege Escalation and Container Escape via cgroups v1 release_agent
cverports profile

CVE-2022-0492: CVE-2022-0492: Privilege Escalation and Container Escape via cgroups v1 release_agent

#security #cve #cybersecurity
Comments
3 min read
GHSA-G72G-R7M4-9X4G: GHSA-G72G-R7M4-9X4G: Insufficient Session Expiration of OAuth Tokens in NocoDB
cverports profile

GHSA-G72G-R7M4-9X4G: GHSA-G72G-R7M4-9X4G: Insufficient Session Expiration of OAuth Tokens in NocoDB

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FGMC-2HQJ-86V4: GHSA-FGMC-2HQJ-86V4: Default Administrative Credentials in vantage6-server
cverports profile

GHSA-FGMC-2HQJ-86V4: GHSA-FGMC-2HQJ-86V4: Default Administrative Credentials in vantage6-server

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-X9F6-9RVM-MMRG: GHSA-X9F6-9RVM-MMRG: Improper Access Control and Volume Mount Isolation Bypass in vantage6 Node
cverports profile

GHSA-X9F6-9RVM-MMRG: GHSA-X9F6-9RVM-MMRG: Improper Access Control and Volume Mount Isolation Bypass in vantage6 Node

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-47760: CVE-2026-47760: Cross-Site Scripting (XSS) via SVG Namespace Sanitizer Bypass in TinyMCE
cverports profile

CVE-2026-47760: CVE-2026-47760: Cross-Site Scripting (XSS) via SVG Namespace Sanitizer Bypass in TinyMCE

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47759: CVE-2026-47759: Stored Cross-Site Scripting (XSS) via Unsanitized data-mce-* Serialization Bypass in TinyMCE
cverports profile

CVE-2026-47759: CVE-2026-47759: Stored Cross-Site Scripting (XSS) via Unsanitized data-mce-* Serialization Bypass in TinyMCE

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47762: CVE-2026-47762: Stored Cross-Site Scripting (XSS) in TinyMCE Protect Pattern Restoration
cverports profile

CVE-2026-47762: CVE-2026-47762: Stored Cross-Site Scripting (XSS) in TinyMCE Protect Pattern Restoration

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47742: CVE-2026-47742: Missing Authorization and Client-Side Property Tampering in Shopper E-commerce Panel
cverports profile

CVE-2026-47742: CVE-2026-47742: Missing Authorization and Client-Side Property Tampering in Shopper E-commerce Panel

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47745: CVE-2026-47745: Missing Authorization in Shopper Admin Panel Settings
cverports profile

CVE-2026-47745: CVE-2026-47745: Missing Authorization in Shopper Admin Panel Settings

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47715: CVE-2026-47715: Insecure Direct Object Reference (IDOR) / Cross-Project Authorization Bypass in Bugsink
cverports profile

CVE-2026-47715: CVE-2026-47715: Insecure Direct Object Reference (IDOR) / Cross-Project Authorization Bypass in Bugsink

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47716: CVE-2026-47716: Broken Object Level Authorization in Bugsink Bulk Issue Actions
cverports profile

CVE-2026-47716: CVE-2026-47716: Broken Object Level Authorization in Bugsink Bulk Issue Actions

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47728: CVE-2026-47728: Multi-Tenant Isolation Bypass via Unscoped Debug ID Resolution in Bugsink
cverports profile

CVE-2026-47728: CVE-2026-47728: Multi-Tenant Isolation Bypass via Unscoped Debug ID Resolution in Bugsink

#security #cve #cybersecurity
Comments
2 min read
GHSA-5X67-J5XG-C5GJ: GHSA-5X67-J5XG-C5GJ: Denial of Service via Uncontrolled Resource Consumption in Bugsink Ingestion Pipeline
cverports profile

GHSA-5X67-J5XG-C5GJ: GHSA-5X67-J5XG-C5GJ: Denial of Service via Uncontrolled Resource Consumption in Bugsink Ingestion Pipeline

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-47744: CVE-2026-47744: Improper Privilege Management and State Tampering in Shopper E-commerce Administration Panel
cverports profile

CVE-2026-47744: CVE-2026-47744: Improper Privilege Management and State Tampering in Shopper E-commerce Administration Panel

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-24425: CVE-2026-24425: Remote Code Execution via Sandbox Bypass in Twig Template Engine
cverports profile

CVE-2026-24425: CVE-2026-24425: Remote Code Execution via Sandbox Bypass in Twig Template Engine

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47761: CVE-2026-47761: Stored Cross-Site Scripting in TinyMCE Media Plugin
cverports profile

CVE-2026-47761: CVE-2026-47761: Stored Cross-Site Scripting in TinyMCE Media Plugin

#security #cve #cybersecurity
Comments
2 min read
loading...