•about 2 hours ago•GHSA-8JR5-V98P-W75M
8.6GHSA-8JR5-V98P-W75M: Perception Desynchronization via Unnormalized EXIF Orientation and PNG Transparency in vLLM
A critical preprocessing mismatch exists in vLLM's multimodal image pipeline before commit cf1c90672404548aa3bc51f92c4745576a65ee26. The vulnerability occurs because the engine loads user-submitted images and passes them to underlying Vision-Language Models (VLMs) without normalizing their EXIF orientation metadata or fully resolving complex transparency structures. This gap creates a perception desynchronization vulnerability where the physical pixel grid processed by the AI model differs significantly from how the image is visually rendered to human moderators or frontend applications. Attackers can exploit this mismatch to perform silent prompt injections, bypass safety moderation systems, or execute adversarial jailbreaks.
2 views•8 min read
•about 3 hours ago•GHSA-664H-GPGQ-H6XX
5.4GHSA-664h-gpgq-h6xx: Privilege Escalation via Broken Authorization in n8n Evaluation Test Runs Controller
An incorrect authorization vulnerability exists in the open-source workflow automation platform n8n within the Evaluation Test Runs Controller. In deployments utilizing Advanced Permissions, an authenticated user assigned a low-privilege project:viewer role can bypass configured permission policies. This allows the unauthorized user to execute, terminate, or delete workflow evaluation test runs by exploiting misconfigured API scope validations that map read-only scopes to mutating endpoints.
4 views•6 min read
•about 10 hours ago•GHSA-JWM3-QCFW-C5PP
5.1GHSA-jwm3-qcfw-c5pp: Security Bypass in n8n Python Code Node AST Validator
An authenticated security-bypass vulnerability in n8n allows users with workflow creation or modification privileges to bypass the Python AST security validator. By circumventing AST validation logic, attackers can execute arbitrary statements, access the task executor's root module namespace, and disclose sensitive host environment variables on self-hosted instances.
7 views•6 min read
•about 11 hours ago•GHSA-H3JJ-5F3V-3685
6.4GHSA-H3JJ-5F3V-3685: Public API Execution Retry Authorization Bypass in n8n
An incorrect authorization vulnerability in the Public API of n8n allows authenticated users with read-only permissions to bypass access control boundaries. By invoking the execution retry endpoint, an unauthorized user can trigger workflow executions, effectively escalating their privileges from workflow:read to workflow:execute.
6 views•5 min read
•about 16 hours ago•GHSA-M3Q2-P4FW-W38M
2.3GHSA-M3Q2-P4FW-W38M: Cross-Site Scripting (XSS) via Unsafe innerHTML Assignment in Nuxt <NoScript> Component
A low-severity Cross-Site Scripting (XSS) vulnerability in Nuxt's globally registered <NoScript> head component allows unauthenticated attackers to execute arbitrary JavaScript. By injecting dynamic, untrusted data into <NoScript> slots, standard Vue HTML escaping is bypassed because the component processes slot text nodes and assigns them directly to the target element's innerHTML property instead of textContent. In modern browsers with scripting enabled, this raw injection can implicitly close the <noscript> tag, triggering script execution.
5 views•8 min read
•about 17 hours ago•CVE-2026-49993
5.7CVE-2026-49993: Proprietary Source Code Exfiltration via Incomplete Same-Origin Verification in Nuxt Dev Servers
CVE-2026-49993 identifies an incomplete same-origin check validation mechanism in @nuxt/webpack-builder and @nuxt/rspack-builder dev server middleware. When the local development server is bound to a non-loopback address, cross-origin attackers can bypass verification checks by suppressing browser headers, leading to unauthorized retrieval and exfiltration of compiled source code chunks.
8 views•4 min read
•about 18 hours ago•GHSA-69QJ-PVH9-C5WG
7.5GHSA-69QJ-PVH9-C5WG: Command Injection in yt-dlp `--exec` Option
An OS command injection vulnerability in yt-dlp before 2026.06.09 allows unauthenticated remote attackers to execute arbitrary shell commands via crafted media metadata when a user processes media using the --exec post-processing parameter with unsafe string interpolation conversions.
10 views•7 min read
•about 19 hours ago•GHSA-7CX2-G3H9-382P
8.1GHSA-7CX2-G3H9-382P: Multiple Vulnerabilities in Crawl4AI Docker API (Arbitrary File Write, SSRF, CRLF Log Injection)
An in-depth technical analysis of multiple security vulnerabilities in the self-hosted Docker API server of Crawl4AI up to version 0.8.7. These flaws include a critical arbitrary file write via symlink traversal and TOCTOU weakness, CRLF log injection, webhook header injection, and SSRF filter gaps. These have been remediated in version 0.8.8.
5 views•6 min read
•about 20 hours ago•GHSA-F989-C77F-R2CQ
8.2GHSA-f989-c77f-r2cq: LLM Credential Exfiltration and SSRF in Crawl4AI Docker Server
A technical evaluation of the Crawl4AI open-source web crawling and scraping library revealed a high-severity credential exfiltration vulnerability in its self-hosted Dockerized API server. The flaw arises from an unvalidated base_url parameter in request payloads and a dynamic prefix resolution mechanism that retrieves system environment variables. Unauthenticated remote attackers can leverage these features in tandem to extract host-level secrets or redirect configured LLM API keys to an external listener under their control.
6 views•6 min read
•about 20 hours ago•GHSA-365W-HQF6-VXFG
9.8GHSA-365w-hqf6-vxfg: Multiple Critical Vulnerabilities in Crawl4AI Docker API Server
The Crawl4AI Docker API server, in versions 0.8.6 and prior, contains multiple critical vulnerabilities including improper path sanitization, missing authentication on administration routes, hardcoded JWT secrets, and SSRF. These vulnerabilities allow remote, unauthenticated attackers to write arbitrary files, execute arbitrary code, and pivot into private cloud environments.
10 views•7 min read
•about 23 hours ago•GHSA-534H-C3CW-V3H9
5.5GHSA-534h-c3cw-v3h9: Local Information Disclosure via Abstract-Namespace Socket in Nuxt Dev Server
A local security vulnerability in the Nuxt development server (nuxt dev) allows local unprivileged users to access sensitive configuration files and source code. On Linux environments running Node.js 20+, Nuxt bound its internal vite-node IPC server to an abstract-namespace Unix socket without any peer authentication, enabling co-resident local users to connect and request module code directly.
5 views•5 min read
•about 24 hours ago•GHSA-8RFP-98V4-MMR6
0.0GHSA-8RFP-98V4-MMR6: Protocol-Filtering Bypass via Unicode Obfuscation in Mozilla Bleach
Mozilla Bleach is an open-source HTML sanitizing library for Python. Versions up to and including 6.3.0 contain an incomplete filtering implementation in the URI validation logic ('sanitize_uri_value'). This logic fails to detect disallowed protocols, such as 'javascript:', if they contain Unicode invisible characters, whitespace characters, or characters with a code point greater than U+00A0. While standard-compliant web browsers do not directly execute invalid URI schemes containing these non-standard characters, downstream systems that normalize Unicode text by stripping invisible or non-ASCII characters can unintentionally reactivate the 'javascript:' prefix, causing Cross-Site Scripting (XSS). Additionally, this behavior violates Bleach's core sanitization contract by outputting URIs that bypass protocol allowlists configured by the caller.
5 views•7 min read