•about 1 hour ago•GHSA-4MX9-3C2H-HWHG
9.3GHSA-4MX9-3C2H-HWHG: Reflected Cross-Site Scripting via Incomplete SVG Sanitization Bypass in SiYuan
GHSA-4MX9-3C2H-HWHG represents a critical reflected Cross-Site Scripting (XSS) vulnerability in the SiYuan personal knowledge management system. The flaw stems from an incomplete blocklist in the application's SVG sanitizer, allowing attackers to execute arbitrary JavaScript by embedding malicious data URIs in the unauthenticated dynamic icon generation endpoint.
3 views•6 min read
•about 2 hours ago•GHSA-43W5-MMXV-CPVH
7.5GHSA-43W5-MMXV-CPVH: Denial of Service via Infinite Loop in Micronaut Data Binding
The Micronaut Framework contains a Denial of Service (DoS) vulnerability within its form-urlencoded data binding mechanism. Specifically, the JsonBeanPropertyBinder class improperly handles descending array indices during parameter parsing, leading to an infinite loop and subsequent resource exhaustion. This flaw affects Micronaut 3.x versions prior to 3.10.5 and 4.x versions prior to 4.10.16.
2 views•6 min read
•about 12 hours ago•GHSA-VVP9-7P8X-RFVV
7.5GHSA-VVP9-7P8X-RFVV: Information Leak via Out-of-Bounds Read in lz4_flex
The lz4_flex Rust crate prior to version 0.11.4 contains an information leak vulnerability due to improper validation of LZ4 match offsets. An attacker can craft a malicious LZ4 payload that forces the decompressor to read from uninitialized memory or previously freed buffers, leading to sensitive data exposure.
11 views•6 min read
•about 13 hours ago•GHSA-9W88-79F8-M3VP
6.5GHSA-9W88-79F8-M3VP: Insecure Trailer Handling Allows HTTP Header Injection in ewe
The ewe web server library for Gleam/Erlang contains a moderate-severity vulnerability in its HTTP/1.1 chunked transfer encoding parser. Prior to version 3.0.5, the library utilized an incomplete denylist for processing HTTP trailer headers, enabling attackers to inject or overwrite critical request headers such as Authorization, Cookie, or X-Forwarded-For. This flaw allows for potential authentication bypass, session hijacking, or identity spoofing depending on the specific application logic deployed atop the library.
7 views•7 min read
•about 14 hours ago•GHSA-4W98-XF39-23GP
7.5GHSA-4W98-XF39-23GP: Infinite Loop Denial of Service in ewe HTTP Trailer Parsing
The ewe web server, developed in Gleam for the Erlang BEAM ecosystem, contains a Denial of Service vulnerability stemming from an infinite loop in its HTTP trailer parsing logic. Versions prior to 3.0.3 fail to properly advance the network buffer when encountering invalid or forbidden chunked trailers. This flaw allows an unauthenticated remote attacker to trigger 100% CPU exhaustion by sending a maliciously crafted HTTP/1.1 request.
6 views•8 min read
•about 14 hours ago•GHSA-WWG8-6FFR-H4Q2
5.7GHSA-wwg8-6ffr-h4q2: Cross-Site Request Forgery in Admidio Role Management
Admidio versions 5.0.0 through 5.0.6 contain a Cross-Site Request Forgery (CSRF) vulnerability in the organizational role management module. The application fails to validate anti-CSRF tokens for state-changing operations including role deletion, activation, and deactivation. An attacker can leverage this flaw to perform unauthorized actions by tricking a privileged user into executing a malicious request.
9 views•8 min read
•about 17 hours ago•GHSA-RMPJ-3X5M-9M5F
9.1GHSA-RMPJ-3X5M-9M5F: Missing Authorization and CSRF in Admidio Document Deletion
Admidio versions 5.0.0 through 5.0.6 suffer from a critical vulnerability in the 'Documents and Files' module. The application fails to properly enforce authorization and CSRF protections for destructive operations involving file and folder deletion, leading to unauthorized data destruction.
5 views•6 min read
•about 17 hours ago•GHSA-G375-5WMP-XR78
6.5GHSA-g375-5wmp-xr78: Missing Authorization Allows Arbitrary Forum Deletion in Admidio
Admidio versions 5.0.0 through 5.0.6 contain a missing authorization vulnerability within the forum module. This flaw permits any authenticated user, regardless of their privilege level, to permanently delete arbitrary forum topics and posts. The underlying issue is located in the request handler for the forum module, which validates CSRF tokens but fails to verify object ownership or administrative rights before executing data deletion operations.
7 views•5 min read
•1 day ago•CVE-2026-28490
8.3CVE-2026-28490: Bleichenbacher Padding Oracle in Authlib RSA1_5 JWE Implementation
Authlib versions prior to 1.6.9 contain a cryptographic padding oracle vulnerability in the JSON Web Encryption (JWE) RSA1_5 implementation. By mishandling the length check of decrypted Content Encryption Keys (CEK), the library exposes an exception oracle that allows unauthenticated remote attackers to decrypt intercepted JWE tokens via a Bleichenbacher attack.
12 views•7 min read
•1 day ago•CVE-2026-32732
0.0CVE-2026-32732: Cross-Site Scripting (XSS) in @leanprover/unicode-input-component
The @leanprover/unicode-input-component npm package, utilized by the Lean 4 VS Code Extension, contains a Cross-Site Scripting (XSS) vulnerability. Versions 0.1.9 and lower fail to properly neutralize script-related HTML tags during unicode abbreviation processing, leading to arbitrary JavaScript execution in the client context.
10 views•6 min read
•1 day ago•CVE-2026-3910
8.8CVE-2026-3910: Type Confusion in V8 Maglev Compiler Leading to Remote Code Execution
CVE-2026-3910 is a high-severity vulnerability in the Google Chrome V8 JavaScript engine. An inappropriate implementation in the Maglev compiler's Phi untagging pass allows a remote attacker to achieve arbitrary code execution within the browser sandbox. Google Threat Analysis Group (TAG) confirmed this zero-day vulnerability was exploited in the wild prior to the patch release in Chrome version 146.0.7680.75.
53 views•6 min read
•1 day ago•CVE-2026-3909
8.8CVE-2026-3909: Remote Code Execution via Out-of-Bounds Write in Google Skia Graphics Engine
A critical out-of-bounds (OOB) write vulnerability exists in the Google Skia 2D graphics engine, affecting Chrome, ChromeOS, Android, and Flutter. This flaw allows remote attackers to execute arbitrary code within the renderer process via crafted HTML content and is actively exploited in the wild.
88 views•7 min read