•about 1 hour ago•CVE-2026-32694
6.6CVE-2026-32694: Authorization Bypass via Predictable Identifiers and Confused Deputy in Canonical Juju
Canonical Juju versions 3.0.0 through 3.6.18 contain a critical authorization bypass vulnerability within the secret management subsystem. Due to predictable secret identifiers and the absence of provenance verification, a malicious application can leverage a provider application as a confused deputy to access secrets belonging to other applications in the same model.
1 views•6 min read
•about 2 hours ago•GHSA-Q382-VC8Q-7JHJ
8.2GHSA-Q382-VC8Q-7JHJ: JSON Key Collusion via Null Byte Injection in Model Context Protocol Go SDK
The Model Context Protocol (MCP) Go SDK, via its dependency on segmentio/encoding, is vulnerable to JSON Key Collusion. The JSON parser improperly handles null Unicode characters during struct field mapping, allowing attackers to smuggle overriding keys past security filters and manipulate backend application logic.
3 views•6 min read
•about 3 hours ago•GHSA-W5FF-2MJC-4PHC
5.9GHSA-w5ff-2mjc-4phc: OS Command Injection in AVideo SocialMediaPublisher Plugin
The AVideo platform contains an OS Command Injection vulnerability within the SocialMediaPublisher plugin. The application improperly sanitizes LinkedIn API responses before passing them to a shell execution context, allowing attackers who control the API response to execute arbitrary commands as the web server user.
4 views•6 min read
•about 3 hours ago•GHSA-5X2W-37XF-7962
4.8GHSA-5X2W-37XF-7962: Unauthenticated PGP Decryption and Resource Exhaustion in AVideo
AVideo versions up to and including 25.0 expose a publicly accessible, unauthenticated endpoint that performs server-side PGP decryption. This vulnerability allows an anonymous attacker to submit arbitrary cryptographic workloads to the server, potentially causing resource exhaustion and exposing sensitive private key material in application logs.
4 views•7 min read
•about 5 hours ago•GHSA-4FCP-JXH7-23X8
6.2GHSA-4FCP-JXH7-23X8: Unbounded YAML Alias Expansion Denial of Service in Dasel
The Dasel data querying and modification tool contains a critical resource exhaustion vulnerability within its YAML parsing subsystem. An attacker supplying a maliciously crafted YAML document utilizing excessive aliases can induce infinite recursive expansion, resulting in complete CPU and memory exhaustion.
3 views•7 min read
•about 5 hours ago•GHSA-WVR4-3WQ4-GPC5
9.8GHSA-wvr4-3wq4-gpc5: Unauthenticated Remote Code Execution in MCP Connect /bridge Endpoint
EvalsOne MCP Connect suffers from a critical unauthenticated remote code execution vulnerability (GHSA-wvr4-3wq4-gpc5). An insecure default configuration allows remote attackers to bypass authentication and execute arbitrary operating system commands via the /bridge endpoint.
4 views•6 min read
•about 7 hours ago•GHSA-QVC2-MG72-JJHX
5.3GHSA-qvc2-mg72-jjhx: Mutation XSS (mXSS) in justhtml HTML Serializer
The justhtml Python library prior to version 1.12.0 contains a Cross-Site Scripting (XSS) vulnerability due to flawed HTML serialization logic. The serializer preserves the literal text content of raw-text elements like script and style to maintain round-trip fidelity. If an application uses a custom sanitization policy that permits these elements, an attacker can supply closing tag sequences to break out of the context and execute arbitrary JavaScript in the victim's browser.
4 views•7 min read
•about 13 hours ago•CVE-2026-20963
8.8CVE-2026-20963: Remote Code Execution via Insecure Deserialization in Microsoft SharePoint
CVE-2026-20963 is a critical remote code execution (RCE) vulnerability in Microsoft SharePoint Server, caused by the unsafe deserialization of untrusted data (CWE-502). An authenticated attacker with standard user privileges can exploit this flaw to execute arbitrary code in the context of the SharePoint service.
89 views•6 min read
•about 15 hours ago•GHSA-3RCM-VJRC-P45J
5.1GHSA-3rcm-vjrc-p45j: JustHTML Sanitizer Bypass in Markdown Serialization
A sanitizer bypass vulnerability in the JustHTML Python library allows for Cross-Site Scripting (XSS) when safe, entity-encoded HTML input is improperly serialized into raw HTML tags during Markdown generation.
9 views•5 min read
•1 day ago•GHSA-46FP-8F5P-PF2M
5.3GHSA-46fp-8f5p-pf2m: XSS Filter Bypass via Improper HTML Entity Decoding in Loofah allowed_uri?
The Loofah Ruby gem version 2.25.0 contains an improper URI validation vulnerability in the `Loofah::HTML5::Scrub.allowed_uri?` helper method. An attacker can bypass protocol validation by using HTML-encoded control characters, leading to Cross-Site Scripting (XSS) when the validated URI is rendered in a browser.
6 views•5 min read
•1 day ago•GHSA-6G7G-W4F8-9C9X
7.5GHSA-6G7G-W4F8-9C9X: Denial of Service via Negative Slice Index in github.com/buger/jsonparser
A denial-of-service vulnerability exists in github.com/buger/jsonparser up to version 1.1.1. The Delete function fails to validate offset bounds when processing malformed JSON, leading to a runtime panic and immediate process termination.
8 views•6 min read
•1 day ago•GHSA-JQCQ-XJH3-6G23
5.3GHSA-JQCQ-XJH3-6G23: Denial of Service via Unbounded Allocation in pgproto3
A denial of service vulnerability exists in the github.com/jackc/pgproto3/v2 Go package due to the absence of bounds checking during PostgreSQL wire protocol message encoding. This flaw allows a misconfigured peer or malicious actor to cause excessive memory allocation, leading to application crashes via out-of-memory (OOM) errors.
11 views•7 min read