CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option.
Weblate is a web based localization tool. Prior to version 2026.5, Weblate's live search preview renders unit source and context as HTML without escaping, potentially allowing malicious code execution.
Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl do not protect against metric injections. The statsd protocol allows multiple metrics to be sent per packet, creating a risk.
The CleanWipe Removal Tool (macOS) prior to version 16.0.0.65 may be susceptible to a Local Privilege Escalation vulnerability. An attacker with limited access can escalate their privileges to gain administrative control.
Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before version 1.8.2 may allow an unauthenticated remote actor to cause a denial of service by sending crafted QUIC Initial packets.
Fission is a serverless framework, native to Kubernetes, that prior to version 1.25.0 improperly validated the RelativeURL and Prefix fields in HTTPTriggerSpec.Validate(). These fields were only validated at the CLI level, allowing URL checks to be bypassed using kubectl or direct Kubernetes REST API calls.
Fission, a Kubernetes-native serverless framework, prior to version 1.24.0, created builder pods with auto-mounted service account tokens, potentially leading to unauthorized access to resources. This issue has been patched in version 1.24.0.
The draw.io application prior to version 29.7.12 contains a vulnerability that allows arbitrary JavaScript execution through a crafted .drawio file. The issue lies in the Text Format panel where the raw cell label is assigned to an element without proper sanitization.
Fission is a serverless framework, Kubernetes-native, that prior to version 1.23.0 had a security vulnerability. In pkg/builder/builder.go, the Environment.spec.builder.command was passed without validation, allowing arbitrary code execution in the builder pod context.
In Splunk SOAR versions below 8.5.0, an unauthenticated attacker could inject ANSI escape codes into SOAR application log files through specially crafted HTTP request paths. The injection is possible because SOAR does not strip control characters from HTTP request paths before writing them to application logs.
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15, 10.1.2507.23, 10.0.2503.14, and 9.3.2411.131, a user with a role containing the high-privilege capability `edit_saved_search_owner` could reassign saved search ownership to users outside their authorized scope. The ownership reassignment endpoint lacks access control.
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user can craft a classic dashboard that exfiltrates sensitive data from the browser of a higher-privileged user who views it. The issue arises from the lack of full validation of style attribute values in classic dashboard panels.
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user can cause data exfiltration through classic dashboards by redirecting a victim to an external site using a protocol-relative URL in a drill-down link.
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user can craft a malicious classic dashboard that exfiltrates sensitive data to an external server.
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user can craft a malicious dashboard that exfiltrates sensitive data to an external server when a higher-privileged user views it, exploiting a validation flaw in the Trusted Domains security check.
In ScreenConnect™ versions prior to 26.2, input validation within the Host Pass creation functionality could allow an authenticated user with Host Pass creation privileges to specify a token expiration duration beyond the intended maximum when generating delegated access tokens.
Umbraco is an ASP.NET CMS. Prior to versions 13.14.0 and 17.4.0, some Surface Controllers in the CMS fail to validate redirect URLs, making Razor templates that derive 'RedirectUrl' from user-controlled query parameters vulnerable to malicious redirect attacks.
Umbraco is an ASP.NET CMS. Authenticated users can inject HTML into an input field, which is rendered in the confirmation dialog without proper output encoding.
Silverpeas through 6.4.6 mishandles the 'Personal space' feature when no componentId is set.
A stored cross-site scripting (XSS) vulnerability exists in the tag rendering code of MISP BSimVis. Several client-side rendering paths interpolate tag names, collection names, entity identifiers, cluster names, and tag metadata without appropriate context, allowing attackers to inject malicious code.

