CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.07)
In versions prior to 4.1.135.Final and 4.2.15.Final of the Netty framework, there is a vulnerability related to improper handling of SCM_RIGHTS messages, leading to file descriptor leaks. Due to incorrect message length handling, two file descriptors may be installed in the receiving process but not closed.
Frappe is a web application framework. Prior to version 15.106.0, a stored XSS vulnerability in the user profile image section allowed an attacker to execute malicious scripts in the browsers of other users.
Frappe is a web application framework. Prior to versions 15.106.0 and 16.16.0, there was a possible SQL Injection via get_blog_list. This issue has been patched in versions 15.106.0 and 16.16.0.
Nuxt is an open-source web development framework for Vue.js. In versions @nuxt/rspack-builder and @nuxt/webpack-builder from 3.15.4 to before 3.21.7 and from 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g, which may lead to source code theft during development.
In Nuxt versions 3.11.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, as well as in @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, enabling the experimental.componentIslands option caused .server.vue files under pages/ to be automatically registered as server islands. Requests through the /__nuxt_island/:name endpoint rendered the page component directly without instantiating Vue Router, resulting in route middleware not running.
In Nuxt versions 3.1.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, as well as in @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, the /__nuxt_island/* endpoint accepts attacker-controlled props query/body parameters and renders island components without verifying that the URL-resident hash (<Name>_<hashId>.json) was actually issued for those inputs. This issue has been patched in versions 3.21.6 and 4.4.6.
In versions @nuxt/rspack-builder and @nuxt/webpack-builder from 3.15.4 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during development when the dev server is bound to a non-loopback address.
Nuxt is a web development framework that in versions from 3.4.3 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 has an issue with the navigateTo() function. Using external: true generates an HTML redirect with a <meta http-equiv="refresh"> tag, allowing for injection of malicious code.
The system stores the username and password from the login form after submitting the request. This could allow an attacker with access to the platform to return to the browser and view the login credentials.
Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks. The use of Perl's built-in eq comparison may allow an attacker to guess the underlying derived key by analyzing timing discrepancies.
Quest Bot is an open-source Discord bot that, prior to version 1.1.8, allowed users to repeatedly create new ticket channels without restrictions. The latest version still creates a new database ticket and Discord channel for every completed ticket modal submission, without checking if the same user already has an open ticket.
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information.
A vulnerability in Apache CXF's JwsJsonContainerRequestFilter allows for processing metadata that was not authenticated by the accepted signature. This can bypass the application's assumptions regarding `Content-Type` or protected HTTP-header metadata.
A CRLF injection vulnerability exists in the OAuth2 AuthorizationUtils class. The 'realm' parameter is concatenated without sanitizing Carriage Return (CR) and Line Feed (LF) characters, allowing an attacker to inject arbitrary HTTP headers or split the HTTP response entirely.
The 'clientId' parameter from incoming HTTP requests is directly concatenated into OAuth2 server log warning messages without sanitizing control characters. This allows an attacker to inject arbitrary content, including fake log entries, into the server's log files.
An authentication bypass vulnerability exists in the OAuth2 TokenIntrospectionService in Apache CXF. Due to a missing 'throw' keyword in the security context check, the introspection endpoint (/services/oauth2/introspect) can be accessed by any unauthenticated network attacker.
A flaw was found in QEMU's virtio-blk device due to improper validation of input descriptor sizes before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request.
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Path Traversal vulnerability, allowing authenticated remote attackers to exploit this vulnerability to create directories in unintended system paths.
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope.
The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed.

