listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover

GHSA-jmr4-p576-v565 CVE-2026-21483 MODERATE about 12 hours ago

## Security Advisory: Stored XSS Leading to Admin Account Takeover **Affected Versions:** ≤ 5.1.0 **Vulnerability Type:** CWE-79: Stored Cross-S...

go

No PRs yet

Bagisto is vulnerable to SSTI via name parameters provided by non-admin low-privilege users

GHSA-mqhg-v22x-pqj8 CVE-2026-21449 HIGH about 12 hours ago

### Summary SSTI is possible via first name and last name parameters provided by lowest-privileged users. ### Details 1. Go to `http://127.0.0.1:80...

packagist

No PRs yet

Bagisto has IDOR in Customer Order Reorder Functionality

GHSA-x5rw-qvvp-5cgm CVE-2026-21447 HIGH about 12 hours ago

### Summary An Insecure Direct Object Reference vulnerability in the customer order reorder function allows any authenticated customer to add item...

packagist

No PRs yet

Bagisto has Normal & Blind SSTI from low-privilege user when ordering product

GHSA-5j4h-4f72-qpm6 CVE-2026-21448 HIGH about 12 hours ago

### Summary SSTI when normal customer orders any product in add address step can inject value run in admin view. ### Details `As normal user` 1. Go...

packagist

No PRs yet

Bagisto SSTI vulnerability in type parameter can lead to RCE

GHSA-9hvg-qw5q-wqwp CVE-2026-21450 HIGH about 13 hours ago

### Summary SSTI is possible in Bagisto via type parameter can lead to RCE and other exploitations. ### Details 1. Go to `http://127.0.0.1:8000/ad...

packagist

No PRs yet

Bagisto has HTML Filter Bypass that Enables Stored XSS

GHSA-2mwc-h2mg-v6p8 CVE-2026-21451 MODERATE about 13 hours ago

### Summary A stored Cross-Site Scripting (XSS) vulnerability exists in Bagisto 2.3.8 within the CMS page editor. Although the platform normally at...

packagist

No PRs yet

Bagisto Missing Authentication on Installer API Endpoints

GHSA-6h7w-v2xr-mqvw CVE-2026-21446 HIGH about 13 hours ago

### Vulnerable Code **File:** `packages/Ibkul/Installer/src/Routes/Ib.php` ``` <?php use Illuminate\\Session\\Middleware\\StartSession; use Il...

packagist

No PRs yet

Langflow Missing Authentication on Critical API Endpoints

GHSA-c5cp-vx83-jhqx CVE-2026-21445 HIGH about 13 hours ago

### Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive ...

pypi

No PRs yet

AdonisJS Path Traversal in Multipart File Handling

GHSA-gvq6-hvvp-h34h CVE-2026-21440 CRITICAL about 16 hours ago

### Summary **Description** A Path Traversal (CWE-22) vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbit...

npm

1

Dependabot PRs

Signal K Server vulnerable to JWT Token Theft via WebSocket Enumeration and Unauthenticated Polling

GHSA-fq56-hvg6-wvm5 CVE-2025-68620 CRITICAL about 19 hours ago

SignalK Server exposes two features that can be chained together to steal JWT authentication tokens without any prior authentication. The attack co...

npm

No PRs yet

Signal K Server Vulnerable to Access Request Spoofing

GHSA-vfrf-vcj7-wvr8 CVE-2025-69203 MODERATE about 19 hours ago

The SignalK access request system has two related features that when combined by themselves and with the infromation disclosure vulnerability enabl...

npm

No PRs yet

Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package

GHSA-93jc-vqqc-vvvh CVE-2025-68619 HIGH about 19 hours ago

The SignalK appstore interface allows administrators to install npm packages through a REST API endpoint. While the endpoint validates that the pac...

npm

No PRs yet

Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints

GHSA-fpf5-w967-rr2m CVE-2025-68273 MODERATE about 19 hours ago

[Note] This is a separate issue from the RCE vulnerability (State Pollution) currently being patched. While related to tokensecurity.js, it involve...

npm

No PRs yet

Signal K Server Vulnerable to Denial of Service via Unrestricted Access Request Flooding

GHSA-7rqc-ff8m-7j23 CVE-2025-68272 HIGH about 19 hours ago

### Summary A Denial of Service (DoS) vulnerability allows an unauthenticated attacker to crash the SignalK Server by flooding the access request e...

npm

No PRs yet

Signal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE)

GHSA-w3x5-7c4c-66p9 CVE-2025-66398 CRITICAL about 19 hours ago

### Summary An unauthenticated attacker can pollute the internal state (`restoreFilePath`) of the server via the `/skServer/validateBackup` endpoin...

npm

No PRs yet

Apache StreamPipes has Improper Privilege Management issue

GHSA-5r2g-vphf-m5xc CVE-2025-47411 MODERATE 1 day ago

A user with a legitimate non-administrator account can exploit a vulnerability in the user ID creation mechanism in Apache StreamPipes that allows ...

maven

No PRs yet

Feast vulnerable to Deserialization of Untrusted Data

GHSA-34wm-4hw7-qfjv CVE-2025-11157 HIGH 2 days ago

A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job locat...

pypi

No PRs yet

Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists

GHSA-pc73-rj2c-wvf9 CVE-2025-69413 MODERATE 2 days ago

In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists.

go

No PRs yet

Trix has a stored XSS vulnerability through its attachment attribute

GHSA-g9jg-w8vm-g96v MODERATE 3 days ago

### Impact The Trix editor, in versions prior to 2.1.16, is vulnerable to XSS attacks through attachment payloads. An attacker could inject malici...

npm rubygems

No PRs yet

serverless MCP Server vulnerable to Command Injection in list-projects tool

GHSA-rwc2-f344-q6w6 CVE-2025-69256 HIGH 3 days ago

### Summary A command injection vulnerability exists in the Serverless Framework's built-in MCP server package (@serverless/mcp). This vulnerabili...

npm

No PRs yet

CBORDecoder reuse can leak shareable values across decode calls

GHSA-wcj4-jw5j-44wh CVE-2025-68131 MODERATE 3 days ago

### Summary When a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory an...

pypi

No PRs yet

theshit vulnerable to unsafe loading of user-owned Python rules when running as root

GHSA-95qg-89c2-w5hj CVE-2025-69257 HIGH 3 days ago

### Impact **Vulnerability Type:** Local Privilege Escalation (LPE) / Arbitrary Code Execution. The application loads custom Python rules and con...

cargo

No PRs yet

ImageMagick's failure to limit MVG mutual causes Stack Overflow

GHSA-7rvh-xqp3-pr8j CVE-2025-68950 MODERATE 3 days ago

### Summary Magick fails to check for circular references between two MVGs, leading to a stack overflow. ### Details After reading mvg1 using Mag...

nuget

5

Dependabot PRs

RustFS has a gRPC Hardcoded Token Authentication Bypass

GHSA-h956-rh7x-ppgj CVE-2025-68926 CRITICAL 3 days ago

## Vulnerability Overview ### Description RustFS implements gRPC authentication using a hardcoded static token `"rustfs rpc"` that is: 1. **Publi...

cargo

No PRs yet

ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack

GHSA-p27m-hp98-6637 CVE-2025-68618 MODERATE 3 days ago

### Summary Using Magick to read a malicious SVG file resulted in a DoS attack. ### Details bt obtained using gdb: ``` #4 0x0000555555794c9c in...

nuget

9

Dependabot PRs

Temporal has an Incorrect Authorization vulnerability

GHSA-hmhp-gh8m-c8xp CVE-2025-14987 MODERATE 4 days ago

When system.enableCrossNamespaceCommands is enabled (on by default), the Temporal server permits certain workflow task commands (e.g. StartChildWor...

go

No PRs yet

Temporal has a namespace policy bypass allowing requests to be authorized for incorrect contexts

GHSA-p2gr-hm8g-q772 CVE-2025-14986 LOW 4 days ago

When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validation and feature gates for the embedded StartWork...

go

No PRs yet

URI Credential Leakage Bypass over CVE-2025-27221

GHSA-j4pr-3wm6-xx2r CVE-2025-61594 LOW 4 days ago

### Impact In affected URI version, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the `+` operator t...

rubygems

50

Dependabot PRs

qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion

GHSA-6rw7-vpxm-498p CVE-2025-15284 HIGH 4 days ago

### Summary The `arrayLimit` option in qs does not enforce limits for bracket notation (`a[]=1&a[]=2`), allowing attackers to cause denial-of-serv...

npm

No PRs yet

FacturaScripts is Vulnerable to Stored Cross-Site Scripting (XSS) via XML File Upload

GHSA-2267-xqcf-gw2m CVE-2025-69210 HIGH 4 days ago

A stored cross-site scripting (XSS) vulnerability exists in the product file upload functionality. Authenticated users can upload crafted XML file...

packagist

No PRs yet

YOURLS is vulnerable to XSS through JSONP and Callback request parameters

GHSA-6mp4-q625-mxjp HIGH 4 days ago

### Summary The callback and **jsonp** request parameters are directly concatenated into the response without any sanitization that allowing attac...

packagist

No PRs yet

PsiTransfer has Zip Slip Path Traversal via TAR Archive Download

GHSA-xphh-5v4r-r3rx HIGH 4 days ago

### Summary A Zip Slip vulnerability in PsiTransfer allows an unauthenticated attacker to upload files with path traversal sequences in the filena...

npm

No PRs yet

Composer is vulnerable to ANSI sequence injection

GHSA-59pp-r3rg-353g CVE-2025-67746 LOW 4 days ago

### Impact Attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal outpu...

packagist

18

Dependabot PRs

axios-cache-interceptor Vulnerable to Cache Poisoning via Ignored HTTP Vary Header

GHSA-x4m5-4cw8-vc44 CVE-2025-69202 MODERATE 4 days ago

## Summary When a server calls an upstream service using different auth tokens, axios-cache-interceptor returns incorrect cached responses, leadin...

npm

No PRs yet

Nest has a Fastify URL Encoding Middleware Bypass (TOCTOU)

GHSA-8wpr-639p-ccrj CVE-2025-69211 MODERATE 4 days ago

A NestJS application is vulnerable if it meets all of the following criteria: 1. Platform: Uses `@nestjs/platform-fastify`. 2. Security Mechanism:...

npm

No PRs yet

phpMyFAQ has unauthenticated config backup download via /api/setup/backup

GHSA-9cg9-4h4f-j6fg CVE-2025-69200 HIGH 4 days ago

### Summary An unauthenticated remote attacker can trigger generation of a configuration backup ZIP via `POST /api/setup/backup` and then download ...

packagist

No PRs yet

Picklescan is vulnerable to RCE via missing detection when calling built-in python _operator.attrgetter

GHSA-46h3-79wf-xr6c HIGH 4 days ago

### Summary Picklescan uses _operator.attrgetter, which is a built-in python library function to execute remote pickle files. ### Details The atta...

pypi

No PRs yet

Picklescan is vulnerable to RCE via missing detection when calling built-in python _operator.methodcaller

GHSA-955r-x9j8-7rhh HIGH 4 days ago

### Summary Picklescan uses _operator.methodcaller, which is a built-in python library function to execute remote pickle files. ### Details The a...

pypi

No PRs yet

Picklescan is vulnerable to RCE through missing detection when calling numpy.f2py.crackfortran._eval_length

GHSA-6556-fwc2-fg2p MODERATE 4 days ago

### Summary Picklescan uses the `numpy.f2py.crackfortran._eval_length` function (a NumPy F2PY helper) to execute arbitrary Python code during unpi...

pypi

1

Dependabot PRs

Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.getlincoef

GHSA-rrxm-2pvv-m66x HIGH 4 days ago

### Summary Picklescan uses the `numpy.f2py.crackfortran.getlincoef` function (a NumPy F2PY helper) to execute arbitrary Python code during unpick...

pypi

1

Dependabot PRs

Pterodactyl has a Reflected XSS vulnerability in “Create New Database Host”

GHSA-mgr9-6c2j-jxrq LOW 4 days ago

> [!NOTE] > Message from the Pterodactyl team: > > The Pterodactyl team has evaluated this as a minor security issue but does not consider it somet...

packagist

No PRs yet

Visual Studio Code Go extension has unexpected untrusted code execution

GHSA-fjmr-7667-8v4p CVE-2025-68120 MODERATE 4 days ago

To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode.

go

No PRs yet

Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.param_eval

GHSA-cffc-mxrf-mhh4 MODERATE 4 days ago

### Summary Picklescan uses numpy.f2py.crackfortran.param_eval, which is a function in numpy to execute remote pickle files. ### Details The attac...

pypi

1

Dependabot PRs

phpMyFAQ has Stored XSS in user list via admin-managed display_name

GHSA-jv8r-hv7q-p6vc CVE-2025-68951 MODERATE 5 days ago

### Summary A stored cross-site scripting (XSS) vulnerability allows an attacker to execute arbitrary JavaScript in an administrator’s browser by r...

packagist

No PRs yet

hemmelig allows SSRF Filter bypass via Secret Request functionality

GHSA-vvxf-wj5w-6gj5 CVE-2025-69206 MODERATE 5 days ago

### Summary A Server-Side Request Forgery (SSRF) filter bypass vulnerability exists in the webhook URL validation of the Secret Requests feature. T...

npm

No PRs yet

Picklescan is vulnerable to RCE through missing detection when calling numpy.f2py.crackfortran.myeval

GHSA-3329-ghmp-jmv5 HIGH 5 days ago

### Summary Picklescan uses numpy.f2py.crackfortran.myeval, which is a function in numpy to execute remote pickle files. ### Details The attack pa...

pypi

1

Dependabot PRs

Picklescan is vulnerable to RCE through missing detection when calling built-in python operator.methodcaller

GHSA-x843-g5mx-g377 HIGH 5 days ago

### Summary Picklescan uses `operator.methodcaller`, which is a built-in python library function to execute remote pickle files. ### Details The a...

pypi

1

Dependabot PRs

Picklescan missing detection when calling numpy.f2py.crackfortran.getlincoef

GHSA-r8g5-cgf2-4m4m HIGH 5 days ago

### Summary An unsafe deserialization vulnerability allows an attacker to execute arbitrary code on the host when loading a malicious pickle paylo...

pypi

1

Dependabot PRs

Picklescan Bypasses Unsafe Globals Check using pty.spawn

GHSA-hgrh-qx5j-jfwx HIGH 5 days ago

### Summary The vulnerability allows malicious actors to bypass PickleScan's unsafe globals check, leading to potential arbitrary code execution. T...

pypi

1

Dependabot PRs

Picklescan missing detection when calling pty.spawn

GHSA-vqmv-47xg-9wpr HIGH 5 days ago

### Summary Using pty.spawn, which is a built-in python library function to execute arbitrary commands on the host system. ### Details The attack ...

pypi

1

Dependabot PRs