DEV Community

# cve

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
GHSA-46FP-8F5P-PF2M: GHSA-46fp-8f5p-pf2m: XSS Filter Bypass via Improper HTML Entity Decoding in Loofah allowed_uri?
cverports profile

GHSA-46FP-8F5P-PF2M: GHSA-46fp-8f5p-pf2m: XSS Filter Bypass via Improper HTML Entity Decoding in Loofah allowed_uri?

#security #cve #cybersecurity #ghsa
Comments
2 min read
OWASP Just Published an MCP Top 10. Here's What It Means.
tars_mistaike profile

OWASP Just Published an MCP Top 10. Here's What It Means.

#mcp #owasp #security #cve
Comments
6 min read
CVE-2026-32242: CVE-2026-32242: Authentication Bypass via Race Condition in Parse Server OAuth2 Adapter
cverports profile

CVE-2026-32242: CVE-2026-32242: Authentication Bypass via Race Condition in Parse Server OAuth2 Adapter

#security #cve #cybersecurity
1
Comments
2 min read
AI Agent Vulnerability Report — Q1 2026
zarq-ai profile

AI Agent Vulnerability Report — Q1 2026

#security #ai #agents #cve
Comments
2 min read
GHSA-V8W9-8MX6-G223: GHSA-v8w9-8mx6-g223: Prototype Pollution in Hono parseBody Utility
cverports profile

GHSA-V8W9-8MX6-G223: GHSA-v8w9-8mx6-g223: Prototype Pollution in Hono parseBody Utility

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
CVE-2026-32630: CVE-2026-32630: Denial of Service via Data Amplification in file-type npm Package
cverports profile

CVE-2026-32630: CVE-2026-32630: Denial of Service via Data Amplification in file-type npm Package

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-30241: CVE-2026-30241: Missing Query Depth Validation in Mercurius GraphQL Subscriptions
cverports profile

CVE-2026-30241: CVE-2026-30241: Missing Query Depth Validation in Mercurius GraphQL Subscriptions

#security #cve #cybersecurity
1
Comments
2 min read
GHSA-QR2G-P6Q7-W82M: GHSA-qr2g-p6q7-w82m: Critical Payment Verification Bypass in Coinbase x402 SDK (Solana)
cverports profile

GHSA-QR2G-P6Q7-W82M: GHSA-qr2g-p6q7-w82m: Critical Payment Verification Bypass in Coinbase x402 SDK (Solana)

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
GHSA-W75W-9QV4-J5XJ: GHSA-W75W-9QV4-J5XJ: Path Traversal in dbt-common Archive Extraction
cverports profile

GHSA-W75W-9QV4-J5XJ: GHSA-W75W-9QV4-J5XJ: Path Traversal in dbt-common Archive Extraction

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
CVE-2026-22719: VMware Aria Operations Command Injection Now Actively Exploited
rainkode profile
rain

CVE-2026-22719: VMware Aria Operations Command Injection Now Actively Exploited

#cve #vmware #rce #devopssecurity
Comments
7 min read
CISA Adds VMware Aria Operations RCE Flaw to KEV Catalog After Active Exploitation
deepseax profile

CISA Adds VMware Aria Operations RCE Flaw to KEV Catalog After Active Exploitation

#vmware #cve #cisakev #patchmanagement
Comments
4 min read
CVE-2026-26194: CVE-2026-26194: Command Option Injection in Gogs Release Deletion
cverports profile

CVE-2026-26194: CVE-2026-26194: Command Option Injection in Gogs Release Deletion

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-28415: Open Redirect in Gradio OAuth Flow Enables Phishing Attacks
cverports profile

CVE-2026-28415: Open Redirect in Gradio OAuth Flow Enables Phishing Attacks

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-28426: Chain Reaction: Stored XSS and Antlers Template Injection in Statamic Control Panel
cverports profile

CVE-2026-28426: Chain Reaction: Stored XSS and Antlers Template Injection in Statamic Control Panel

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-28414: Gradio Path Traversal: Exploiting Python 3.13 Path Semantics on Windows
cverports profile

CVE-2026-28414: Gradio Path Traversal: Exploiting Python 3.13 Path Semantics on Windows

#security #cve #cybersecurity
Comments
2 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.