VYPR

netdata

by Debian

CVEs (1)

  • CVE-2025-71385Jul 5, 2026
    risk 0.00cvss epss

    Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document (into a text element) without HTML or XML escaping, and serves the response with Content-Type image/svg+xml. An…