Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary we...
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constrain...
OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerability in its Microsoft Teams plugin that allows unauthorized senders to bypass ...
OpenClaw before 2026.3.11 contains a credential fallback vulnerability where unavailable local gateway.auth.token and gateway.auth.password SecretR...
When the internal webserver is enabled (default is disabled), an attacker might be able to trick an administrator logged to the dashboard into visi...
An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-...
go-git is an extensible git implementation library written in pure Go. Prior to version 5.17.1, go-git’s index decoder for format version 4 fails t...
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.64 and 9.7.0-alpha.8,...
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
