Explore CVEs

## Summary A security vulnerability has been identified in the Harden-Runner GitHub Action (Community Tier) that allows outbound network connections...

### Summary Authenticated users can crash the Navidrome server by supplying an excessively large `size` parameter to `/rest/getCoverArt` or to a share...

WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without a...

MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_display_list() when an exception occurs during display...

### Summary `@isaacs/brace-expansion` is vulnerable to a Denial of Service (DoS) issue caused by unbounded brace range expansion. When an attacker pr...

### Impact If the `template` tag is allowed, its contents are not sanitized. The `template` tag is a special tag that does not usually render its con...

# Details In the unique reclaim path of `BytesMut::reserve`, the condition ```rs if v_capacity >= new_cap + offset ``` uses an unchecked addition. Wh...

**Note:** The npm package has moved to `@enclave-vm/core` (formerly `enclave-vm`). All fixed versions and guidance refer to `@enclave-vm/core`. ###...

## Summary A stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs be...

### Summary A Prototype Pollution vulnerability exists in the the npm package locutus (>2.0.12). Despite a previous fix that attempted to mitigate Pro...

### Impact Due to a missing permission check on the preview endpoints, a user with access to the Wagtail admin and knowledge of a model's fields can c...

### Summary **FacturaScripts contains a critical SQL Injection vulnerability in the autocomplete functionality** that allows authenticated attackers t...

### Summary **FacturaScripts contains a critical SQL Injection vulnerability in the REST API** that allows authenticated API users to execute arbitrar...

## Relationship to Previously Patched Vulnerability This vulnerability is **in addition to** the RCE vulnerability patched in [GHSA-255j-qw47-wjh5](h...

There is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to es...

## Summary A stored XSS vulnerability exists in the Number field type settings. The Prefix and Suffix fields are rendered using the `|md|raw` Twig fi...

## Summary The `element-indexes/get-elements` endpoint is vulnerable to **SQL Injection** via the `criteria[orderBy]` parameter (JSON body). The appl...

I observed a [recent commit](https://github.com/craftcms/cms/commit/9d9b46a9e40cbdfb20d0d933abb546be12ccd3af) intended to mitigate Server-Side Request...

## Summary The `saveAsset` GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects ...