๐จ CVE-2026-52858
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled (and the legacy pythoncomplete.vim for builds with the +python interpreter) executes the import and from statements found in the current buffer through Python's import machinery. Because the buffer's working directory is on sys.path, opening a hostile .py file with a sibling Python package and invoking omni-completion runs that package's top-level code as the editing user. This issue has been patched in version 9.2.0561.
๐@cveNotify
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled (and the legacy pythoncomplete.vim for builds with the +python interpreter) executes the import and from statements found in the current buffer through Python's import machinery. Because the buffer's working directory is on sys.path, opening a hostile .py file with a sibling Python package and invoking omni-completion runs that package's top-level code as the editing user. This issue has been patched in version 9.2.0561.
๐@cveNotify
GitHub
patch 9.2.0561: [security]: possible code execution with python3complete ยท vim/vim@4b85045
Problem: [security]: possible code execution with python3complete
Solution: Disable execution of import/from statements
Github Security Advisory:
https://github.com/vim/vim/security/advisories/GH...
Solution: Disable execution of import/from statements
Github Security Advisory:
https://github.com/vim/vim/security/advisories/GH...
๐จ CVE-2026-52860
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec() as part of populating the completion dictionary. Python evaluates function default values, parameter annotations, and class base expressions at definition time, so a hostile buffer can execute attacker-controlled Python expressions during omni-completion. The existing g:pythoncomplete_allow_import mitigation (GHSA-52mc-rq6p-rc7c) does not cover this path, because the attacker-controlled code is not a harvested import/from statement. This issue has been patched in version 9.2.0597.
๐@cveNotify
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec() as part of populating the completion dictionary. Python evaluates function default values, parameter annotations, and class base expressions at definition time, so a hostile buffer can execute attacker-controlled Python expressions during omni-completion. The existing g:pythoncomplete_allow_import mitigation (GHSA-52mc-rq6p-rc7c) does not cover this path, because the attacker-controlled code is not a harvested import/from statement. This issue has been patched in version 9.2.0597.
๐@cveNotify
GitHub
patch 9.2.0597: [security]: possible code execution with python complete ยท vim/vim@c8c6367
Problem: [security]: another possible code execution with python complete
(David Carliez)
Solution: Strip default expressions and annotations from generated
source for pythonco...
(David Carliez)
Solution: Strip default expressions and annotations from generated
source for pythonco...
๐จ CVE-2024-39011
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the function mergeObjects.
๐@cveNotify
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the function mergeObjects.
๐@cveNotify
Gist
[CVE-2024-39011] Vulnerability Advisory: Prototype Pollution in @chargeover/redoc, version 2.0.9-rc.69
[CVE-2024-39011] Vulnerability Advisory: Prototype Pollution in @chargeover/redoc, version 2.0.9-rc.69 - Advisory_Redocly.md
๐จ CVE-2026-46476
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cross-workspace template takeover. This issue has been patched in version 3.1.2.
๐@cveNotify
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cross-workspace template takeover. This issue has been patched in version 3.1.2.
๐@cveNotify
GitHub
Release flowise@3.1.2 ยท FlowiseAI/Flowise
What's Changed
Hardcoded CORS wildcard on TTS endpoint enables cross-origin credential abuse from any webpage by @christopherholland-workday in #5901
Additional Improvements to MCP Server Conf...
Hardcoded CORS wildcard on TTS endpoint enables cross-origin credential abuse from any webpage by @christopherholland-workday in #5901
Additional Improvements to MCP Server Conf...
๐จ CVE-2026-46477
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment allows cross-workspace dataset takeover. This issue has been patched in version 3.1.2.
๐@cveNotify
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment allows cross-workspace dataset takeover. This issue has been patched in version 3.1.2.
๐@cveNotify
GitHub
Release flowise@3.1.2 ยท FlowiseAI/Flowise
What's Changed
Hardcoded CORS wildcard on TTS endpoint enables cross-origin credential abuse from any webpage by @christopherholland-workday in #5901
Additional Improvements to MCP Server Conf...
Hardcoded CORS wildcard on TTS endpoint enables cross-origin credential abuse from any webpage by @christopherholland-workday in #5901
Additional Improvements to MCP Server Conf...
๐จ CVE-2026-45650
User interface (ui) misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network.
๐@cveNotify
User interface (ui) misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network.
๐@cveNotify
๐จ CVE-2026-47281
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
๐@cveNotify
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
๐@cveNotify
๐จ CVE-2026-47284
Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network.
๐@cveNotify
Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network.
๐@cveNotify
๐จ CVE-2022-32511
jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.
๐@cveNotify
jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.
๐@cveNotify
GitHub
Comparing v1.6.0...v1.6.1 ยท jmespath/jmespath.rb
Ruby implementation of JMESPath. Contribute to jmespath/jmespath.rb development by creating an account on GitHub.
๐จ CVE-2026-47928
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.
๐@cveNotify
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe ColdFusion | APSB26-38
๐จ CVE-2026-47929
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim's account or session. Exploitation of this issue does not require user interaction. Scope is changed.
๐@cveNotify
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim's account or session. Exploitation of this issue does not require user interaction. Scope is changed.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe ColdFusion | APSB26-38
๐จ CVE-2026-47930
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue does not require user interaction.
๐@cveNotify
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue does not require user interaction.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe ColdFusion | APSB26-38
๐จ CVE-2026-47931
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.
๐@cveNotify
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe ColdFusion | APSB26-38
๐จ CVE-2026-47932
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access unauthorized files or directories outside the intended restrictions. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.
๐@cveNotify
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access unauthorized files or directories outside the intended restrictions. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe ColdFusion | APSB26-38
๐จ CVE-2026-47933
ColdFusion versions 2023.19, 2025.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed.
๐@cveNotify
ColdFusion versions 2023.19, 2025.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe ColdFusion | APSB26-38
๐จ CVE-2026-47960
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.
๐@cveNotify
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe ColdFusion | APSB26-38
๐จ CVE-2026-34657
CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in an arbitrary file system write. An attacker could leverage this vulnerability to write to unauthorized files or directories outside of intended restrictions. Exploitation of this issue requires user interaction in that a victim must extract a maliciously crafted file.
๐@cveNotify
CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in an arbitrary file system write. An attacker could leverage this vulnerability to write to unauthorized files or directories outside of intended restrictions. Exploitation of this issue requires user interaction in that a victim must extract a maliciously crafted file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Content Credentials SDK | APSB26-61
๐จ CVE-2026-34711
CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.
๐@cveNotify
CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Content Credentials SDK | APSB26-61
๐1
๐จ CVE-2026-31195
OS command injection vulnerability in the ping diagnostic handler in /bin/httpd_clientside in ALTICE LABS / SFR France GR140DG Fibre Router with firmware 3GN8020801R13, 3GN8020802R0A, or 3GN8020803R0A inserts unsanitized user input into a system() call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using shell command substitution.
๐@cveNotify
OS command injection vulnerability in the ping diagnostic handler in /bin/httpd_clientside in ALTICE LABS / SFR France GR140DG Fibre Router with firmware 3GN8020801R13, 3GN8020802R0A, or 3GN8020803R0A inserts unsanitized user input into a system() call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using shell command substitution.
๐@cveNotify
Altice Labs
Altice Labs โ Enabling Digital Society
Highlights
Highlights
#Ultra-FastBroadband #OLTs #AGORA
OLT System Platforms
High level of flexibility, Multi PON Modules which fully supports next generation 10G PON architectures. End-to-end solution
Highlights
#Ultra-FastBroadband #OLTs #AGORA
OLT System Platforms
High level of flexibility, Multi PON Modules which fully supports next generation 10G PON architectures. End-to-end solution
๐จ CVE-2026-31196
OS command injection vulnerability in the traceroute diagnostic handler in /bin/httpd_clientside in ALTICE LABS / SFR France GR140DG Fibre Router with firmware 3GN8020801R13, 3GN8020802R0A, or 3GN8020803R0A inserts unsanitized user input into a system() call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using shell command substitution.
๐@cveNotify
OS command injection vulnerability in the traceroute diagnostic handler in /bin/httpd_clientside in ALTICE LABS / SFR France GR140DG Fibre Router with firmware 3GN8020801R13, 3GN8020802R0A, or 3GN8020803R0A inserts unsanitized user input into a system() call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using shell command substitution.
๐@cveNotify
Altice Labs
Altice Labs โ Enabling Digital Society
Highlights
Highlights
#Ultra-FastBroadband #OLTs #AGORA
OLT System Platforms
High level of flexibility, Multi PON Modules which fully supports next generation 10G PON architectures. End-to-end solution
Highlights
#Ultra-FastBroadband #OLTs #AGORA
OLT System Platforms
High level of flexibility, Multi PON Modules which fully supports next generation 10G PON architectures. End-to-end solution
๐จ CVE-2026-5497
vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` method. When processing `video/jpeg` data URLs, the method splits the base64 data string on commas to extract individual JPEG frames without enforcing a frame count limit. An attacker can exploit this by crafting a single API request containing thousands of comma-separated base64-encoded JPEG frames in a data URL, causing the server to decode all frames into memory and crash due to excessive memory consumption. This vulnerability is reachable via the OpenAI-compatible chat completions API and does not require authentication.
๐@cveNotify
vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` method. When processing `video/jpeg` data URLs, the method splits the base64 data string on commas to extract individual JPEG frames without enforcing a frame count limit. An attacker can exploit this by crafting a single API request containing thousands of comma-separated base64-encoded JPEG frames in a data URL, causing the server to decode all frames into memory and crash due to excessive memory consumption. This vulnerability is reachable via the OpenAI-compatible chat completions API and does not require authentication.
๐@cveNotify
GitHub
(security) Enforce frame limit in VideoMediaIO (#38636) ยท vllm-project/vllm@58ee614
Signed-off-by: jperezde <jperezde@redhat.com>