7.8
CVE-2026-0874 - CATPART File Parsing Out-of-Bounds Write
A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
5.3
CVE-2026-2663 - Alixhan xh-admin-backend Database Query query sql injection
A security vulnerability has been detected in Alixhan xh-admin-backend up to 1.7.0. This issue affects some unknown processing of the file /frontend-api/system-service/api/system/role/query of the component Database Query Handler. Such manipulation of the argument prop leads to sql injection. It isβ¦
4.8
CVE-2026-2662 - FascinatedBox lily lily_emitter.c count_transforms out-of-bounds
A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the function count_transforms of the file src/lily_emitter.c. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could β¦
4.8
CVE-2026-2661 - Squirrel sqobject.h operator heap-based overflow
A security flaw has been discovered in Squirrel up to 3.2. This affects the function SQObjectPtr::operator in the library squirrel/sqobject.h. The manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be usβ¦
5.4
CVE-2026-25500 - Rack's Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href
Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, `Rack::Directory` generates an HTML directory index where each file entry is rendered as a clickable link. If a file exists on disk whose basename starts with the `javascript:` scheme (e.g. `javascript:alert(1β¦
7.5
CVE-2026-22860 - Rack has a Directory Traversal via Rack:Directory
Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, `Rack::Directory`βs path check used a string prefix match on the expanded path. A request like `/../root_example/` can escape the configured root if the target path starts with the root string, allowing directβ¦
5.4
CVE-2025-69287 - BSV Blockchain SDK has an Authentication Signature Data Preparation Vulnerability
The BSV Blockchain SDK is a unified TypeScript SDK for developing scalable apps on the BSV Blockchain. Prior to version 2.0.0, a cryptographic vulnerability in the TypeScript SDK's BRC-104 authentication implementation caused incorrect signature data preparation, resulting in signature incompatibilβ¦
4.8
CVE-2026-2660 - FascinatedBox lily lily_symtab.c shorthash_for_name use after free
A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthash_for_name of the file src/lily_symtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available and might be used. Tβ¦
8.8
CVE-2025-14009 - Zip Slip Vulnerability in nltk/nltk Leading to Remote Code Execution
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when dowβ¦
4.8
CVE-2026-2659 - Squirrel sqfuncstate.cpp PopTarget out-of-bounds
A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerability is the function SQFuncState::PopTarget of the file src/squirrel/squirrel/sqfuncstate.cpp. Executing a manipulation of the argument _target_stack can lead to out-of-bounds read. It is possible to launch the attack oβ¦