8.7
CVE-2026-39313 - MCP-Framework: Unbounded memory allocation in readRequestBody allows denial of service via HTTP tra…
mcp-framework is a framework for building Model Context Protocol (MCP) servers. In versions 0.2.21 and below, the readRequestBody() function in the HTTP transport concatenates request body chunks into a string with no size limit. Although a maxMessageSize configuration value exists, it is never enf…
4.9
CVE-2026-34164 - Valtimo: Sensitive data exposure through inbox message logging in InboxHandlingService
Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox messages can contain highly sensitive information including personal data (PII), citizen identifier…
4.8
CVE-2026-33472 - Cryptomator Hub OAuth token exchange HTTP downgrade via getAuthority() scheme confusion (CVE-2026-3…
Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority() that allows an attacker to bypass the security fix for CVE-2026-32303. The method hardcodes the URI scheme based on port number, causin…
7.5
CVE-2026-40901 - DataEase: Quartz Deserialization → Remote Code Execution
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializes…
8.7
CVE-2026-40900 - DataEase has SQL Injection via Stacked Queries
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplied SQL is wrapped in a subquery without validation that the input is a single SELECT statement. Combi…
8.3
CVE-2026-40899 - DataEase has an Arbitrary File Read Vulnerability
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a JDBC parameter blocklist bypass vulnerability in the MySQL datasource configuration. The Mysql class uses Lombok's @Data annotation, which auto-generates a public setter for the illegalParamet…
8.6
CVE-2026-33207 - DataEase SQL Injection Vulnerability
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql method in CalciteProvider.java incorporates the tableName parameter directly into SQL query strings …
8.6
CVE-2026-33122 - DataEase has SQL Injection via Datasource Management
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the API datasource update process. When a new table definition is added during a datasource update via /de2api/datasource/update, the deTableName field from the …
7.1
CVE-2025-54502 - AMD Platform Configuration Blob: APCB SMM driver: kernel: linux-firmware: AMD APCB SMM driver: Arbi…
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
5.9
CVE-2025-54510 - AMD Platform Security Processor: AMD EPYC 9005 Series CPUs: AMD Platform Security Processor: Inform…
A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity.