📰 Dev.to · CVE Reports
Articles from Dev.to · CVE Reports · 181 articles · Updated every 3 hours · View all reads
All
⚡ AI Lessons (10481)
ArXiv cs.AIDev.to · FORUM WEBDev.to AIForbes InnovationOpenAI NewsHugging Face Blog
Dev.to · CVE Reports
1w ago
CVE-2026-34974: CVE-2026-34974: Stored Cross-Site Scripting via SVG Sanitizer Bypass in phpMyFAQ
CVE-2026-34974: Stored Cross-Site Scripting via SVG Sanitizer Bypass in...
Dev.to · CVE Reports
1w ago
CVE-2026-4176: CVE-2026-4176: Remote Code Execution via Heap-Based Buffer Overflow in Perl Compress::Raw::Zlib
CVE-2026-4176: Remote Code Execution via Heap-Based Buffer Overflow in Perl...
Dev.to · CVE Reports
1w ago
CVE-2026-5281: CVE-2026-5281: High-Severity Use-After-Free in Dawn WebGPU Implementation
CVE-2026-5281: High-Severity Use-After-Free in Dawn WebGPU Implementation Vulnerability...
Dev.to · CVE Reports
1w ago
GHSA-Q56X-G2FJ-4RJ6: CVE-2025-51480: Arbitrary File Write via Path Traversal in ONNX save_external_data
CVE-2025-51480: Arbitrary File Write via Path Traversal in ONNX...
Dev.to · CVE Reports
1w ago
CVE-2026-2950: CVE-2026-2950: Prototype Pollution Bypass in Lodash via Array-Wrapped Path Segments
CVE-2026-2950: Prototype Pollution Bypass in Lodash via Array-Wrapped Path...
Dev.to · CVE Reports
1w ago
CVE-2026-4800: CVE-2026-4800: Code Injection and Remote Code Execution in lodash _.template
CVE-2026-4800: Code Injection and Remote Code Execution in lodash...
Dev.to · CVE Reports
1w ago
GHSA-32WQ-PPWG-3W4M: GHSA-32WQ-PPWG-3W4M: Denial of Service in EnhancedLinq.Async via Microsoft.Bcl.Memory Out-of-Bounds Read
GHSA-32WQ-PPWG-3W4M: Denial of Service in EnhancedLinq.Async via Microsoft.Bcl.Memory...
Dev.to · CVE Reports
1w ago
GHSA-W2FM-25VW-VH7F: GHSA-W2FM-25VW-VH7F: Cross-Client Data Leak via Transport Race Condition in mcp-handler
GHSA-W2FM-25VW-VH7F: Cross-Client Data Leak via Transport Race Condition in...
Dev.to · CVE Reports
1w ago
CVE-2026-4370: CVE-2026-4370: Critical Authentication Bypass in Canonical Juju Dqlite Cluster
CVE-2026-4370: Critical Authentication Bypass in Canonical Juju Dqlite...
Dev.to · CVE Reports
1w ago
CVE-2026-34515: CVE-2026-34515: NTLMv2 Credential Leak via Absolute Path Traversal in aiohttp
CVE-2026-34515: NTLMv2 Credential Leak via Absolute Path Traversal in...
Dev.to · CVE Reports
1w ago
CVE-2026-34751: CVE-2026-34751: Unvalidated Input in Password Recovery Endpoints in Payload CMS
CVE-2026-34751: Unvalidated Input in Password Recovery Endpoints in Payload...
Dev.to · CVE Reports
1w ago
CVE-2026-34603: CVE-2026-34603: Path Traversal and Link Following in TinaCMS
CVE-2026-34603: Path Traversal and Link Following in TinaCMS Vulnerability ID:...
Dev.to · CVE Reports
1w ago
CVE-2026-34604: CVE-2026-34604: Path Validation Bypass via Symlinks in @tinacms/graphql
CVE-2026-34604: Path Validation Bypass via Symlinks in @tinacms/graphql Vulnerability ID:...
Dev.to · CVE Reports
1w ago
GHSA-5724-X3RH-5QQQ: CVE-2025-46349: Reflected Cross-Site Scripting in YesWiki File Upload
CVE-2025-46349: Reflected Cross-Site Scripting in YesWiki File Upload Vulnerability ID:...
Dev.to · CVE Reports
1w ago
CVE-2026-34605: CVE-2026-34605: Reflected Cross-Site Scripting via SVG Namespace Bypass in SiYuan
CVE-2026-34605: Reflected Cross-Site Scripting via SVG Namespace Bypass in...
Dev.to · CVE Reports
1w ago
CVE-2026-33578: CVE-2026-33578: Sender Policy Bypass via Incorrect Authorization in OpenClaw Extensions
CVE-2026-33578: Sender Policy Bypass via Incorrect Authorization in OpenClaw...
Dev.to · CVE Reports
1w ago
CVE-2026-32734: CVE-2026-32734: DOM-Based Cross-Site Scripting in baserCMS Tag Creation
CVE-2026-32734: DOM-Based Cross-Site Scripting in baserCMS Tag Creation Vulnerability ID:...
Dev.to · CVE Reports
1w ago
CVE-2026-21861: CVE-2026-21861: Authenticated OS Command Injection in baserCMS Core Update Feature
CVE-2026-21861: Authenticated OS Command Injection in baserCMS Core Update...
Dev.to · CVE Reports
1w ago
GHSA-39MP-545Q-W789: GHSA-39MP-545Q-W789: Improper Authorization in OpenClaw /send Command
GHSA-39MP-545Q-W789: Improper Authorization in OpenClaw /send Command Vulnerability ID:...
Dev.to · CVE Reports
1w ago
CVE-2026-34377: CVE-2026-34377: Consensus Split Vulnerability in Zebra Transaction Verification Cache
CVE-2026-34377: Consensus Split Vulnerability in Zebra Transaction Verification...
Dev.to · CVE Reports
1w ago
GHSA-955R-262C-33JC: CVE-2026-33634: Supply Chain Compromise and Malicious Code Execution in Telnyx Python SDK
CVE-2026-33634: Supply Chain Compromise and Malicious Code Execution in Telnyx Python...
Dev.to · CVE Reports
1w ago
CVE-2026-34385: CVE-2026-34385: Second-Order SQL Injection in Fleet Apple MDM Profile Delivery
CVE-2026-34385: Second-Order SQL Injection in Fleet Apple MDM Profile...
Dev.to · CVE Reports
1w ago
CVE-2026-34386: CVE-2026-34386: Authenticated SQL Injection in Fleet MDM Bootstrap Package Configuration
CVE-2026-34386: Authenticated SQL Injection in Fleet MDM Bootstrap Package...
Dev.to · CVE Reports
1w ago
CVE-2026-34388: CVE-2026-34388: Authenticated Denial of Service via Unhandled gRPC Log Type in Fleet Launcher
CVE-2026-34388: Authenticated Denial of Service via Unhandled gRPC Log Type in Fleet...
DeepCamp AI