Medium · CVSS 5.4
IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Published Jun 22, 2026 · Updated Jun 23, 2026
High · CVSS 8.1
picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using profile.Profile.runctx in the reduce method to achieve remote code execution when the pickle file is loaded.
Published Jun 23, 2026 · Updated Jun 23, 2026
High · CVSS 8.1
picklescan before 0.0.28 fails to detect malicious torch.jit.unsupported_tensor_ops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load().
Published Jun 23, 2026 · Updated Jun 23, 2026
High · CVSS 8.7
Flowise before 3.0.10 (affected versions 3.0.7 and earlier) contains an unverified email change vulnerability. An authenticated user can change the account email address, used as a login identifier and password-recovery channel, via the account profile endpoint without confirming the change to the original email address or re-entering the current password. By changing the recovery email, an attacker can take over the account and abuse password reset mechanisms.
Published Jun 23, 2026 · Updated Jun 23, 2026
High · CVSS 8.1
picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Attackers can craft malicious pickle files embedding arbitrary code that evades picklescan detection and executes remote code when loaded.
Published Jun 23, 2026 · Updated Jun 23, 2026
High · CVSS 8.1
picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete.get_entity function in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims using pickle.load().
Published Jun 22, 2026 · Updated Jun 23, 2026
High · CVSS 8.1
picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code. Malicious pickle files bypass picklescan detection and execute remote code when loaded via pickle.load().
Published Jun 21, 2026 · Updated Jun 23, 2026
High · CVSS 8.1
picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. Attackers can craft pickle files embedding arbitrary code that evades detection but executes during pickle.load, enabling remote code execution in supply chain attacks.
Published Jun 21, 2026 · Updated Jun 22, 2026
High · CVSS 7.5
GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder (without user approval) via a file-handler URI parameter to fetch_webpage. Therefore, exfiltration could occur if there is indirect prompt injection.
Published Jun 22, 2026 · Updated Jun 22, 2026
Medium · CVSS 5.4
An authenticated user can perform XSS.
This issue affects Apache Atlas versions 2.4.0 and earlier.
Users are recommended to upgrade to version 2.5.0, which fixes the issue.
Published Jun 22, 2026 · Updated Jun 22, 2026
High · CVSS 8.1
Apache Doris MCP Server contains a SQL injection vulnerability in a metadata query path. A user-controlled database name is directly interpolated into a SQL query, and the query is executed without passing the caller's authorization context. This may allow an authenticated attacker, or an anonymous attacker if authentication is disabled, to bypass SQL security validation and access metadata outside the intended database scope.
Affected users are recommended to upgrade to Doris version 0.6.1 or later, which fixes the issue.
Published Jun 22, 2026 · Updated Jun 22, 2026
High · CVSS 8.6
DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform.
This issue affects Hitachi Virtual Storage Platform E990, E1090, E1090H: before DKCMAIN Ver.93-07-21-80/00-05, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-01-80/00-07, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-06-82-80/00-06, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-06-63-80/00-04, CHB(iSCSI) Ver.88-01-02-04; Hitachi Virtual Storage Platform E390, E590, E790, E390H, E590H, E790H: before DKCMAIN Ver.93-07-21-x0/00-05, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-01-x0/00-07, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-06-82-x0/00-06, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-06-63-x0/00-04, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-24-x0/00-02, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-02-x0/00-02, CHB(iSCSI) Ver.88-01-02-04; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900: before DKCMAIN Ver.88-08-10-x0/00-05, CHB(iSCSI) Ver.88-01-02-04; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, F400, F600, F800: before DKCMAIN Ver.83-06-20-x0/00-05, CHB(iSCSI) Ver.83-01-01-29; Hitachi Virtual Storage Platform VX8, 5100, 5500, 5100H, 5500H, 5200, 5600, 5200H, 5600H: before DKCMAIN Ver.90-09-01-00/01-01, CHB(iSCSI) Ver.90-01-01-07, before DKCMAIN Ver.90-08-83-00/01-01, CHB(iSCSI) Ver.90-01-01-07, before DKCMAIN Ver.90-08-63-00/01-01, CHB(iSCSI) Ver.90-01-01-07; Hitachi Virtual Storage Platform VX7, G1000, G1500, F1500: before DKCMAIN Ver.80-06-93-00/00-04, ISFC Ver.80-01-17.
Published Jun 19, 2026 · Updated Jun 22, 2026
Medium · CVSS 6
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation.
Published Jun 22, 2026 · Updated Jun 22, 2026
Medium · CVSS 6.1
Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload (e.g., <iframe src="javascript:alert(document.cookie)">) in a chat box, or by having a custom agent function return an XSS payload from an external website. The injected script executes in the victim's browser, enabling theft of cookies and session data.
Published Jun 20, 2026 · Updated Jun 22, 2026
High · CVSS 8.1
picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims.
Published Jun 21, 2026 · Updated Jun 22, 2026
High · CVSS 7.1
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `AddAudioToVideoBlock` will download and store the video and audio in a temporary directory without deleting before all noded are done. `StepThroughItemsBlock` can be used to iterate `MediaDurationBlock` multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `AddAudioToVideoBlock` does not limit the amount of disk space consumed in the current working directory and does not delete the video after outputing the result. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.
Published Jun 18, 2026 · Updated Jun 22, 2026
High · CVSS 7.6
picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ method, allowing remote code execution. Attackers can craft pickle files that import dangerous libraries like os and execute arbitrary system commands, which evade picklescan detection and execute when pickle.load() is called.
Published Jun 21, 2026 · Updated Jun 21, 2026
Critical · CVSS 9.3
Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials authenticated as the AWS account root identity and provided access to Worksnaps production cloud resources, including S3 buckets containing sensitive data such as screenshots of user desktops. An attacker with access to the affected client binaries could extract or recover the credentials and use them to access affected Worksnaps cloud resources.
Published Jun 18, 2026 · Updated Jun 21, 2026
Medium · CVSS 5.3
vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns — in vllm/lora/utils.py, the phi4mini tool parser, and the OpenAI-compatible serving chat endpoint — are susceptible to catastrophic backtracking. An attacker submitting crafted input with nested or repeated structures can trigger severe CPU consumption and performance degradation, resulting in denial of service.
Published Jun 20, 2026 · Updated Jun 20, 2026
High · CVSS 8.7
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `StepThroughItemsBlock` can iterate all the contents in a list and send them to `FileStoreBlock` for downloading one by one. Although `FileStoreBlock` has access time limits for downloading files, `StepThroughItemsBlock` can be used to slowly iterate and download relatively small files (e.g., 100M) multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `FileStoreBlock` does not limit the amount of disk space consumed in the current working directory. When a malicious user chooses to download too many videos, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.
Published Jun 18, 2026 · Updated Jun 18, 2026
High · CVSS 8.7
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, ScreenshotWebPageBlock will store the captured screenshots in a temporary directory. `StepThroughItemsBlock` can be used to iterate `ScreenshotWebPageBlock` multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `ScreenshotWebPageBlock` does not limit the amount of disk space consumed in the current working directory. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.
Published Jun 18, 2026 · Updated Jun 18, 2026
High · CVSS 8.7
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AutoGPT's LoopVideoBLock allows users to input a video file and process the video, such as looping it 5 times or extending the time, and finally writing it to disk. However, there is no limit on the resources that can be allocated during execution. For example, the number of loops is user-controllable and unlimited. When a malicious attacker loops too many times, the generated video is too large, and after writing it to disk, the disk space is exhausted, eventually causing DoS. Version 0.6.63 patches the issue.
Published Jun 18, 2026 · Updated Jun 18, 2026
High · CVSS 7.5
CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8, bad clients that always send a fixed batch value when the server is using the acknowledgement extension may cause the unacknowledged message queue to grow indefinitely, eventually causing an `OutOfMemoryError`. Versions 5.0.23, 6.0.19, 7.0.19, and 8.0.9 patch the issue. As a workaround, disable the acknowledgement extension.
Published Jun 18, 2026 · Updated Jun 18, 2026
High · CVSS 8.7
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `MediaDurationBlock` will download and store the video in a temporary directory without deleting before all noded are done. `StepThroughItemsBlock` can be used to iterate `MediaDurationBlock` multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `MediaDurationBlock ` does not limit the amount of disk space consumed in the current working directory and does not delete the video after outputing the result. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.
Published Jun 18, 2026 · Updated Jun 18, 2026
Medium · CVSS 6.5
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a GeoServer that uses `ENTITY_RESOLUTION_ALLOWLIST` may allow attacker to perform unauthenticated Server-Side Request Forgery (SSRF). This vulnerability requires that GeoServer is set up to use a proxy base URL and the `ENTITY_RESOLUTION_ALLOWLIST` (default since 2.25.0). Versions 2.26.4 and 2.27.3 contain a fix. GeoServer installations are only affected by this vulnerability if they use a proxy base URL that does not contain a URL path or end with a slash. If the proxy base URL does not contain a path, adding a slash to the end of the URL will mitigate this vulnerability.
Published Jun 18, 2026 · Updated Jun 18, 2026
High · CVSS 8.8
PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list, allowing attackers to bypass security checks. Malicious actors can craft pickle payloads using pty.spawn to achieve arbitrary code execution when files are processed by PickleScan.
Published Jun 17, 2026 · Updated Jun 18, 2026
Critical · CVSS 9.8
picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary code execution when the pickle is deserialized.
Published Jun 17, 2026 · Updated Jun 17, 2026
Critical · CVSS 9.8
picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls and accessing raw memory. Attackers can craft malicious pickle files using ctypes.WinDLL to load kernel32.dll and execute arbitrary commands, bypassing sandbox protections and gadget chain detection.
Published Jun 17, 2026 · Updated Jun 17, 2026
Critical · CVSS 9.8
picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes, failing to track arguments in the correct range and allowing malicious pickle files to bypass detection. Attackers can craft pickle files with arguments at position zero to trigger unexpected exceptions and evade security scanning.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.4
In JazzCore python-pdfkit 1.0.0, the from_string method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Granola <= 1.13 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 7.3
Missing Authorization vulnerability in EMV JobBank allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects JobBank: from n/a through 1.2.3.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 7.1
Unauthenticated Cross Site Scripting (XSS) in Sonaar <= 4.27.4 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Ingenioso <= 1.14.0 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Snowy <= 1.13 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
Critical · CVSS 9.8
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Gat <= 1.16 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
Critical · CVSS 9.8
Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
Critical · CVSS 9.3
Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Imba <= 1.5.0 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Joly <= 1.22.0 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.8
Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
Critical · CVSS 9.8
Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection.
This issue affects The Barber Shop: from n/a through 1.9.
Published Jun 17, 2026 · Updated Jun 17, 2026
Medium · CVSS 6.8
Netskope is notified about a potential gap in its Netskoped Client for Windows systems where a malicious insider with admin privileges can lead to bypassing the NSClient Tamper Protections due to weak Discretionary Access Control List (DACLs) on the service object and related registry keys,.
* Product Name: Netskope Client
* Affected Platform: Windows
* Affected Version: All version below R138
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS.
This issue affects Themify Folo: from n/a through 1.9.6.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Preservation <= 1.10 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026
High · CVSS 8.1
Unauthenticated Local File Inclusion in Etude <= 1.6 versions.
Published Jun 17, 2026 · Updated Jun 17, 2026