🛡️ CVE Intelligence Center

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …

Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS…

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-…

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the…

Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 ar…

A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the file /goform/formRemo…

A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerability is the function s…

Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template in…

Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of a permanent access token via a /myplex/account call wit…

Bagisto is an open source laravel eCommerce platform. A stored Cross-Site Scripting (XSS) vulnerability exists in Bagist…

In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly a…

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the ``write_h…

Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the appstore i…