Advisories
143 CVEs assigned.
Selected writeups below. Full list on GitHub.
Stealing Credentials From Healthcare's Data Backbone
Three vulnerabilities in the FHIR Validator and HAPI FHIR Core chain an unauthenticated SSRF into credential theft for healthcare package registries. A startsWith() check is all that stands between your tokens and an attacker.
Injecting Commands Into AI Agents by Asking Nicely
A template injection in PraisonAI lets you execute system commands by embedding Jinja2 syntax in agent prompts. The AI dutifully renders your payload. CVE-2026-39891.
Six Cuts to Own a Statamic Site
Six vulnerabilities in Statamic CMS chain from open redirect to reflected XSS to configuration exposure to RCE. The template engine that powers the site is the same one that executes your payload.
Your Project Manager Is Leaking to the Next Project Over
Seven vulnerabilities in Vikunja, a self-hosted project management tool. The headline bug chains a link share hash disclosure with a cross-project IDOR to access every file attachment on the instance. CVSS 9.1.
AVideo: Twenty More Ways In
Twenty-two new vulnerabilities in AVideo, following the unauthenticated RCE chain disclosed last month. SQL injection, command injection, more RCE, CSRF privilege escalation, CDN takeover, and an AI feature that leaks other users' data.
Logging Into Any Parse Server Account With Someone Else's Token
Authentication bypass in Parse Server (21k+ stars) allows login to any account by sending partial authData that skips provider validation entirely.
Breaking a 5G Core Network From the Inside
Four vulnerabilities in Ella Networks Core. Privilege escalation, control plane deadlock, and crafted radio messages that crash the core.
Popping a Shell on Any AVideo Server — No Login Required
A four-stage attack chain turns an unauthenticated API call into full remote code execution. CVSS 10.0.
Your Query Builder Won't Save You: SQL Injection in Kysely
SQL injection in a type-safe TypeScript query builder with 10k+ stars. The tool designed to prevent injection was itself injectable.
Running Commands on 27k-Star Glances by Naming a Process
Seven CVEs in Glances. The headline bug: execute commands as root by creating a process with pipe characters in its name.