The vulnerability allowed unauthorized disclosure of private email addresses of WakaTime users through the private leaderboards feature. The email addresses were exposed to leaderboard creators and me ...
Continue Reading
August 05, 2025
An incomplete fix has been identified for a vulnerability affecting Windows device names in the path.normalize() function in Node.js. The vulnerability allows path traversal protection to be bypassed ...
Continue Reading
August 05, 2025
The SCIM provisioning feature in HackerOne's sandbox program was vulnerable to account takeover. An attacker could create a user with an email they controlled, import existing users, assign the v ...
Continue Reading
August 05, 2025
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
The reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field of the Cost Tracker section in MainWP (Version 5.4.0.11). Arbitrary user input in thi ...
Continue Reading
August 05, 2025
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint allows reading arbitrary chats directly from the Meilisearch engine. The endpoin ...
Continue Reading
August 05, 2025
Back to Main
