|
4921
|
5.3 |
MEDIUM
Network
|
hcltech
|
aion
|
HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification. This may allow the possibility of unverified or modifie…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2025-52645
|
2026-04-26 03:04 |
2026-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4922
|
5.3 |
MEDIUM
Network
|
hcltech
|
aion
|
HCL AION está afectado por una vulnerabilidad donde los mecanismos de empaquetado y distribución de modelos podrían no incluir suficiente verificación de autenticidad. Esto podría permitir la posibil…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2025-52645
|
2026-04-26 03:04 |
2026-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4923
|
7.8 |
HIGH
Local
|
hcltech
|
aion
|
HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated sandbox environment. This may expose the application to potential security …
|
CWE-693
Protection Mechanism Failure
|
CVE-2025-52643
|
2026-04-26 03:04 |
2026-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4924
|
7.8 |
HIGH
Local
|
hcltech
|
aion
|
HCL AION está afectado por una vulnerabilidad donde las operaciones de análisis de archivos no confiables no se ejecutan dentro de un entorno de sandbox debidamente aislado. Esto puede exponer la apl…
|
CWE-693
Protection Mechanism Failure
|
CVE-2025-52643
|
2026-04-26 03:04 |
2026-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4925
|
7.5 |
HIGH
Network
|
hcltech
|
aion
|
HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumption, which could potentially…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2025-52636
|
2026-04-26 03:04 |
2026-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4926
|
7.5 |
HIGH
Network
|
hcltech
|
aion
|
HCL AION se ve afectado por una vulnerabilidad relacionada con el manejo de los límites de tamaño de carga. Un control o validación inadecuados de los tamaños de carga puede permitir un consumo exces…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2025-52636
|
2026-04-26 03:04 |
2026-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4927
|
7.5 |
HIGH
Network
|
fedify
|
fedify\/fedify
fedify\/vocab-runtime
|
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to 1.9.6, 1.10.5, 2.0.8, and 2.1.1, @fedify/fedify follows HTTP redirects recursively in its remote doc…
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2026-34148
|
2026-04-26 03:03 |
2026-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4928
|
6.5 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost Plugins versions <=2.3.1 fail to limit the request body size on the {{/lifecycle}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-21388
|
2026-04-26 03:02 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4929
|
3.7 |
LOW
Network
|
linuxfoundation
|
backstage\/backend_defaults
|
Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-24048
|
2026-04-26 03:01 |
2026-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4930
|
3.7 |
LOW
Network
|
linuxfoundation
|
backstage\/backend_defaults
|
Backstage es un framework abierto para construir portales de desarrolladores, y @backstage/backend-defaults proporciona las implementaciones y configuración predeterminadas para una aplicación backen…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-24048
|
2026-04-26 03:01 |
2026-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
