| GHSA-p6gq-j5cr-w38f | |
| Overly Permissive Cross-domain Whitelist | |
| CVE-2026-49458 | |
| Resource Exhaustion | |
| Information Exposure | |
| CVE-2026-48068 | |
| Protection Mechanism Failure | |
| Uncontrolled Recursion | |
| Resource Exhaustion | |
| Interpretation Conflict | |
| CVE-2026-49459 | |
| CVE-2026-48022 | |
| HTTP Response Splitting | |
| HTTP Response Splitting | |
| GHSA-76mc-f452-cxcm | |
| Allocation of Resources Without Limits or Throttling | |
| Uncontrolled Recursion | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| CVE-2026-48069 | |
| Directory Traversal | |
| Inefficient Regular Expression Complexity | |
| Improper Encoding or Escaping of Output | |
| Resource Exhaustion | |
| CVE-2026-48049 | |
| Cross-site Scripting (XSS) | |
| Uncontrolled Recursion | |
| Use of Less Trusted Source | |
| CVE-2026-12143 | |
| CVE-2026-49978 | |
| Resource Exhaustion | |
| GHSA-vxr8-fq34-vvx9 | |
| CVE-2026-48801 | |
| GHSA-x4vx-rjvf-j5p4 | |
| Algorithmic Complexity | |
| Insufficient Verification of Data Authenticity | |
| GHSA-cmwh-pvxp-8882 | |
| GHSA-gvmj-g25r-r7wr | |
| Resource Exhaustion | |
| CVE-2026-45618 | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Unintended Proxy or Intermediary ('Confused Deputy') | |
| Resource Exhaustion | |
| Incorrect Regular Expression | |
| HTTP Request Smuggling | |
| Improper Authorization | |
| CVE-2026-48038 | |
| OS Command Injection | |
| XML Injection | |
| Out-of-bounds Write | |
| CVE-2026-6322 | |
| CVE-2026-2739 | |
| OS Command Injection | |
| CVE-2026-6321 | |
| OS Command Injection | |
| Uncontrolled Recursion | |
| XML Injection | |
| XML Injection | |
| Improper Handling of Exceptional Conditions | |
| CVE-2026-33464 | |
| CVE-2026-49095 | |
| CVE-2026-42400 | |
| Improper Handling of Unicode Encoding | |
| GHSA-vvjj-xcjg-gr5g | |
| Uncontrolled Recursion | |
| CVE-2026-44974 | |
| Uncontrolled Recursion | |
| CVE-2026-4800 | |
| Arbitrary Code Injection | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-c7w3-x93f-qmm8 | |
| Improper Input Validation | |
| Arbitrary Code Injection | |
| CVE-2026-8723 | |
| CVE-2026-2950 | |
| Arbitrary Code Injection | |
| Improper Validation of Specified Quantity in Input | |
| Resource Exhaustion | |
| Use of Uninitialized Resource | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Deserialization of Untrusted Data | |
| Information Exposure Through Caching | |
| CVE-2026-44979 | |