CVE-2026-55466: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in grokability snipe-it
Snipe-IT versions prior to 8.6.2 contain a cross-site scripting (XSS) vulnerability due to improper sanitization of SVG content. The UploadFileRequest component only sanitizes SVG files when PHP…
Read the full article23h agoen
You might also wanna read
Ghost Accounts Abuse GitHub API in Mass Recon Campaign
radar.offseq.com·2h ago
BloodBash Feedback Needed Before DEF CON 34 Red Team Village Talk - AD/hybrid Recon Tool
radar.offseq.com·2h ago
CVE-2026-10660: memory-safety in zephyrproject zephyr
radar.offseq.com·2h ago
Australia warns of global campaign targeting vulnerable CMS platforms
radar.offseq.com·5h ago
CVE-2026-60088: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in MervinPraison PraisonAI
radar.offseq.com·6h ago
CVE-2026-56296: Observable Discrepancy in Cap-go capgo
radar.offseq.com·6h ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.