CVE-2026-55865: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in jg-rp liquid
Python Liquid versions prior to 2.2.1 contain a vulnerability where a malformed {% case %} tag without an associated {% when %} or {% else %} block and missing a terminating {% endcase %} tag causes…
Read the full articleYou might also wanna read

WAF - WAF Release - 2025-10-13
This week’s highlights include a new JinJava rule targeting a sandbox-bypass flaw that could allow malicious template input to escape execut

Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)
On January 11th, 2024, a significant security vulnerability was disclosed in Jinja2, a widely used Python templating library. Identified as
OpenSSL Vulnerability CVE-2025-15467: Stack Overflow with Remote Code Execution Risk
The JFrog Security Research team is tracking a newly disclosed OpenSSL vulnerability, CVE-2025-15467, a stack overflow issue that may lead t

WAF - WAF Release - 2025-10-06
This week’s highlights prioritise an emergency Oracle E-Business Suite RCE rule deployed to block active, high-impact exploitation. Also add

WAF - WAF Release - 2026-04-07
This week's release introduces new detections for a critical Remote Code Execution (RCE) vulnerability in MCP Server (CVE-2026-23744), along
Reviewing CVE-2022-42889: The arbitrary code execution vulnerability in Apache Commons Text
In this post we’ll review CVE-2022-42889, the recent Arbitrary Code Execution Vulnerability in Apache Commons Text, including what it is, ho

Comments
Sign in to join the conversation.
No comments yet. Be the first.