CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.13)
In the MessagePack library for C# prior to versions 2.5.301 and 3.1.7, a vulnerability exists related to union deserialization that does not enforce object depth limits. Runtime-generated deserializers do not call necessary security steps, leading to potential security issues.
MessagePack for C# prior to versions 2.5.301 and 3.1.7 contains multiple recursion paths in the JSON conversion components that do not enforce a depth limit. These paths can lead to process stack exhaustion and trigger an uncatchable StackOverflowException.
MessagePack for C# has a vulnerability in the ExpandoObjectFormatter's Deserialize method that can lead to significant CPU and memory overhead when handling large attacker-controlled maps. This issue exists prior to versions 2.5.301 and 3.1.7.
MessagePack for C# has a vulnerability that allows improper memory allocations during the decompression of Lz4Block or Lz4BlockArray data. Prior to versions 2.5.301 and 3.1.7, the validity of compressed data was not checked before allocating output buffers.
MessagePack for C# prior to versions 2.5.301 and 3.1.7 uses default serialization options that can lead to denial-of-service attacks. The default MessagePackInputFormatter() constructor is insecure as it may expose applications to hash-collision attacks against dictionary-like model properties.
MessagePack for C# has a vulnerability that allows recursive descent into nested arrays and maps without proper depth checks. This can lead to unbounded recursion and a StackOverflowException.
In versions 4.0.0 to 4.11.5 and 5.6.5, Filament has a flaw in handling recovery codes for app-based multi-factor authentication that allows the same recovery code to be reused via concurrent submission. This issue does not affect email-based MFA and only applies when recovery codes are enabled.
In the MessagePack library for C# prior to versions 2.5.301 and 3.1.7, the MessagePackReader.ReadDateTime() method can allocate stack memory based on an attacker-controlled extension length. In the slow path for timestamp extension parsing, the extension body length is not validated before memory allocation, potentially leading to a StackOverflowException.
Filament, a collection of components for accelerated Laravel development, has a vulnerability that allows unauthenticated users to upload files in certain forms, such as the login form. This could lead to unauthorized access to the application's temporary storage.
Filament is a collection of components for accelerated Laravel development. From versions 4.0.0 to 4.11.5 and 5.6.5, the ImageColumn and ImageEntry components render raw database values without escaping HTML, potentially leading to XSS attacks.
Filament, a collection of components for accelerated Laravel development, has a vulnerability in the login page from versions 4.0.0 to 4.11.5 and 5.6.5 that allows unauthenticated attackers to enumerate registered email addresses.
The MessagePack library for C# has a vulnerability in the optional LZ4 decompression path that can lead to out-of-bounds reads. An attacker can send a crafted MessagePack payload, potentially causing process termination.
In Filament components for Laravel, the recordSelectOptionsQuery() method did not apply proper validation for Select fields in AttachAction and AssociateAction. This allows users to tamper with the Livewire component's state and submit out-of-scope values.
WebOb before version 1.8.10 is vulnerable to an open redirect due to improper normalization of the Location header during a redirect. An attacker can use ASCII tab, carriage return, and newline characters to reinterpret the target URL as a protocol-relative URL, leading to redirection to an external attacker-controlled site. This vulnerability bypasses the CVE-2024-42353 fix.
A vulnerability in Fabric.js before version 7.4.0 allows XSS attacks due to improper escaping of user input during SVG serialization via the toSVG() method. The color field in the colorStops array of a fabric.Gradient object is not properly sanitized, enabling injection of arbitrary HTML/SVG and JavaScript execution in the victim's browser.
Picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete.get_entity function in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims using pickle.load().
Picklescan before 0.0.30 (affected versions 0.0.26 and earlier) fails to detect the ensurepip._run_pip built-in function when scanning pickle files, allowing attackers to execute arbitrary code. Malicious pickle files embedding ensurepip._run_pip calls in __reduce__ methods bypass picklescan detection and achieve remote code execution upon pickle.load() invocation.
Picklescan before version 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded by victims who trust Picklescan's safety validation.
The http-proxy-middleware library in versions 3.0.4 to 3.0.7 and 4.1.1 has a vulnerability related to the fixRequestBody() method. When sending data in multipart/form-data format, an attacker can inject new form parts, leading to data desynchronization between the proxy and the backend.
The phpseclib library up to versions 1.0.30, 2.0.55, and 3.0.54 by default fetches a URL from the Authority Information Access (AIA) extension of an untrusted X.509 certificate during validation. An attacker can supply a certificate with a controlled host, port, and path, leading to a server-side request forgery (SSRF) vulnerability.

