@provally
CVE and 1-day SAST rule packs maintained by Provally from validated vulnerability analysis artifacts.
Unvalidated session ID obtained from cookies is passed directly to the storage backend. This can lead to injection attacks in backends like Memcached where special characters are not appropriately escaped by default. Ensure the format and length of the session ID are validated prior to lookup.
Dynamically creating Jinja2 templates using 'jinja2.Template' without a sandboxed environment can lead to Server-Side Template Injection (SSTI) and arbitrary code execution if the template string is attacker-controlled. Use 'jinja2.sandbox.SandboxedEnvironment' instead.
A Django form field parses JSON input within `to_python` but lacks dictionary structure validation in its `validate` method. In components such as `AttributesFormField`, failing to validate dict keys (e.g. against a blocklist of dangerous HTML attributes) during form validation allows malicious inputs to bypass model-level checks if model `full_clean()` is n
Serving potentially large files over gRPC by buffering the entire content into memory and returning an `httpbody.HttpBody` can lead to Out-Of-Memory (OOM) Denial of Service and missed HTTP headers (e.g., Content-Disposition). Consider migrating file serving to a dedicated streaming HTTP server.
Using `Iterator::all()` on string-like elements (e.g., via `.chars()` or `.bytes()`) returns `true` for empty iterators. If this is used for string validation without an explicit length or emptiness verification, empty strings will unexpectedly pass validation checks. Ensure the length of the string is explicitly asserted prior to or during the `.all()` eval
Passing an unbounded string to `secure_filename()` can cause a Denial of Service (DoS) on Windows due to the expensive NFKD Unicode normalization loop. Verify the length of the string before calling `secure_filename()`, or slice the string to a safe length (e.g. `filename[:255]`).
Unconditional restoration of IR_FSTORE for a table metatable. Failing to handle an IR_KNULL (null metatable) can cause memory corruption resulting in Denial of Service (DoS) when the unverified null pointer is processed by the VM or Garbage Collector. Ensure that metatables check for IR_KNULL before unsinking to an object reference.
A custom escape function is used to embed data into an HTML attribute within a JavaScript template string. Many custom HTML escape functions (such as `escapeHtml`) fail to adequately escape quotation marks (`"` and `'`), allowing attackers to break out of the attribute block and inject malicious scripts. Use a robust sanitization library like `xss` (`filterX
Unbounded decompression using `zlib.decompress` without checking the size of the compressed data can lead to a Denial of Service (DoS) attack (zip bomb). An attacker can provide a small, highly compressed payload that consumes massive amounts of memory and CPU when decompressed. Check the length of the compressed data before decompressing, or use `zlib.decom
Reading the entirety of a compressed data stream using `ioutil.ReadAll` or `io.ReadAll` can lead to a Denial of Service (DoS) vulnerability due to unbounded memory allocation (e.g., zip bomb attack). Instead, constrain the maximum expected decompressed size by using `io.LimitReader` combined with `ReadAll`, or loop manually over `Read` checks verifying paylo
Retrieving an uploaded file's content type using `content_type` and coercing it to a string without properly parsing or sanitizing it allows attackers to supply multiple comma-separated MIME types. This can bypass allowlists and lead to Cross-Site Scripting (XSS) when the file is eventually served to users. Wrap the content type in a parser like `Marcel::Mim
Computing a diff with an uninitialized BaseObject drops XClassReference context, leading to potential exposure of sensitive properties like password hashes.
Found Perl string concatenation (`."`) mistakenly used inside backticks. Backticks in Perl interpolate variables natively. Using string concatenation operators inside them results directly in literal dots and quotes being sent to the shell without matching quotes. This generates shell parsing errors (unterminated quoted string) and prevents commands from exe
Explicitly setting the SUID bit on installed binaries grants elevated privileges to any executing user. If the underlying binary can process user-controlled inputs, environment variables, or arguments, this setup trivially enables absolute Local Privilege Escalation (LPE) to the file owner's context (often root). Ensure this configuration is intentional, or
The 'vsprintf' function formats data into a buffer without bounds checking. This can lead to stack or heap buffer overflows if the formatted output exceeds the buffer size. Use 'vsnprintf' with a defined max size or 'vasprintf' to dynamically allocate a safely sized buffer instead.
Datastore records are being extracted and cast to strings without HTML escaping. When this structured data is returned via AJAX and rendered by frontend plugins (like DataTables), it could lead to Stored Cross-Site Scripting (XSS). Ensure that all extracted record values are wrapped in `html.escape()` or an equivalent escaping mechanism.
Registering `Oauth2HttpRequestParamsDecorator` as a data sink decorator allows attackers to exfiltrate OAuth2 client secrets from the provider's vault. The consumer-provided clientSecretKey is resolved in the context of the provider's vault, and its value is sent to a consumer-controlled URL as part of the OAuth2 client credentials grant.
Unsanitized user input from HTTP requests is used directly in a file system operation. This can allow attackers to read, write, or delete arbitrary files by using path traversal sequences (e.g., `../`). Ensure the input is sanitized using `basename()` or `realpath()` before incorporating it into file paths.
Directly using `child_process.spawn` with `cmd.exe` and passing dynamically constructed arguments leads to Command Injection on Windows. `spawn` does not appropriately escape arguments for `cmd.exe`. Malicious inputs containing characters like `&`, `|`, or `;` can execute arbitrary commands alongside the intended one. Use `child_process.exec` with careful ma
Unsanitized data converted to CSV format and sent to users can result in a CSV/Formula Injection vulnerability if malicious input starts with '=', '+', '-', or '@'. Spreadsheet applications may execute these as formulas. Avoid manual CSV construction with `.to_csv` or the standard `CSV` library when handling unvalidated user data. Instead, use a library that
Missing sanitization of style attributes extracted from XLSX files before HTML rendering.
Double quotes or unquoted variables injected into a PowerShell command string can lead to command injection. PowerShell evaluates subexpressions like `$(...)` inside double quotes. Ensure that user input is properly escaped (e.g., doubling single quotes) and wrapped in single quotes within the PowerShell command.
Repeated parsing of a massive JSON document due to a lack of memoization and failure to skip already-processed report types during pipeline vulnerability ingestion, which led to CPU and memory exhaustion (DoS).
The application passes user-controlled data to a Node.js asynchronous filesystem API (like `fs.stat`) without wrapping the call in a `try/catch` block. In Node.js, passing invalid characters such as null bytes (`%00`) to `fs` functions can cause a synchronous exception to be thrown before the async callback is invoked. Without a `try/catch`, this unhandled e
Missing depth limit in recursive HTTP redirect handling. Recursively following HTTP redirects without maintaining and checking a recursion depth limit allows an attacker to cause an infinite redirect loop (DoS). Add a depth counter parameter and reject if it exceeds a maximum threshold.
Missing enforcement of `onlyPskDheKe` flag during PSK handshake logic.
Assigning `shell=True` conditionally (e.g., based on OS like Windows) introduces a risk of OS command injection when processing unsanitized arguments. Instead of using `shell=True` to suppress console windows on Windows, explicitly assign `shell=False` and use `creationflags=subprocess.CREATE_NO_WINDOW`.
An LDAP search filter is constructed using unsanitized user input. This can lead to LDAP injection vulnerabilities, allowing an attacker to alter the query logic and bypass authentications or cause a Denial of Service (DoS). Ensure that all user inputs passed to LDAP search queries are sanitized using `escape_filter_chars` from `ldap3.utils.conv` or `ldap.fi
The LDAP TLS configuration defaults to `ssl.CERT_NONE`, disabling server certificate validation. This enables Man-in-the-Middle (MitM) attacks. Ensure `ssl.CERT_REQUIRED` is used by default, and only fallback to `ssl.CERT_NONE` conditionally through deliberate user configuration.
A custom address parsing routine appears to extract email addresses using regular expressions without properly ensuring that the text is not part of a quoted string. This can lead to email routing vulnerabilities when attackers embed malicious addresses within quoted local-parts.
A bounds check uses a subtraction which can lead to integer underflow. If `$SIZE` is greater than `$LEN`, `$LEN - $SIZE` will wrap around to a large positive value (if unsigned), bypassing the length validation and causing an out-of-bounds read or write. Use addition instead (`$PTR + $SIZE <= $LEN`) or check the size against the remaining offset explicitly (
The parser function recursively processes nested tokens without a depth limit, making it vulnerable to a stack exhaustion Denial of Service (DoS) via deeply nested input.
The application invokes the WinGUp updater without explicitly enforcing cryptographic signature checks. An attacker in a privileged network position could intercept the HTTP(S) update request and serve a malicious executable payload, leading to arbitrary code execution. Ensure that '-chkCertSig=yes' is passed.
Pebble versions < 4.1.0 are vulnerable to Local File Inclusion (LFI) via the `include` tag due to an unrestricted `FileLoader` configured by default. An attacker with template modification privileges can read arbitrary local files on the server. Remediate by upgrading to Pebble >= 4.1.0, manually assigning a strict loader (e.g., `ClasspathLoader`), or explic
Generation of multipart boundaries using the cryptographically insecure `Math.random()` was detected. Boundary values can be predicted and used to inject malicious parts into the multipart request if they are sent to an attacker-controlled server alongside legitimate endpoints.
Grouping security scan results solely by `scanner` identity without `scan_type` causes collisions between different report types (e.g., SBOM and DS). This can lead to legitimate vulnerabilities being erroneously marked as resolved or no longer detected. Use a composite key including both `scanner` and `report_type`.
The application reads a file completely into memory before checking its size. This can lead to memory exhaustion (Denial of Service) if an attacker provides a maliciously large file. Enforce file size constraints before reading the file, such as by using `fs.stat()` or `fs.statSync()`.
Setting explicitly world-writable permissions (e.g., 0o777 or 0o666) on files or directories can result in local privilege escalation or unauthorized modification. If a privileged service writes to a world-writable directory, local attackers can use symlink attacks to overwrite critical system files. Rely on safe default permissions (umask) or restrict write
The application sets an authentication-related session key without first invalidating or regenerating the session. This can lead to session fixation attacks where an attacker supplies a known session identifier, leading to unauthorized access. Call `$session->invalidate()` or `$session->regenerateToken()` before setting authentication state.
The Shiro configuration applies a global filter chain but does not include a CSRF or XSRF filter. Cross-Site Request Forgery (CSRF) can occur when a framework relies on session cookies for authentication without validating predictable tokens or restricting cross-origin submission. Add a custom CSRF filter to your Shiro filter chain definition configuration f
A TPM signature structure is accessed for HMAC operations (reading `any.hashAlg` and accessing `hmac.digest`) without validating that the signature algorithm tag (`sigAlg`) is actually `TPM_ALG_HMAC`. This can lead to an out-of-bounds memory read due to union type confusion. Always verify the signature algorithm type.
A key iteration loop attempts to prevent prototype pollution by blocking the '__proto__' key but fails to block the 'constructor' key. This allows attackers to execute Prototype Pollution attacks by injecting 'constructor.prototype' changes, which may lead to arbitrary code execution or logic bypass.
The 'srcdoc' attribute is missing from the list of stripped attributes. When configuring an HTML sanitizer (such as SimplePie) to allow `<iframe>` tags, failing to strip the 'srcdoc' attribute can lead to Cross-Site Scripting (XSS) since it allows executing JavaScript within the iframe. Ensure that 'srcdoc' is explicitly included in the attributes to strip.
A buffer copy bound is computed using the capacity of one buffer but applied during an append operation to a different buffer. If the destination buffer is smaller than the calculated remaining space, this mismatch will lead to a buffer overflow. Calculate availability space using the actual destination buffer.
A method in a PromptValue (or similar parser context) inherently trusts user items and dispatches them directly to file open or URL fetching functions. If an attacker controls part of the retrieved contexts, this causes Arbitrary File Read (via file:// or direct path) and SSRF. Ensure that paths/URLs are sanitized by enforcing allowed protocols and network l
Setting `ReadOnlyPort` to 0 in Kubelet configuration structs causes the field to be stripped during JSON serialization due to the upstream `omitempty` tag. As a result, kubelet ignores the 0 value and binds to the default unauthenticated port (10255), exposing sensitive cluster information. Set the read-only port dynamically via CLI flags (e.g., `--read-only
A slice is compacted and cleared using an external function before being placed into a map. When processing large user-controlled inputs (like HTTP headers), this can cause redundant slice modifications and GC pressure. Prefer deduplicating directly into the map in a single pass.
Constructing shell output strings and validating them with a flawed greedy regex pattern allows command injection. The regex uses a greedy `.*` pattern inside single quotes for values, meaning an attacker can craft a key containing an equals sign (`=`) to cause the regex to misidentify the key-value boundary, bypassing validation.
Constructing paths using `os.path.join` with unsanitized user input (such as URL parameters) can lead to path traversal vulnerabilities. An attacker may supply path traversal sequences (e.g., `../`) to access files outside the intended directory. Use Django's `safe_join` from `django.utils._os` instead to restrict target locations.
A blocklist approach is used to remove HTTP headers. This is insecure because new or lesser-known sensitive headers (e.g., 'Authorization', 'X-Api-Key') will bypass this filter and be forwarded or logged, potentially leading to credential theft. Implement a strict allowlist by iterating over all request headers and preserving only those explicitly marked as
Directly passing the result of `getOutput` to a container insertion method like `push_back` without checking for null can lead to a null pointer dereference later when the container elements are accessed. Assign the return value to a variable and verify it is not null before inserting.
A cycle detection mechanism was found that throws or returns upon detecting a duplicate, but lacks a corresponding limit on the collection's size. When this collection represents traversal depth or inclusion history, lacking a size bound can lead to Stack Exhaustion (CWE-674) or Uncontrolled Resource Consumption (CWE-400) via deeply nested structures. Enforc
Early dispatch or return based solely on the presence of OAuth parameters (`code`, `state`, `error`) without validating state or checking for HTTP parameter pollution allows CSRF and authorization bypass. Verify state parameters explicitly and check for parameter pollution (e.g., using `getlist`) before processing OAuth callbacks.
Constructing OS commands with string interpolation and executing them via a shell (e.g., `child_process.exec`) can lead to command injection. In `git-mcp-server`, an attacker could inject shell metacharacters or command substitutions (e.g., `$(...)`) even within double quotes. Use `child_process.execFile` or `child_process.spawn` and pass arguments as an arr
Constructing shell commands dynamically and passing them to `execSync` or `exec` can lead to command injection. Instead, use `execFileSync` or `execFile` (or `spawn`) and pass arguments as an array to prevent shell metacharacter evaluation by the OS.
Missing validation for HTTP/2 Data frames on stream 0. RFC 7540 designates that DATA frames must be associated with a stream greater than 0, as stream 0 is strictly reserved for connection control. Processing DATA frames on stream 0 can lead to uncontrolled memory usage. Ensure the stream ID is checked (e.g., `sid > 0`) when handling DATA frames.
Extracting a local path from a 'file://' scheme and passing it directly to a filesystem function causes an Arbitrary File Read / Path Traversal vulnerability if the URI is user-supplied.
A Go `http.Server` was instantiated without a `ReadHeaderTimeout` or `ReadTimeout`. This can leave the server vulnerable to Slowloris attacks (CWE-400), where an attacker holds connections open by sending headers very slowly. Always configure a `ReadHeaderTimeout`.
The HttpPayloadParser instantiation is missing the `headers_parser` argument. In pure-Python versions of aiohttp prior to 3.12.14, trailer sections in chunked requests were discarded without structural validation, leading to HTTP request smuggling (CVE-2025-53643) as front-end proxies might interpret the malformed payload differently. Ensure a capability to
The script creates or configures a Windows service using `sc` but fails to properly escape the `binPath` value. Because `sc.exe` strips the outermost quotes during argument parsing, passing a normally-quoted string (like `"%PATH%"`) results in the service's registry ImagePath being saved without quotes. If the path evaluated at runtime contains spaces, this
Directly using a `.filename` attribute in path construction without sanitization can lead to path traversal vulnerabilities (such as File Upload traversal or Zip Slip). Ensure the filename is safely processed using `secure_filename()` or `os.path.basename()` before filesystem operations.
The application decodes URL paths and assigns them directly to environment variables (like PATH_INFO) or uses them in file operations without normalization. This can allow an attacker to bypass directory boundary checks and access arbitrary files on the filesystem via directory traversal sequences (such as "..").
A potentially sensitive route ($PATH) is registered without a middleware wrapper (e.g., `negroni.New()`). This pattern can lead to authorization bypass or information disclosure if authentication is meant to be enforced. Ensure that sensitive endpoints are protected by the appropriate authentication middleware.
Detected file or directory operation on a path constructed via path joining without explicit bounds checking. This can lead to path traversal (CWE-22) if the components are user-controlled. Ensure that bounds are verified using `isWithin` before accessing it.
Direct parsing of untrusted user input into a regular expression engine can lead to a Regular Expression Denial of Service (ReDoS). Attackers can submit crafted regex payloads that perform catastrophically poor evaluations. Use safe static string evaluations or sanitize the input via `re.escape()`.
Writing to a hardcoded or predictable path in a world-writable directory (like /tmp/) can lead to local privilege escalation or file corruption via symlink attacks (CWE-379). Use the built-in `tempfile` module (e.g., `tempfile.NamedTemporaryFile` or `tempfile.mkstemp`) to create temporary files securely.
A missing validation check allows parallel reduction to take place underneath a SIMD-vectorized loop, leading to generated C++ code that can encounter a buffer overflow. Ensure parallel reductions are disabled under SIMD-vectorized loops when recalculating the `start_depth` for loops.
Unsanitized dictionary keys are parsed into child queries. By providing a dictionary with uppercase SQL functions (e.g., `{\"COUNT(...)\": [\"field\"]}`), an attacker may bypass string-based query sanitization and inject arbitrary SQL. Reject dict keys that map strictly uppercase components or explicitly handle SQL function generation boundaries before passi
A missing null check for `preset` during legato mode detection can lead to a null pointer dereference later when notes are processed.
Global multiline regex replacement of lone curly braces `{` or `}` (such as via `replace(/^\s*[{}]\s*$/gm, ...)`) will strip braces globally from data structures, including those inside code blocks or structured documents. This causes major structural data corruption. Perform line-by-line context-aware checks or use a parsing AST to preserve code boundaries.
A PJSIP authorization header gets fetched and its fields (like `credential`) are immediately dereferenced to initialize another variable without first verifying the pointer is not NULL. This can lead to a segmentation fault if the header is missing or invalid.
The HTTP decoder allows standalone Line Feed (LF) characters as line terminators for chunk delimiters and header lines, skipping arbitrary bytes. This violates HTTP/1.1 RFC requirements (which mandate CRLF) and enables HTTP Request Smuggling when fronted by a proxy network that handles LF properly. Ensure that chunks and header parsers strictly enforce the p
The QuoRem implementation performs division via truncation (using `Div`) instead of symmetric rounding. This mathematically violates the Euclidean domain property, leading to infinite loops in Half-GCD operations (Denial of Service). Additionally, mutating the receiver `z` early before completion can lead to aliasing bugs if it points to the same memory as t
The use of `child_process.exec` (or its promisified versions) with variable interpolation allows an attacker to inject shell commands via metacharacters like `;`, `|`, or `&&`. This leads to Remote Code Execution (RCE). Instead, use `child_process.execFile` and pass arguments as an array, bypassing the shell runtime evaluation.
Extracting paths from URLs using fixed character offsets based on assumptions about scheme lengths can lead to interpretation conflicts and path confusion. Malformed URIs might cause the extractor to yield an incorrect path, potentially bypassing upstream proxy path-based ACLs. Use a dynamically calculated offset based on a protocol separator (e.g., `url.ind
The code validates a path or workspace against directory traversal ("..") and URL encoding character discrepancies, but fails to check for shell tilde ("~") expansion. If this variable is passed without escaping to a shell environment, attackers can exploit tilde expansion to access unauthorized filesystem paths or inject commands. Add `strings.HasPrefix(val
Linearly unrolling a repetition or quantifier using uncontrolled bounds from input can lead to resource exhaustion and Denial of Service (DoS) if an attacker provides a very large upper/lower bound. Introduce an unbounded repeat AST node type or enforce a strict ceiling on loop boundaries.
A method constructs and returns a file path using user input without verifying the resulting file against an explicit allow-list. In restricted contexts (like file shares), this can allow attackers to access unauthorized sibling files or bypass directory-level restrictions (CWE-862). Ensure that file access boundaries are enforced by validating the path agai
Dynamically generated file paths via the internal templating engine are resolved without boundary validation. If user input is injected into the template, it can cause the resolved path to escape the restricted server directories (Path Traversal/LFI). Ensure paths are securely resolved and bound-checked using `startsWith` against their intended base environm
Use of a potentially NULL flow context parameter without prior checking.
Returning an error code such as ARCHIVE_FATAL directly from a parsing function without setting an error string can lead to a NULL pointer dereference when clients query the error string. Route error paths through a common block that sets the error string via archive_set_error() before returning.
Comparing an authentication token (like the Authorization header) using standard equality operators (`in`, `not in`, `==`, `!=`) can lead to a timing side-channel. These operators short-circuit and leak the length of the matching prefix, allowing an attacker to guess the token character by character. Use `secrets.compare_digest` or `hmac.compare_digest` inst
Failing to drop Initial encryption keys prior to or while dropping Handshake keys can lead to an assertion failure and Denial of Service (DoS). A malicious server might prematurely confirm the handshake (e.g., by sending a HANDSHAKE_DONE frame early), leaving unexpected Initial keys in the state. Ensure `protocol.EncryptionInitial` keys are explicitly droppe
Unescaped variable inside a prefix-anchored regex used for string substitution. If the variable origins from configuration or unconstrained input and contains regex metacharacters, the match or replacement might fail and expose internal logic or paths like directories. Always safely escape interpolated variables in regex replacements using `Regexp.escape(...
Untrusted input is passed directly to `TeamSpeak.connect()` without validation or sanitization. Malicious input, such as specially crafted Unicode characters, can cause exceptions during underlying ASCII conversion, leading to a Denial of Service (DoS) crash. Sanitize and validate connection options (e.g., host, port) before passing them to the connection me
Submitting an unvalidated array of answers to `Polls.handleRespondToPollReqMsg` allows a Denial-of-Service (DoS) via resource exhaustion. The inputs must be constrained in length or uniqueness according to the specific configuration flag before processing.
Direct unvalidated access to dynamic keys in `@emoji-mart/data` can cause an unhandled TypeError if a user-supplied key does not exist. This can lead to a Denial of Service (DoS) by crashing the application. Validate the key (e.g., check if it exists) or use optional chaining before accessing nested properties.
Interpolating an unescaped variable into a regular expression for prefix stripping can fail if the variable contains regex metacharacters (e.g. `+`, `?`, `*`). This can lead to path disclosure or incorrect string manipulation. Use `Regexp.escape` to safely interpolate literal strings into regular expressions.
Unescaped regex interpolation in path replacement. When an unescaped variable is interpolated into a regular expression (e.g., `/\A#{var}/`) to strip a prefix, regex metacharacters in the variable (like `+` or `.`) will cause the replacement to fail silently. This can lead to sensitive path disclosures, such as leaking the webserver's absolute root directory
Detected unescaped variable interpolation within a regular expression used for path/prefix substitution. If the variable contains regular expression metacharacters, the substitution can match unintended segments of the target string. In the context of directory paths, this can lead to absolute path disclosure or incorrect logic. Use `Regexp.escape()` or `Reg
Unescaped regex interpolation used in string replacement. If the interpolated variable contains regex metacharacters, the match may fail or behave unexpectedly. When stripping base paths, this can lead to absolute path disclosure. Use `Regexp.escape()` or `Regexp.quote()` to safely interpolate variables into regular expressions.
The token splitting logic does not impose a restriction on the input string length before performing cryptographic or base64 decoding preparation. An attacker can supply an excessively large token to exhaust memory or CPU resources, resulting in a Denial of Service (DoS). Validate the length of the string `len(...) <= LIMIT` before proceeding with parsing.
Splitting an untrusted string with the regular expression `/\s*,\s*/` can lead to Regular Expression Denial of Service (ReDoS) or excessive CPU consumption. An attacker providing a maliciously crafted string (e.g., many consecutive spaces without commas) can trigger worst-case execution time in the regex engine. Instead, split by the comma character literall
AST node visitors unconditionally delegate via `self.deref().accept()` without checking for Error variants. This may cause panics during traversal of malformed input, leading to a Denial of Service condition. Ensure the delegation logic wraps the call in an Error variant check (e.g., `if !matches!(self, Type::Error(_))`).
FreshRSS authentication bypass logic detected. The application checks whether a token parameter is non-empty without validating it against the user's expected secret, and uses another user-provided parameter to switch the user context. This allows an authentication bypass for anonymous attacks.
Detected an mpv argument list that does not explicitly include '--no-ytdl'. By default, mpv will attempt to execute 'youtube-dl' or 'yt-dlp' to resolve network stream links. In scenarios where user-controlled files or unverified directories are present, this can lead to arbitrary code execution if an attacker supplies a malicious executable matching the down
Direct interpolation of variables into SQL strings enclosed in single quotes was detected. This bypasses parameterization and may lead to SQL injection. Use parameterized queries such as `?` or `$1` instead.
Unbounded accumulation of data using write() in a decode loop without length limits can lead to memory exhaustion and Denial of Service (decompression bombs). Implement size constraints and raise an exception if limits are exceeded. [ignoring loop detection]
Detected unsafe access to the alert queue `p->alerts.alerts` at index `p->alerts.cnt` without checking if `p->alerts.cnt < packet_alert_max`. If the queue is full (`p->alerts.cnt == packet_alert_max`), accessing this index leads to a heap-based out-of-bounds read and can crash the engine.
`DetectEngineBufferTypeGetNameById` can return NULL for registry buffer types like `base64_data`. Passing its result directly into `VarNameStoreRegister` or utilizing it without a NULL validation results in a NULL pointer dereference, crashing the Suricata engine.
A path parameter is directly substituted into a URL template without URL-encoding. This can allow an attacker to inject path traversal sequences (e.g., '../') or query parameters, leading to Server-Side Request Forgery (SSRF) and path traversal. Ensure the parameter value is encoded using `urllib.parse.quote()` before substitution.
Unbounded iteration from a sequence number up to a sequence number set's `base()`. In RTPS and DDS protocols, an attacker can craft a gap message with a huge difference between the start and base sequence numbers. This causes memory exhaustion (OOM) when arbitrary sequence numbers are inserted into internal states, or high CPU consumption due to massive O(N)
A function intended to perform a subset check uses `.some()` instead of `.every()`. A subset check requires that all elements of the first set exist in the second set (logical AND). Using `.some()` changes this to an intersection check (logical OR). In access control logic, missing this distinction can lead to security bypasses (e.g., CVE-2025-64530) by allo
Spawning child processes with 'shell: true' via 'foreground-child' can lead to OS command injection if arguments (like filenames) contain shell metacharacters. Ensure untrusted inputs are properly escaped, or avoid using 'shell: true' by passing arguments directly or correctly wrapping with a shell explicitly.
A size check successfully prevents an oversized variable from being processed, but the entire untruncated variable is then embedded into the raised exception. If this exception is captured by error tracking systems or logs, it can lead to Denial of Service (DoS) and memory exhaustion. Refactor the code to omit the raw oversized payload from the exception mes
A globally hardcoded OpenSSL ENGINE instance restricts the application to a single hardware or custom cryptographic module configuration. This structural limitation can lead to failed handshakes or inappropriate cryptographic states when different engines are required. Ensure `ENGINE *` instances are dynamically injected or passed by reference.
Missing validation for the presence of the NodeID Information Element. A missing NodeID in PFCP messages may lead to a nil pointer dereference when calling `.NodeID()`, causing the process to panic and resulting in a denial-of-service (DoS) condition. Check that `$X.NodeID != nil` before attempting to read its value.
Returning a `nil` response when a PFCP Information Element (IE) fails to parse causes the UPF to silently drop the request instead of sending a proper rejection. This can lead to state inconsistency and denial-of-service (timeouts) for the peering node. Instead of returning `nil`, construct and return a valid response containing an appropriate rejection caus
Serving internal files or custom HTTP bodies via `*httpbody.HttpBody` in gRPC handlers can lead to authentication bypass or deserialization vulnerabilities when exposed through gRPC-Gateway. Refactor the endpoint to serve binary file downloads or specific HTTP streams using standard dedicated HTTP handlers (e.g., `http.HandlerFunc`) rather than processing th
Calling `mach_vm_deallocate` with parameters typed or cast as `vm_size_t` or `vm_address_t` instead of `mach_vm_size_t` and `mach_vm_address_t` causes pointer truncation on Apple 64-bit platforms, leading to a memory leak via failed deallocation. Use the `mach_vm_*` type variants for all arguments.
Uncontrolled recursion detected. The recursive function takes a depth parameter but does not validate it against a maximum threshold. A deeply nested structure could trigger stack exhaustion and lead to a Denial of Service (DoS).
Frappe query builder parses fields into queries but skips sanitization on keys when a dictionary is passed. This allows SQL payloads to masquerade as child queries. Validations such as `isupper()` checks must be implemented to prevent arbitrary injection or unexpected function calls.
Directly creating decoders or decompressors from a split string without limiting the number of elements can lead to an unbounded decompression chain. This is a Denial of Service (DoS) vulnerability. Extract the split array, check its length against a safe maximum, and then instantiate the decoders.
Use of legacy DToA formatting algorithms (`DToA.JS_dtostr` or `DToA.JS_dtoa`) is vulnerable to an algorithmic complexity Denial of Service (CVE-2025-66453) when handling small floating-point values. Replace legacy DToA calls with `DecimalFormatter` or modern formatting libraries.
The application uses `strings.Split` on a '.' character to parse a token or dot-separated input without limiting the split count or first validating the number of delimiters. A malicious payload containing thousands of '.' characters can cause unbounded memory allocations, leading to a Denial of Service (DoS). Use `strings.SplitN(token, ".", 3)` to restrict
A cryptographic verification function accesses raw signature data (`$SIG.data()`) without explicitly validating its length first. This can lead to a buffer over-read (CWE-125) if the underlying cryptographic API expects a minimum buffer length. Ensure that the length of the buffer is verified before passing its `.data()` pointer to C-style APIs.
The nftables backend configuration in a Go application (like the CNI portmap plugin) omits the 'fib daddr type local' instruction in the prerouting or output chain. This oversight allows traffic not destined for the node/host to be incorrectly intercepted and NAT-forwarded if rules match solely on port numbers. This defect can lead to unintended Man-in-the-M
A decompression match offset is checked for negative values (`< 0`) but not for zero before being subtracted from the current output pointer. If the offset is exactly zero, the decompressor may read from the current output index instead of a valid previous sequence. This causes it to copy uninitialized or residual buffer bytes into the uncompressed stream, p
Repeatedly counting characters in a string from index 0 up to an advancing boundary inside a loop causes quadratic time complexity O(N^2). This is a common vulnerability pattern when parsing quoted string headers and can be exploited for Denial of Service (DoS) with large inputs. Track the substring matches incrementally tracking lower-bounds without always
A quadratic time complexity (O(n^2)) vulnerability exists due to recalculating quote counts from the start of a string inside a loop. Since Python's `cgi` module was deprecated, this vulnerable pattern was often copied into third-party libraries. An attacker can cause a Denial of Service (DoS) by providing a maliciously crafted header parameter containing ma
Unconditional inclusion of the Client ID in the allowed audience list can allow ID tokens to be accepted in place of Access Tokens. This leads to authentication bypass. Ensure the Client ID is only appended if the token type is not an Access Token.
Directly accessing the `Params` map on a potentially absent SIP header via `.To()` or the internal `.to` field without first validating that the header is not nil can cause a nil pointer dereference. This leads to a panic and a Denial of Service (DoS) condition. Extract the header to a local variable and check if it is nil before accessing `.Params`.
A URL loaded from user input is fetched without validating that the hostname is not an internal IP address. This can lead to Server-Side Request Forgery (SSRF). Consider parsing the URL and checking the host with filter_var using FILTER_VALIDATE_IP to reject invalid or internal hosts.
Incorrect assertion that the lookup key matches the browser key, which can crash on CNAME records.
The code asserts that two object fields are null (indicating an uninitialized or free state), and then subsequently assigns to one of them. If the execution path reaching this assertion can be triggered multiple times via external input, the assertion will fail and crash the application (Denial of Service). Replace this assertion with proper conditional logi
In WeasyPrint before 68.0, URL fetching allowed automatic HTTP redirects, potentially bypassing SSRF protections when using custom URL fetchers. `default_url_fetcher` is vulnerable and deprecated. Use `URLFetcher` with `allow_redirects=False` to securely control redirection and prevent SSRF bypasses.
Dictionary keys are being iteratively extracted and passed directly to an object constructor (e.g., an AST node or query builder class) without prior validation. If the dictionary originates from a user-supplied JSON payload, attackers can insert arbitrary function calls, code, or payload strings as keys. Validate keys using an allowlist or character asserti
Substitution of parameters into a URL or path string without URL encoding. Malicious parameter values like '../' could lead to path traversal or SSRF. Sanitize parameter values using `urllib.parse.quote()` before replacing them in the URL template.
Unbounded decompression was detected. Decompressing data without a `max_length` parameter can lead to a Denial of Service (DoS) via "zip bomb" memory exhaustion. Configure a safe `max_length` parameter to limit the size of the decompressed output.
Using `assert` for critical data validation or state checks (such as end-of-file boundaries, stream validation, or field presence) is unsafe. When Python is executed with optimizations enabled (`-O` or `PYTHONOPTIMIZE=1`), all `assert` statements are stripped. This allows malformed data to bypass checks entirely, potentially leading to infinite loops or Deni
A size or accumulator variable is unexpectedly reset to 0 inside an asynchronous chunk/field processing loop. This invalidates global request body size validation by only validating individual chunks, which can lead to memory exhaustion (Denial of Service). Ensure accumulator variables are initialized outside the loop.
Detected a potential integer truncation when computing a byte size from an element size and count. By computing `sizeof(T) * count` and implicitly or explicitly mapping it to a 32-bit integer, the product can overflow the 32-bit limit on platforms where size_t is 64 bits. This results in a severely shorter computed length. If this truncated value is subseque
Path traversal leading to insecure deserialization. Using `os.path.join` with uncontrolled inputs and passing the result directly to an `open` call before deserializing with `pickle.loads` allows attackers to bypass boundary checks and execute arbitrary code. Validate paths using `os.path.realpath` and verify directory prefixes before opening.
Accessing a tuple via `tuple_index` without an `is_null()` check after casting with `as_tuple()`. This can lead to a Null Pointer Dereference DoS if the underlying VM parameter is not a tuple.
Child VM gas limit is not bounded by the parent's actual remaining gas. This allows a gas accounting discrepancy leading to unexpected OOG exceptions that can pollute or corrupt virtual machine states.
Unrestricted deserialization of internal TVM types like Continuations detected. When an attacker supplies a malicious Continuation object and it is successfully deserialized and executed, it consumes excessive CPU resources while accruing disproportionately low virtual gas costs. This monopolizes processing power and results in a Denial of Service (DoS) for
The Shiro configuration configures filter chains without including CSRF protection. Apache Shiro does not provide built-in CSRF defense natively, requiring manual filter configuration. Ensure a custom CSRF filter is added to the Shiro filter chains to protect state-changing requests against Cross-Site Request Forgery (CSRF).
Time-of-Check to Time-of-Use (TOCTOU) vulnerability detected. Calling `stat()` and then `chmod()` on the same path without `follow_symlinks=False` allows an attacker to swap a file or directory with a symbolic link between the two calls. This can lead to arbitrary file permission alteration or privilege escalation. Ensure you pass `follow_symlinks=False` to
Deserialization of untrusted data via `unserialize()` can lead to PHP Object Injection. An attacker can pass a serialized PHP object, which may execute arbitrary code or exfiltrate data if a Property-Oriented Programming (POP) chain is present. Use `json_decode()` instead.
Direct interpolation of object properties into a WordPress database query without passing them through `$wpdb->prepare()` can lead to SQL injection. Object properties often store unsanitized user or API inputs. Ensure all dynamic variables are properly escaped and parameterized.
Grouping vulnerabilities solely by scanner omits the scan/report type, leading to collisions between different scanners (e.g., DS and SBOM). This can cause active vulnerabilities to be improperly marked as resolved due to hash key collisions.
A byte count is padded to a block size using `divmod` without validating if the count is negative. In Python, `divmod` with a negative dividend and positive divisor yields a negative quotient. This can result in negative padded lengths that propagate into file offsets or buffer sizes, potentially leading to backwards-seeking pointer errors, infinite loops, o
A subtraction expression is cast to `size_t` and used in a bounds check. If the subtraction yields a negative result, the cast to `size_t` will underflow to a large positive value, bypassing the intended bounds check. Instead of `(size_t)($Y - $Z)`, perform the arithmetic after casting or rearrange the comparison to use addition.
The hunspell 'locale' parameter is fetched from user-controlled index settings and passed directly to HunspellService.getDictionary() without validation. An attacker with privileges to configure index settings can craft a locale parameter containing path traversal sequences (e.g. '../') to read arbitrary files or manipulate cache keys. Validate the locale us
A Time-of-Check to Time-of-Use (TOCTOU) race condition occurs when a file's permissions are modified by path after it has been opened. An attacker can replace the file with a symbolic link between the open and permission modification calls, potentially altering permissions of unintended, arbitrary files. To fix this, use file-descriptor-based functions (e.g.
Fetching an HTTP response body entirely into memory without a size limit can cause resource exhaustion (OOM/DoS) vulnerabilities. An unauthenticated attacker might provide a URL pointing to an aggressively large file or an endless stream to crash the host machine. Instead of using `.bytes()` or `.text()` directly on an HTTP response without validation, limit
The application uses a statically hard-coded string as a fallback for a JWT or session secret when the environment variable is not configured. This allows an attacker to bypass authentication by signing a forged JSON Web Token (JWT) or session cookie using the known default secret. To fix, require the environment variable to be set, or dynamically generate a
Dynamically dispatching recursive parsing operations using `methodcaller` can bypass recursion depth limits tracked in centralized parsing methods. This can lead to uncontrolled recursion (DoS). Ensure that nested structures are routed through methods that actively enforce recursion depth limits.
A regular expression blocklist explicitly blocks `sudo` but does not include `doas`. Hardcoded command blocklists are inherently incomplete and prone to bypasses (CWE-184). A missing check for `doas` can allow arbitrary command execution as root if the binary is present in the environment (e.g., `doas apk` or `doas sh`). Consider using an allow-list, robust
Directly calling `extractall()` on an untrusted ZIP archive without supplying a safely filtered `members` list can result in a Zip Slip vulnerability. Attackers can include paths such as `../` within the archive to write arbitrary files outside the intended destination directory. To remediate, iterate over the archive's `infolist()` and validate that each re
Extracting ZIP archives using `zipfile.ZipFile.extractall()` without validating archive members can lead to path traversal vulnerabilities (Zip Slip). An attacker can craft a ZIP file containing path traversal sequences (like `../`) to overwrite arbitrary files on the system. To avoid this, either use a sanitized list of members via the `members` argument, o
The form listener processes unsubscribe requests without authorization verification.
This rule is a placeholder. The original vulnerability was a logic flaw in a specific custom CSRF middleware implementation that was completely removed and replaced. It cannot be represented as a general static analysis rule.
When draining an HTTPResponse connection, calling `read()` without explicitly disabling `decode_content` can cause unnecessary decompression of the response body. This leaves the client vulnerable to decompression bomb DoS attacks when processing untrusted HTTP redirects. Explicitly pass `decode_content=False` or the current decoder state to prevent unbounde
An array is allocated using a size directly from a method parameter without an explicit upper bound check wrapping the allocation. If the size is controlled by an attacker during parsing or deserialization, this can lead to unbounded memory allocation, OutOfMemoryError, and Denial of Service (DoS). Validate the size against a reasonable threshold before allo
A loop decrements its counter by the result of a read operation without checking if the read returned 0. If the read fails or reaches end-of-file (EOF), it may return 0, causing the loop counter to never reach 0 and resulting in an infinite loop (Denial of Service). Ensure there is a break or return condition that asserts the read payload length is greater t
An object spread operator (`...$X`) placed after explicitly defined properties can overwrite those properties. When preceding properties act as access-control or identity boundaries (e.g., `$KEY`), a Mass Assignment vulnerability can occur if the spread object contains user-controlled keys. Attackers can bypass authorization by overriding these IDs. Move the
Missing bounds check for a packet extension header size prior to accessing its internal length field. This can cause an out-of-bounds read, potentially leading to a Denial of Service or unauthorized information disclosure.
The Valkey/Redis module initialization function is missing the `HANDLE_IO_ERRORS` option. Valkey modules are required to handle errors in RDB parsing by setting this flag. If this flag is not set, errors encountered during parsing result in a system assertion which shuts down the system (Denial of Service). To mitigate this, call `ctx.set_module_options(Modu
Outdated referenced section in comments.
An IP restriction blocklist is defined using array literals of `IPAddr` instances without explicitly accommodating IPv4-mapped IPv6 addresses. This can allow Server-Side Request Forgery (SSRF) if an attacker uses the `::ffff:` prefix for an IPv4 address (e.g. `::ffff:127.0.0.1`), bypassing pure IPv4 ranges. Ensure that `.ipv4_mapped` variants are explicitly
Transaction progress check relies on the 'complete' flag instead of 'done'. This may lead to memory leaks on errored or malformed transactions that are never marked as 'complete' and thus never freed by the application layer framework.
Dynamically looking up a property on the global object and instantiating or calling it can lead to Remote Code Execution (RCE) if the property name is user-controlled. An attacker could resolve and instantiate arbitrary global constructors such as `Function`. Use an explicit allowlist (e.g., an object map) of safe constructors instead.
The application configures a WebSocket upgrader to bypass origin validation by unconditionally returning 'true' in 'CheckOrigin'. This exposes the WebSocket server to Cross-Site WebSocket Hijacking (CSWSH). Remove the 'CheckOrigin' field to enforce the default same-origin policy, or implement strict comparison of the 'Origin' header against a whitelist of tr
Unchecked `split_at` or `split_at_mut` on slices can cause a panic if the index represents an out-of-bounds position. When processing untrusted parser inputs or ciphertexts, this missing bounds check triggers Rust unwinding and results in a Denial of Service (DoS). Consider using `split_at_checked` or `split_at_mut_checked` which return an `Option` for safe
A dynamically resolved constructor from a global object is invoked with unvalidated input. If the constructor acts as a TypedArray and the input is maliciously crafted as a large number instead of an ArrayBuffer or valid array-like object, the JavaScript engine will perform a length-based allocation. This causes excessive memory initialization, leading to De
Data payload meant for ArrayBuffer decoding should be verified to be a string. Omitting this type validation can allow an attacker to provide a non-string type to trigger unexpected behavior or bypass logic.
Eagerly allocating a buffer based on an unverified length before asynchronously reading chunks can lead to Denial of Service (DoS) via memory exhaustion. Defend against this by deferring allocation until all chunks are successfully read or validating the requested length against known HTTP Content-Length bounds.
Validating path inclusion via a string prefix match (`start_with?`) on an expanded path can cause a directory traversal vulnerability. Since directory names are not boundary-checked, a path like '/foo_bar' will match the prefix '/foo'. Ensure you append a trailing directory separator to the prefix before checking or use `==` for exact matches.
The P2P message handler unmarshals receipts directly into fully-decoded object representations (indicated by casting objects to full structure arrays). Processing unbounded P2P receipts dynamically during memory hashing can lead to a Denial of Service (DoS) via an Out-of-Memory (OOM) crash. Avoid explicit casting to fully allocated slice types (e.g., `types.
Repeatedly invoking an allocation-heavy function like `types.DeriveSha` inside a loop over external network data without a shared buffer pool can lead to massive garbage collection overhead and Denial of Service (CVE-2026-22868).
Aborting an archive extraction loop upon encountering a validation error can lead to scanner evasion if the extracted files are intended for security analysis. Attackers can place an invalid file before malicious ones to prevent them from being extracted and scanned. Use `continue` to skip invalid entries instead of aborting the process if building a scanner
The authorization logic incorrectly checks the role of the requested target (e.g., user record) instead of the current authenticated session context. This can lead to an IDOR (Authorization Bypass) where unprivileged users can access privileged records by requesting them. Ensure that the authorization condition verifies the role of the current requesting use
The code parses ASN.1 OID/RELATIVE-OID continuation octets without a limit on the number of octets processed per arc. This bounded loop allows arbitrary precision integers to grow infinitely via left bitwise shifts, resulting in excessive resource consumption (memory and CPU) when parsing untrusted ASN.1 payloads, potentially leading to a Denial of Service.
A database session or connection is created and closed manually but is not wrapped in a `try...finally` block. If an exception occurs before `.close()` is called, the connection will leak. Over time, leaked connections can exhaust the connection pool and cause a Denial of Service (DoS). Ensure that you wrap the usage in a `try...finally` block and call `.clo
Detected unsanitized path construction using `Path.join` followed by a filesystem operation. Constructing directory paths from user-controlled inputs using `Path.join` can lead to relative path traversal. Use `Path.safe_relative/2` to sanitize inputs or ensure they stay within the intended base directory.
A specific regular expression designed for parsing diff headers is vulnerable to ReDOS via overlapping match groups spanning line terminators. Furthermore, utilizing this strict regex for extraction inside an uncontrolled loop following a looser boundary check can induce infinite loops (causing DoS) if the regex fails to match input that triggered the loop l
An uploaded file is accessed without prior validation. Direct usage of `FILES` without an explicit validation function can lead to unrestricted file uploads, enabling Stored XSS or Remote Code Execution. Ensure the file's MIME type and extension are securely validated before processing its attributes or saving it locally.
A new lookup node is created and processed without checking for CNAME loops, which could lead to unbounded recursion.
The object returned by `get_MsConfig` is owned by the device object. Explicitly freeing it with `msusb_msconfig_free` causes a use-after-free vulnerability when the device object later dereferences the dangling pointer. Do not free this structure directly.
A use-after-free condition can occur if the `formats` array is freed but an active alias referencing one of the formats (e.g. `audin->format`) is not explicitly cleared. Concurrent threads accessing this dangling pointer may lead to a crash or arbitrary code execution. Ensure the active format is set to NULL before calling `audio_formats_free`.
A cleanup function was called with an additive duplicate variable expression (`$X + $X`). This is heavily indicative of a typo for a loop index or single variable `$X` (e.g., `i + i` instead of `i`). Calling a cleanup function with an accidentally doubled size or index overestimates initialized bounds, leading to out-of-bounds memory accesses and corrupted m
Resources are freed via StreamPool_Return or audio_formats_free without prior termination of the plugin/context thread. This causes a use-after-free if the background thread accesses these resources. Ensure thread synchronization (e.g., WaitForSingleObject, or a helper termination function) occurs before freeing context fields.
A logic flaw causes incorrect rounding when both the intermediate product and divisor are negative. The logic assumes a negative intermediate implies a negative result, neglecting the sign of the divisor. Attackers could trigger this path to cause precision deviations and break expected math boundaries.
A stack space management bug in the Lua engine fails to pop elements before generating an error. This can lead to an out-of-bounds write if exploited via recursive or memory-intensive string operations.
Missing check for JCS_RGB565 color space when setting up the color quantizer. The 2-pass color quantizer does not correctly handle JCS_RGB565, which can lead to a heap-based buffer overflow. Ensure the condition also checks `out_color_space == JCS_RGB565` to safely skip or error out when attempting 2-pass quantization on RGB565 data.
Infinite loop vulnerability in Tonelli-Shanks algorithm implementation. The loop terminates using an exact equality check (`i == e`) combined with an increment (`i++`) before the check. If `e` is 1, `i` increments to 2 and bypasses the `e` check. When the evaluated modulo is not prime, this bypass causes the loop to run indefinitely, leading to a Denial of S
Using `strings.HasPrefix` with `filepath.Clean` to check if a path is within a directory boundary is insecure. This allows attackers to bypass the check using a peer directory with the same prefix (e.g., `/app/base-pwned/..` successfully bypasses a check for `/app/base`). Use `filepath.Rel` instead, and ensure it does not return an error or begin with `..`.
The application lacks strict ownership validation and authorization boundaries for file/folder operations. Authenticated users could bypass access controls.
Unbounded memory allocation based on multiplied dimensions ($W * $H), which can lead to Out-Of-Memory (OOM) and DoS when processing malicious inputs (like images). Ensure that the allocated size is constrained to a reasonable maximum before creating the array.
Unchecked addition in bounds or capacity check. If the addition wraps around due to integer overflow, the bounds check might incorrectly succeed. In Rust release mode, standard addition wraps. This can lead to incorrect state invariants, undersized buffer allocations, out-of-bounds writes, and Undefined Behavior. Use `.checked_add()` and handle the overflow
Git argument injection detected. A user-controlled variable is passed to a git command without using the `--` end-of-options separator. This can allow an attacker to inject git command-line flags (e.g., `--upload-pack`) leading to remote code execution. Ensure `--` is used before any dynamic arguments.
Using `Picker.route` registers the route handler for all HTTP methods (GET, POST, PUT, DELETE). This lack of method-level boundaries can lead to authorization bypasses if an endpoint designed and checked only for read access accepts a state-modifying request. Migrate to specific HTTP method handlers like `WebApp.handlers.get()` or `WebApp.handlers.post()`.
`SimpleCookie.load()` or `BaseCookie.load()` can raise a `CookieError` on malformed inputs. If this method is called on user-supplied data without a `try...except` block, it can cause an unhandled exception, leading to a Denial of Service (DoS). Wrap the `load()` call in a `try...except` block to handle exceptions safely.
A pointer `$P` is logged after its memory has been freed. This Use-After-Free (UAF) can trigger crashes with strict memory-checking tools (e.g., ASAN) and indicates unsafe memory lifecycle management. Reorder the code to log before freeing, or do not access the pointer after deallocation.
Uncontrolled mutual recursion (CWE-674) in standard parser combinators. The functions recursively call each other when parsing nested grammar elements without tracking recursion depth. An attacker can craft deeply nested inputs (such as repeating parenthesis) to exhaust the call stack, resulting in Denial of Service (DoS) via stack overflow.
Constructing file paths via `filepath.Join` using unvalidated object properties (e.g., `.Path` or `.Filename`) can lead to arbitrary file read or path traversal if the property is attacker-controlled. Use a secure, non-traversable identifier like a UUID instead.
The application retrieves an LLM-generated SQL query (e.g., from an agent tool's attribute) and executes it directly via a database session without prior validation. This is vulnerable to prompt injection, which could allow an attacker to bypass LLM guardrails and execute dangerous commands (e.g., `COPY ... PROGRAM` or `INTO OUTFILE`), resulting in Remote Co
Missing middleware to reject suspicious encoded characters, which can lead to path confusion and bypass of access controls in reverse proxies.
Access control checks that compare the output of `filepath.Rel` against string literals using case-sensitive equality (`==`) can be bypassed on case-insensitive file systems (e.g., Windows). An attacker can supply a mixed-case file name (such as 'cOnf.json') which fails the equality check but remains resolvable by the OS, leading to sensitive file exposure.
Routing OAuth flows based solely on the presence of parameters like 'state' or 'code' in the request allows attackers to bypass CSRF protections. In OAuth callbacks, it is crucial to securely extract the parameter values (e.g., using `getlist` to prevent HTTP parameter pollution) and perform a cryptographic or strict equality comparison of the received 'stat
Unsafe execution of dynamic commands using `child_process.exec`. Shell metacharacters can be used for command injection. Use `trim`, `spawn` or `execFile` instead to pass arguments safely as an array instead of a concatenated shell string.
A schema validation allows an 'any' type for a payload data field (such as :data or :file). In Clojure, polymorphic I/O APIs such as `io/input-stream` or `slurp` natively treat Strings as file paths rather than raw string data. If this loosely typed payload is subsequently passed to a polymorphic I/O function, an attacker could supply a string representing a
Using `matches!` or `assert_matches!` with a simple lowercase identifier as the pattern evaluates to `true` unconditionally (or always passes the assertion). In Rust, lowercase identifiers in patterns act as irrefutable variable bindings, bypassing any intended value comparison. This can lead to severe security vulnerabilities if used for validation. If you
The XML internal subset/DOCTYPE parser lacked mechanisms to limit or track nested entity expansions (such as entityExpansionCount and currentExpandedLength). This omission allows evaluating unchecked recursive or massive macro structures from an external payload, resulting in a Denial of Service via memory/CPU exhaustion (Billion Laughs).
An improper bounds check clamps a buffer size or length by subtracting the end index ($X) from the limit ($LIMIT) when $X > $LIMIT. This results in a negative value that, if cast to an unsigned size, causes an integer underflow and massive out-of-bounds reads or writes. To fix this, clamp by subtracting the start index from the limit (e.g., $LIMIT - $START).
Directly calling free() on an xfAppWindow pointer obtained via xf_rail_add_window or xf_rail_get_window leaves a dangling pointer in the railWindows hash table. This will result in a use-after-free or double-free on disconnect cleanup. Let the table lifecycle handle the freeing of this pointer instead.
Advancing a string or stream pointer via `Stream_Seek` without checking its bounds after an alignment calculation allows out-of-bounds skips. This could lead to a crash (e.g. `WINPR_ASSERT`) via unvalidated stream operations. Use `Stream_SafeSeek` instead, which securely enforces bounds limits.
During server-side rendering (SSR), dynamic HTML tag names are directly interpolated into the HTML output string without validation. If 'tag' is controlled by an attacker, they can supply malicious characters (like spaces and angle brackets) to break out of the tag context and inject arbitrary HTML attributes or elements, leading to Cross-Site Scripting (XSS
Repeatedly splitting string parameters inside a comparison helper can lead to CPU DoS if called inside a large loop (such as verifying many x509 certificate SAN entries). To prevent this quadratic overhead, parse/split the loop-invariant variable once before the loop and pass the resulting slice (e.g., []string) to this function.
Overwriting sensitive module mode from user input without authorization check
An HTTP client is explicitly configured to follow HTTP redirects automatically. If initial URLs are validated against SSRF but redirect URLs are not, an attacker could return a redirect pointing to an internal service, bypassing the SSRF filter. Set `follow_redirects=False` (or `allow_redirects=False`) and validate redirect targets manually against the SSRF
Unbounded memory allocation detected when creating a sequence of bytes. Without validating the requested size, an attacker can specify a disproportionately large size parameter, resulting in an Out-Of-Memory (OOM) denial of service. Ensure the size argument is validated against permitted bounds (e.g., via `check_write()`) before allocation.
A vector is declared, populated, and then drained for manual cleanup entirely within an async block. If the async block contains early returns (like `?`), the manual cleanup loop may be bypassed, leading to resource leaks. Consider declaring the vector outside the async block and performing the cleanup after the async block has resolved.
An unbounded memory allocation was found using `iter::repeat().take()` driven by a function parameter. If this parameter is attacker-controlled (e.g., from WebAssembly guest inputs), it can cause memory exhaustion (OOM) and lead to Denial of Service (DoS) of the host environment. Ensure the parameter is checked against a dynamic stream limit or defined upper
The Parse Dashboard AI Agent endpoint (`/apps/:appId/agent`) is exposed without authentication or CSRF protection. This allows unauthenticated remote attackers to perform arbitrary database operations using the master key.
A function parameter is directly passed to `filepath.Abs` and returned without any subsequent validation. If the parameter is user-controlled, this can enable path traversal, allowing attackers to access or modify files anywhere on the backend filesystem by supplying absolute paths or path traversal sequences. Either use `filepath.Base()` to extract just the
Potential infinite loop detected. Loop iterates over xref/trailer offsets without tracking and validating visited offsets to prevent circular references (CVE-2026-27628).
The validation logic erroneously uses a chain of 'else if' statements to check for missing parameters. This captures and reports only the first missing parameter, returning it in the error response. Attackers can exploit this to iteratively probe the server and map internal validation logic or service dependencies.
The domain validation logic checks if a hostname ends with an allowed domain without validating that the check is an exact domain match or a proper subdomain (prepended with a dot). An attacker could bypass the check by registering a domain that ends with the allowed domain name (e.g., 'attacker-example.com' for 'example.com'). Update the logic to ensure exa
Detected unbounded zlib decompression of a PDF object or stream. Using `zlib.decompress` on untrusted stream attributes (e.g., `_data`, `data`, or `get_data()`) without reinforcing limits makes the application highly vulnerable to decompression bombs (zip bombs), leading to memory exhaustion and Denial of Service (DoS) attacks. Implement bounded decompressio
Directly assigning an unsanitized hash/array lookup to a `filename` key can lead to Path Traversal (CWE-22) vulnerabilities when processed by file upload or storage libraries. Attackers can supply path traversal characters (e.g., `../`) to save or overwrite files outside the intended directory. Sanitize the user-supplied filename using `File.basename(...)`.
Relying solely on the `.is_private` attribute of an `ipaddress` object is insufficient to block all internal network ranges. It neglects link-local addresses (e.g., 169.254.169.254 used for cloud metadata), loopback addresses, and reserved networks, potentially allowing SSRF bypasses. You must also verify `.is_loopback`, `.is_link_local`, and `.is_reserved`
Validating a path prefix using `starts_with` without first canonicalizing it can allow path traversal bypassing authorization checks. Because `starts_with` only performs a lexical comparison, an attacker can use dot-dot-slash (`../`) sequences to step out of the allowed directory (e.g., `/allowed/dir/../../etc/passwd` starts with `/allowed/dir`). Call `.cano
This rule detects Authlib's internal pattern before CVE-2026-28490 was fixed, where an algorithm is retrieved from a registry without validating whether it is deprecated when an explicit whitelist config is missing. This allowed insecure algorithms like RSA1_5 and 'none' to be used by default.
Constructing an `afero.NewBasePathFs` by taking `filepath.Dir` of a known directory path exposes the parent directory and its contents, causing potential path traversal and unauthorized access to sibling directories. Use `filepath.Clean` instead if the goal is to restrict access to the shared directory itself.
Detected an unsafe subtraction calculating multipart data length using `boundary.len + 8`. This calculation fails to align with the multipart buffer validation check that enforces a minimum length of `boundary.len + 6`. When the buffer length falls between these two values, it causes an integer underflow that generates a massive length parameter. This leads
Creating a temporary file without specifying a `dir` and then moving it with `shutil.move` can lead to an arbitrary file overwrite. If the temporary directory is on a different filesystem than the destination, `shutil.move` falls back to a copy operation, which insecurely follows symbolic links at the destination path. Provide the `dir` argument so the tempo
Sensitive Control Panel configurations like CP URLs and announcements are being exposed unconditionally inside an AssetBundle. This allows unauthenticated users to access administrative details. Guard these properties using `$request->getIsCpRequest()`.
Mass assignment of user-supplied criteria to a database query object through `Craft::configure()` without unsetting SQL-specific keys allows SQL injection. Attackers can overwrite query properties (like 'where', 'join') to inject arbitrary SQL logic. Ensure you sanitize the criteria array by unsetting unsupported keys (e.g., `where`, `orderBy`) before passin
Concurrent modification of a receiver's map or fields in an HTTP handler without synchronization is unsafe. In Go, concurrent map writes cause a fatal runtime panic (fatal error: concurrent map writes), leading to process termination and Denial of Service (DoS). Protect shared state with a synchronization primitive like `sync.Mutex` or `sync.RWMutex`.
When disabling guest access permissions, the `Kill` permission is not explicitly revoked. This allows unauthenticated users to interact with endpoints that require `Kill` authorization, leading to broken access control and potential Denial of Service.
Evaluating XPath expressions using `elementpath` default parsers (XPath2Parser, XPath3Parser, etc.) is unsafe because they support dangerous functions such as `unparsed-text()`, `doc()`, and `environment-variable()`. An attacker can use these functions to read arbitrary files or leak environment variables. Evaluate untrusted XPath using a custom parser with
Decoding a request path or URL using `decodeURIComponent` can introduce a path confusion vulnerability. `decodeURIComponent` decodes percent-encoded slashes (`%2F`) into literal slashes (`/`), whereas most application routers use `decodeURI`, which leaves them encoded. This discrepancy can allow an attacker to bypass route-based middleware protections (e.g.,
Direct creation of child contexts via the stream read context bypasses maximum nesting depth validation defined in `StreamReadConstraints`. This can lead to uncontrolled resource consumption and a StackOverflowError or Denial of Service (DoS) when deeply nested documents are parsed. Delegate these operations to `createChildArrayContext` and `createChildObjec
Dictionary keys passed directly to `ChildQuery` without prior validation. An attacker can pass malicious SQL fragments or uppercase SQL function names as dictionary keys in the `fields` parameter to achieve SQL injection. Validate the keys (e.g., ensuring they are not uppercase) before passing them to the query builder.
The sensitive `workerConfig` object is used statically outside of Next.js server-side rendering bounds (e.g., getServerSideProps). In Next.js, referencing it at the component or shared layout layer embeds these secrets directly within the static client JS bundle.
Double placeholder expansion in Caddy HTTP vars matcher exposes a vulnerability where untrusted user input within a placeholder can be double-evaluated. This can lead to a leak of environment variables, files, or sensitive server info. Ensure placeholders are handled safely by preventing double repl.ReplaceAll() calls on request controlled keys.
Sandbox execution via the manager interface lacks input validation, allowing malicious scripts or arguments to bypass security controls and reach the underlying executor. Ensure custom validation is implemented before passing execution payload to the sandbox.
A custom fallback file resolution method yields filepaths without bounds validation, which can allow path traversal.
Detected potential Path Traversal. Unsanitized inputs generated by `path.join` are being supplied directly into file reading API(s) such as `fs.readFileSync`. Attackers may be able to read restricted system files by injecting traversal sequences (`../`). Ensure that all dynamic paths are sanitized via a proper validation routine before they are read.
Extracting a destination URL from the request path via regular expressions and directly passing it to `fetch` enables Server-Side Request Forgery (SSRF). This approach is additionally vulnerable to WAF/Edge bypasses via path normalization differences (such as using backslashes). Validate and allowlist the extracted destination before making request calls.
Decoding an HTTP request body into memory without constraints can lead to Denial of Service (DoS) by memory exhaustion. An attacker can send an arbitrarily large request payload. Ensure that the request body size is limited either globally using `http.MaxBytesHandler` (checked via `MaxBytesError`), or locally using `http.MaxBytesReader` or `io.LimitReader`.
Processing a block header without checking the remaining size can lead to a size variable underflow. This underflow can cause massive loops over out-of-bounds memory reads and writes. Validate size before subtraction.
A multipart payload is split into parts and iterated over without checking the maximum number of parts. If an attacker submits a highly segmented payload, this synchronous iteration can consume excessive CPU time and lead to a Denial of Service (DoS) by blocking the event loop. Enforce a limit on the length of the parts list via `len()` before iterating over
Missing escaping of square brackets in shell execution context, allowing glob expansion bypass.
Detected potentially insufficient escaping of system inputs. First, custom sanitization using `re.sub` character classes may miss critical shell characters (like semicolons or newlines) when used to build terminal strings or HTML. Second, directly rendering `json.dumps` to variables intended for HTML can lead to Cross-Site Scripting (XSS), as `json.dumps` do
The OIDC/OAuth2 token endpoint processes an "authorization_code" exchange but appears to perform the code lookup without including the requesting Client ID validation. An attacker could use their own valid client credentials to exchange an authorization code that was meant for another client, leading to unauthorized token issuance. Ensure you verify the requ
Incorrect size calculation for strncat/g_strncat. Subtracting the length of the source string from the total size rather than the length of the destination buffer fails to account for data already accumulated in the destination. This can lead to a heap-based buffer overflow. Calculate the remaining size using the destination string length (e.g., size - 1 - s
A source path extracted from user input via an untrusted map is passed directly to a file operation or import function without validation. This can result in path traversal, arbitrary file read, or exposing sensitive local files. Validate the file path against specific allowed subdirectories and block sensitive paths.
Path variables from an HTTP request are passed to a validation or authorization function before being normalized with `path.Clean()`. An attacker can bypass deny rules by using `../` traversal sequences, which are then normalized after the validation checks. To fix this, always call `path.Clean()` on the input paths before evaluating them against security ru
Missing 'Download' permission check when verifying 'Share' permission, allowing users to bypass download restrictions via public share links.
A user-supplied URL is passed directly into `file_get_contents()`. Validating user input with only `FILTER_VALIDATE_URL` is insufficient because it does not restrict dangerous protocol schemes (such as `file://`) and does not prevent hostname resolution to private or internal IP ranges. This combination leads natively to Server-Side Request Forgery (SSRF) an
Unpacking multiple logical parameters from a single Gin path variable using `strings.Split` can lead to parameter confusion and input validation boundaries bypass. If a user-controlled item (like an ID) naturally contains the delimiter, subsequent array offsets map incorrectly, potentially leading to logic corruption, IDOR, or errors. To resolve this securel
Using `fs::metadata()` instead of `fs::symlink_metadata()` to inspect a path following a directory creation error allows attackers to bypass boundary checks using symlinks. `fs::metadata()` follows symbolic links, meaning if an attacker creates a symlink where a directory is expected, the application will evaluate the target of the symlink. Use `fs::symlink_
Passing unsanitized user-supplied criteria to `Craft::configure()` on a query object can allow SQL injection if the keys include query properties like 'where', 'select', 'join', etc. Always remove unsupported or dangerous keys from user-supplied criteria before passing them to configuration functions.
Unrestricted mass assignment of user input to an object via `Craft::configure()`. Applying untested user input (such as data from `Component::cleanseConfig()`) directly to a database query object allows attackers to set arbitrary query properties such as 'where', 'join', or 'union', leading to arbitrary SQL injection. Ensure sensitive query attributes are ex
Directly configuring objects using request data (via Component::cleanseConfig) without filtering out restricted SQL criteria properties (e.g., 'where', 'union') exposes the application to SQL Injection. Ensure that unsafe array keys are unset before applying the criteria.
Archive extraction via `tarfile.extractall` iterates over members and attempts safety validation but misses symlink target validation. This allows a bypass via malicious symbolic links pointing outside the extraction directory. Verify all members using `issym()` and `islnk()`.
Missing validation of git remote URL allows local path cloning.
Incomplete path traversal guard. The software validates only one path component for directory traversal sequences ('..') while missing other concatenated user inputs.
The code assigns `True` to an ORM query clause when a parameter equals "all", effectively bypassing record-specific filtering. If not properly guarded by an authorization check verifying the user has global read access, this allows attackers to access restricted records. Validate user permissions or filter against an explicit list of allowed records instead
The application blindly trusts the `X-Forwarded-Proto` header to dictate the URL scheme without verifying whether the originating proxy is trusted. This allows an attacker to spoof the protocol (e.g., impersonating an HTTPS request over HTTP) and potentially bypass scheme-based access control rules. Ensure that `X-Forwarded-*` headers are only used when they
A wildcard `*` is hardcoded as the value for the `Access-Control-Allow-Origin` header in `send_header`. This permissive CORS policy allows any origin to read the response. If the HTTP server exposes sensitive data or APIs, this can result in cross-origin data exfiltration via simple requests or preflight bypasses. Configure allowed origins explicitly instead
Inappropriate application of `HTMLEscapeString` on string inputs prior to Markdown conversion. This causes valid HTML sequences to be redundantly double-escaped because the `goldmark` converter natively handles rendering. Pass the string directly to the Markdown converter without prior escaping.
ModSecurity file upload verification rules should include `t:removeWhitespace` to prevent bypasses via whitespace padding in file extensions.
IPv4 validation missing `is_unspecified()` check. When checking whether an IP address is private or loopback to prevent Server-Side Request Forgery (SSRF), failing to block the unspecified address (`0.0.0.0` or `Ipv4Addr::UNSPECIFIED`) can allow attackers to bypass protections. On some operating systems (like Linux), traffic destined to `0.0.0.0` is routed t
Sequence expansion logic computes a step increment using `Math.abs` without enforcing a non-zero minimum. If the step evaluates to 0, this can lead to an infinite loop (Denial of Service). Enforce a minimum increment, e.g. with `Math.max(Math.abs(step), 1)`.
Missing validation of auth_length against frag_length could lead to an assertion failure and DoS.
Compiling user-supplied `jq` expressions without constraints can lead to the execution of dangerous `jq` built-ins. Built-ins like `env` allow leaking process environment variables (such as passwords or API keys), while `import` and `include` allow arbitrary file reads. Ensure dynamic `jq` queries are validated against an allowlist or blocklist before passin
Potential SSRF via unvalidated URL passed to pyLoad's `_download` method.
A loop variable is initialized to 1 instead of 0 during a slice comparison. This skips the first element of the slice (index 0). If this function is used for security validation (e.g., evaluating privileges or rules), it could lead to policy bypasses. Ensure index 0 is validated, or initialize the loop variable to 0.
An authentication token is retrieved with an empty string default and passed directly to a validation callback without checking its truthiness. If the underlying data store contains an empty string token, this could lead to authentication bypass. Ensure the token is validated to be truthy before passing it to the validator.
The function performs session-level access control but fails to verify if the underlying business object has been soft-deleted or marked inactive. This can allow attackers to bypass authorization and access revoked or expired resources.
Concatenating an untrusted path to a base path and using it in file operations without containment checks is vulnerable to path traversal. Validate that the resolved path is within the intended base directory before using it.
Unsanitized decoded inputs used directly in a 'Content-Disposition' header can lead to path traversal vulnerabilities and HTTP response splitting. Functions like 'decodeURIComponent' will unmask directory traversal sequences (%2F -> /) and control characters. Always sanitize extracted filenames (e.g., using a library function or 'path.basename') before placi
A Sprig template function map is being initialized without removing `getHostByName`. When templates are user-controlled, an attacker can use this function to perform DNS lookups from the server, leading to DNS exfiltration of sensitive data or SSRF-like network reconnaissance primitives. Ensure that you delete the `getHostByName` key from the function map be
Unrestricted deserialization using `pickle.load()` on an opened file object. This allows arbitrary code execution if the file contents can be controlled by an attacker. Consider using `json.load()` or a restricted unpickler that overrides `find_class()`.
Conditional validation using `.get()` truthiness (e.g., `req.get('key') and not is_valid(...)`) allows falsy values like empty strings `""`, lists `[]`, or `null` to bypass security validation entirely. If these unvalidated falsy values are processed downstream or stored in a system, they can lead to type confusion, crash-induced DoS, or authorization bypass
Raising a validation error when an account already exists can lead to user enumeration attacks. An attacker can probe endpoints to discover registered accounts. Avoid returning distinct errors for existing accounts; instead, process the request opaquely and handle notifications out-of-band. (Note: Token-authenticated confirmation endpoints are excluded as th
Potentially untrusted archive entry name or file path is written to disk without validating against path traversal (Zip Slip). Use Go 1.24+ 'os.OpenRoot' or ensure paths are sanitized before file operations.
Code iterates over archive members prior to extraction but does not appear to validate symlink targets. While checking for path traversal is common, failing to check for symbolic links allows an attacker to extract a payload outside the destination directory (symlink escape). Ensure you validate 'issym()' and 'islnk()' for tarfiles, or 'external_attr' for zi
An unsigned integer underflow can occur when directly subtracting a dynamically computed value from a bounding length variable without verification. If the right-hand side exceeds the value of the bounds, it wraps around to a large positive integer. In parsing loops, this may lead to infinite loops or out-of-bounds reads. Extract the computation to a variabl
Returning `false` from `isOneTimeAction` allows the required action to be executed multiple times using the same action token. If an action token (such as an execute-actions email link) is intercepted, it can be replayed to perform sensitive actions maliciously, such as unauthorized authenticator enrollment. Ensure that sensitive actions are strictly one-tim
A path constructed via `os.path.join()` using an untrusted function parameter is opened without validating that the resolved path is contained within the intended base directory. Attackers can use directory traversal (e.g., `../`) or absolute paths to read arbitrary files. Ensure the resulting path is effectively checked against the allowed base directory us
Naive joining of a base path with a function parameter using `os.path.join` without boundary validation enables path traversal vulnerabilities. If the parameter is attacker-controlled, they can read arbitrary files by escaping the base directory. Ensure that the resolved path is validated (e.g., using `abspath` and `startswith`) before interacting with the f
A request handler performs generic authorization checks but lacks OAuth scope, audience, or token transport validations. This can result in authorization bypass or CSRF if token sources like cookies are permitted without explicit constraints.
Returning immediately upon branch setup failure in a parallel channel aggregation context. In a logical OR scenario (e.g. permission checks), this fail-fast aborts parallel checks and causes false negatives. Consider emitting the error to a channel and continuing instead.
A dictionary from a loop is mutated using a denylist approach (`del dict[key]`) and then appended to a collection. This can leak data if unexpected or new sensitive keys are added to the dictionary over time. Prefer an explicit allowlist approach where a new dictionary is instantiated containing only the explicitly permitted keys.
Constructing a file path dynamically from untrusted variables (e.g., f-strings) and then writing to it can lead to arbitrary file writes via path traversal if the variable isn't strictly validated or typed.
A potentially signed value is compared directly against an unsigned maximum limit (`SIZE_MAX / $SIZE`). This can lead to type promotion issues where the signed integer is implicitly cast, potentially enabling integer overflows to bypass bounds checks. Explicitly cast the signed value to an unsigned integer type before making the comparison.
A boundary validation check comparing a potentially signed integer against `SIZE_MAX / $Y` without explicitly casting it to an unsigned integer format was detected. Due to implicit C++ type promotion rules, the bounds condition may evaluate unsafely depending on integer widths, potentially allowing out-of-bounds large integer sizes to bypass validation. This
AsyncHttpClient instances unconditionally copy Realm credentials to arbitrary redirect targets without checking domain boundaries. This propagates plaintext credentials on cross-domain redirects or HTTPS-to-HTTP downgrades. To fix this, ensure the realm is stripped when crossing origin boundaries securely.
Calling `extractall()` on an archive object without validating member paths can result in a path traversal (ZipSlip/TarSlip) vulnerability. Verify that the archive members resolve strictly within the intended target directory, pass a restrictively filtered `members=` list, or use `filter='data'` (Python 3.12+).
Caching data using merely an ID without taking context/filters into account can lead to data leaks.
A Stimulus controller unconditionally initializes form bounds from default cookie values. If this form is used for existing records, this silently overwrites the record's existing configuration with defaults upon saving, which can downgrade strict security bounds. Protect the value assignment with an edit-mode persistence check to prioritize the existing rec
Directly assigning a superglobal like $_POST or $_GET to $_SESSION, or iterating over a superglobal to populate another array without validating the keys, can lead to mass assignment and session pollution. Extract specific fields or use a form validation library instead.
Implicitly comparing a signed integer with a size division (like `SIZE_MAX / element_size`) can lead to signedness/promotion mismatches on mixed-bit architectures (e.g., 32-bit `size_t` vs 64-bit signed int). This can unexpectedly evaluate to false and bypass memory allocation overflow checks. Explicitly cast the signed integer to an unsigned 64-bit type (e.
A signed integer is checked for negativity and then compared against a division (typically representing an upper capacity limit like SIZE_MAX / size) without an explicit cast. This can cause signed/unsigned type promotion issues, leading to potential integer overflows or critical static analyzer warnings. Explicitly cast the signed integer to an unsigned typ
String interpolation using unsanitized dictionary values. When the result is used in an HTTP request URL, it may lead to Path Traversal or Server-Side Request Forgery vulnerabilities. Ensure input structure is validated (e.g., characters like ?, #, /, and .. are restricted).
Detected a custom regex-based string interpolation loop directly substituting dictionary values. If this template is used to construct URLs, it is vulnerable to Path Traversal or SSRF, as the values are neither URL-encoded nor validated against path delimiters. Ensure URL construction uses verified inputs (e.g., blocking `../`, `/`) or use `URL` objects and
The application handles the OAuth `error` response from the callback URL before validating the `state` parameter against the expected session value. By submitting a crafted request with an `error` parameter, an attacker can bypass the state check, tricking the service into prematurely rejecting the flow and terminating it. Validate the `state` parameter unco
Directly returning the raw result property of an asynchronous operation without structural validation can lead to object property injection if the object originates from an untrusted source. Ensure that you explicitly pick only the expected fields into a new object literal.
An HTTP handler creates or opens a file but lacks an explicit validation check on the request, which may lead to CSRF or missing authorization vulnerabilities if exposed without protection.
Relying solely on `ipaddress.is_private` for SSRF protection is insufficient. The `is_private` property does not block all non-publicly routable IP ranges, such as the RFC 6598 Shared Address Space (100.64.0.0/10) or multicast addresses. An attacker could exploit this to bypass SSRF filters and access internal services. Augment `is_private` with checks for m
A modulo operation uses the `.count()` method as the divisor without a preceding zero-check. If `.count()` returns 0, this will cause a division-by-zero hardware exception (SIGFPE) leading to Denial of Service (DoS).
Direct connection to backend WebSocket in development mode using VITE_PROXY_TARGET. This skips the development server proxy and breaks middleware cookie injection, exposing unprotected initial handshakes.
Tarfile extraction iterates over archive members (often to mitigate CVE-2007-4559) but fails to validate symlinks using `issym()`, `islnk()`, `linkname`, or `type`. This allows symlink escape attacks where a malicious archive creates symlinks pointing outside the extraction directory.
The parser cursor is advanced by only a small offset (`start+2`) rather than the entire parsed token length (`end`) when an error occurs. This causes overlapping reparsing of the input string, leading to O(N^2) complexity and potential Denial of Service (DoS).
Unchecked type assertion to a cryptographic key type (e.g., `*rsa.PublicKey`). If the interface contains a different type (for instance, an ECDSA key returned by an external JWKS endpoint instead of RSA), the assertion will panic and cause a Denial of Service. Use the `value, ok := ...` idiom to safely assert types.
Unescaped iteration variables flow into OS command execution. An attacker who controls the iterated array or configuration can inject arbitrary shell commands or overwrite arguments. Ensure array or iterable variables are rigorously sanitized using `escapeshellarg()` or `escapeshellcmd()` before being concatenated into a command string for shell execution fu
Extracting untrusted ZIP archives fully to the local filesystem without size limits exposes the application to Zip Bomb (disk exhaustion) DoS attacks. Use a streaming approach to iterate over entries and enforce strict bounds on uncompressed file sizes.
Catching a generic `IOException` or `Exception` when calling `toRealPath()` and falling back to `normalize()` can mask symlink validation errors (e.g., AccessDeniedException). If `toRealPath()` fails due to an access exception on a symlink, the fallback path will circumvent symlink resolution, leading to directory traversal vulnerabilities. Catch `NoSuchFile
HTML Document backend lacks security config and overrides URLs blindly.
Passing the result of `urljoin` directly into a `Path` object without validation can result in Path Traversal or Local File Inclusion (LFI). Python's `urljoin` ignores the base URI entirely if the target substring provides an absolute path or wrapper scheme. This allows attackers to specify arbitrary local paths out-of-bounds.
Missing handling of single-page documents in SPLIT_PAGE HTML generation, which can lead to silent dropping of document content and denial of service.
The setup initialized the backend with an unvalidated, unconstrained original_url parameter blindly utilized to construct absolute paths via urljoin(), potentially leading to SSRF.
Generating a session token or credentials directly from a process ID (PID) makes the token highly predictable. Attackers can guess valid tokens to hijack sessions or trigger unauthorized actions. Use a cryptographically secure random number generator (CSPRNG) to generate session identifiers.
Dynamically applying `yaml.safe_load` to environment variables matched merely by a prefix opens the door to YAML injection vulnerabilities if the results are later used in structural configurations downstream. Restrict `yaml.safe_load` to an explicit allowlist of variables.
Environment variables are iterated and parsed with `yaml.safe_load` or `yaml.load` without structural type validation. If this unvalidated parsed structure is passed into downstream consumers (such as Jinja2 rendered YAML manifests), it allows attackers who control runtime environment variables to achieve configuration or manifest injection. Validate the par
The code handles invalid zisofs block size exponent by returning silently without error propagation.
Conditionally skipping the initialization function leaves state uninitialized, causing downstream nil pointer dereferences.
The JWT implementation does not correctly extract 'alg' and 'kid' from JWK objects during signing, potentially leading to algorithm confusion.
Failing to restrict the WebSocket frame or message payload size can allow unauthenticated attackers to consume excessive memory, leading to Denial of Service (DoS). Ensure both `maxMessagePayloadSize` and `maxFramePayloadSize` are set to reasonable limits when configuring autobahn's WebSocketFactory via `setProtocolOptions`.
The routing logic for this authentication or token endpoint does not enforce rate limiting. Unrestricted authentication paths allow for brute-force and credential stuffing attacks. Ensure that a rate limiter check (e.g., `checkRateLimit`) is executed before passing the request to the underlying handler endpoint.
A file path returned by a fallback function is yielded directly without validating if it falls within allowed root directories. This can lead to a Path Traversal vulnerability if the file parameter is attacker-controlled.
User input was passed directly to the standard Python `re` module. The standard `re` module is vulnerable to Regular Expression Denial of Service (ReDoS) when processing untrusted complex patterns, as it lacks a timeout mechanism. To fix this, consider using the third-party `regex` module which allows setting execution timeouts to protect against catastrophi
A sequence generation loop does not enforce an incremental capacity limit, leading to potentially unbounded CPU/memory consumption.
A custom tarfile extraction sequence iterates over members but fails to validate symbolic links using `.issym()` or `.islnk()`. While this loop may attempt to prevent directory traversal (e.g., mitigating CVE-2007-4559), missing symlink checks can lead to arbitrary file overwrite. Attackers can exploit this by crafting archives with symlinks pointing outside
Filtering out empty nested sub-arrays removes intermediate items and shifts all subsequent indices. In structures where array indices provide semantic mapping (e.g., node output logic branches or protocol ports), this incorrectly recompiles connection maps, causing data corruption or authentication bypasses. If array indices represent immutable identifiers,
The application accepts and processes arbitrary URIs without performing validation against private/loopback addresses. This can lead to Server-Side Request Forgery (SSRF), allowing attackers to access internal services, link-local environments, and cloud metadata endpoints. Add URL validation logic before resolving or connecting.
An unvalidated AST node value (`.value`) is passed directly into a raw SQL query binding (`knex.raw()`). In NocoDB formula resolution, passing a literal string this way without parameterization or strict allowlisting (such as for 'ASC' or 'DESC') allows an attacker to bypass basic sanitization and execute arbitrary SQL injection via the ORDER BY clause. Ensu
Multimodal tool results (e.g., URLs) are incorrectly extracted and added to user prompts. This can allow attackers to bypass tool-specific security validations (such as SSRF blocklists on URLs) because the contents are evaluated as standard user strings/comments rather than structured tool returns.
Missing CSRF middleware or proper authorization scope validation on Gin router setup.
The `$FUNC` method appears to parse or decode structures recursively without tracking the recursion depth. Although it passes unmodified state securely (e.g. typical cycle detection via a seen set), an attacker could provide a long chain of valid forward links that bypasses cycle checks but causes uncontrolled recursion, leading to a stack exhaustion Denial
When performing operations on a shared dictionary or cache in concurrent access, returning early on cache hits can bypass the eviction process. If the eviction process breaks on concurrent modification exceptions (like RuntimeError), the dictionary size can drift above bounds. Subsequent cache hits skip the eviction logic, maintaining the inflated unbounded
This is a placeholder rule for CVE-2026-47214. The vulnerability is an architectural omission in docling's implementation (missing HTMLBackendOptions), which cannot be reliably detected as a generic API misuse pattern in client application code.
A cross-origin redirect handler clears some authentication headers but fails to clear the explicit per-request `cookies` variable. This can leak sensitive per-request cookies to third-party domains.
XPath injection due to unescaped string interpolations into XPath queries.
Executing OS commands with dynamic string formatting via os.system or subprocess with shell=True is vulnerable to command injection. An attacker who controls the interpolated input can break out of the command string to execute arbitrary code. Use subprocess functions without shell=True and pass arguments as an array/list.
Converting an unbounded or untrusted string (like a URI scheme) to an atom dynamically using `String.to_atom/1` can lead to an atom memory exhaustion Denial of Service (DoS) vulnerability. Erlang VM atoms are not garbage-collected, so an attacker who can provide unique inputs can exhaust the bounded atom table and crash the application. Use pattern matching
Constructing headers or multipart parameters by directly interpolating untrusted values into a `key="value"` string format without escaping allows CRLF and double-quote injection attacks. In contexts like Content-Disposition headers, this can lead to header smuggling, parameter forgery, or multipart body manipulation. Ensure that values are checked for `\r`,
Extracting a file path from a user-supplied URL and verifying only its existence allows path traversal and arbitrary local file reads. Path input extracted from untrusted URLs must be defensively normalized using `os.path.abspath` and verified against an explicit allowlist before being trusted.
Pointer arithmetic is applied directly using a parsed IP header length (IHL) without bounds checking. This can advance the pointer past the end of the packet buffer, resulting in an out-of-bounds read or type confusion. Compute the header offset into a variable and validate it against the buffer boundaries before evaluating the pointer advancement.
HTTP method is merged into the request serialization list without prior validation. An attacker can pass malicious methods containing CRLF sequences to inject HTTP headers or smuggle requests. Ensure the given method string is validated to contain only allowed characters before constructing the payload.
Using `Integer.parse/1` or `Integer.parse/2` to parse `Content-Length` or other HTTP length headers can leave the application vulnerable to HTTP Request/Response Smuggling. Elixir's `Integer.parse` accepts an optional `+` or `-` prefix, which violates RFC 7230's strict digital-only format for lengths. A proxy may parse this strictly while this application pa
An accumulator is updated by continually appending data (e.g., an iolist) inside a tuple stored in a struct field, but without tracking its size. This pattern can lead to an Allocation of Resources Without Limits or Throttling (CWE-770), such as in the Mint HTTP/2 CONTINUATION flood vulnerability (CVE-2026-49754). Ensure that a maximum size is explicitly tra
The `blk_discard` array used for processing UNMAP requests is accessed from a shared structure rather than a per-request structure. This creates a race condition during concurrent UNMAP commands, leading to data corruption and DoS. Move this state into a per-request structure such as `SRB_EXTENSION`.
Comparing a signed element count to an unsigned size limit (e.g., `SIZE_MAX / size`) without an explicit cast can cause improper type promotion or truncation. This allows malicious inputs to bypass integer overflow protection on certain architectures, leading to undersized memory allocations and subsequent out-of-bounds read/write accesses. Explicitly cast t
Validating paths mapped into a directory using `strings.HasPrefix` is prone to partial directory traversal if the directory path does not end with a separator. An attacker can construct a path that traverses out of the target directory into a sibling directory with a similar name (e.g., `target` and `target_malicious`). Use `filepath.Rel` and check for ".."
A bounds check on GIF dimensions (`GifFile->SWidth`) is improperly nested inside a conditional processing branch. If skipped frames bypass this conditional without another bounds check, they may trigger an out-of-bounds write via `DGifGetLine` because the row buffer size is typically `SWidth`. Ensure the bounds validation occurs before any branching that dec
A string buffer pointer is extracted via `SvPV` from a hash value fetched using `hv_fetch`. If this hash value is self-aliased with an SV that gets reallocated (e.g., via `SvGROW`), the cached pointer will point to freed memory, causing a use-after-free. Ensure you check for self-aliasing between the fetched SV and the target SV before caching the pointer.
Missing integer bounds checks before arithmetic on an externally read size and subsequent memory allocation. This could lead to integer overflow/underflow, resulting in an undersized allocation and a potential heap out-of-bounds write.
A stack buffer sized for MD5 or SHA-256 hex checksums (65 bytes) is written using an unbounded string operation. If the application encounters larger hashes like SHA-384 or SHA-512 (which require up to 129 bytes for their hex representation), a stack-based buffer overflow can occur. Increase the buffer size (e.g. to 64 * 2 + 1) and use bounds-checking string
The regular expression used to remove or sanitize CSV injection sequences lacks leading space character matching. Attackers can bypass this protection by prefixing their payloads with a space (e.g., ` =cmd|' /C calc'!A0`), exploiting the parser's loose spacing evaluation. Update the regex to consume leading spaces before checking for injection characters, su
The USB endpoint descriptor parsing logic extracts and validates the `wMaxPacketSize` limit only for high-speed bulk endpoints. Other types and speeds are left unvalidated, allowing maliciously crafted USB descriptors to exceed buffer size limits, resulting in memory corruption.
Dynamic method invocation on $this whose name is derived from a user-controlled HTTP method override ($_POST/$_REQUEST/$_GET) without an HTTP-verb whitelist (in_array against ['GET','POST','PUT','DELETE','PATCH', ...]). An attacker can set the override parameter to the name of any public method (e.g. __construct) and have it invoked with attacker-controlled
Stream '$STREAM' 'data' event handler calls '$REJECT(...)' to signal an error but does not call '$STREAM.destroy()'. Without destroying the stream, data continues to arrive and be buffered after the error condition is detected, causing unbounded memory growth and denial of service (DoS). Fix: call '$STREAM.destroy()' before '$REJECT(...)' to immediately halt
HTTP forwarding header (X-Forwarded-For or X-Real-IP) is read without first verifying that the connecting address belongs to a trusted proxy. Any client can set these headers to forge their apparent source IP. Before using these headers to determine the authoritative client IP, validate Request.RemoteAddr against a trusted-proxy CIDR allowlist (e.g., cidr.Co
HTTP URL path or query string data is formatted with the '%s' verb, which does not escape newline characters. An attacker can inject arbitrary log entries by embedding newlines (CRLF) in a crafted request URL. Use '%#v' or '%q' as the format verb, or sanitize the value with strconv.Quote() before including it in log output.
Use of Tendenci's UnicodeWriter for CSV export does not neutralize spreadsheet formula meta-characters (=, +, -, @, |) in cell values. User-controlled fields written this way can become executable formulas when the CSV is opened in Excel/LibreOffice/Google Sheets (CSV Formula / DDE Injection, CWE-1236). Replace UnicodeWriter with csv.DictWriter/csv.writer an
The TOTP (second-factor) verification branch invokes the TOTP verifier directly using a user_auth_id taken from the request without first validating a server-generated stage-1 token (e.g. a `totp_random` nonce stored by the password step). This allows an attacker who knows a username with TOTP enabled to skip the password stage entirely and brute-force the 6
LaTeX (latex/pdflatex/xelatex/lualatex) is being invoked with the `-shell-escape` flag. This flag enables LaTeX's `\write18{...}` and `\input{|"cmd"}` shell-execution primitives, which pass their arguments directly to /bin/sh. If the .tex document being compiled contains any untrusted input (e.g., HTTP request body, user-uploaded file, database field), this
User-controlled HTTP input from a PHP superglobal ($_GET/$_POST/$_REQUEST/$_COOKIE) flows into a shell-executing function (shell_exec, exec, system, passthru, popen, proc_open, or the backtick operator) without being sanitized through escapeshellarg() or escapeshellcmd(). An attacker can inject shell metacharacters (;, |, &&, `, $()) to execute arbitrary OS
Ad-hoc ORDER BY whitelist validation is gated behind array_key_exists() / isset() guards, so the check is silently skipped when the key is absent. Any downstream caller that bypasses the guard reaches the SQL ORDER BY use unvalidated, enabling SQL ORDER BY injection (CVE-2020-37237). Replace with a centralized validator such as process_sorting_params(), whic
A loop variable is passed to a recursive method expecting a reference. Because the loop variable is a copy (not iterated by reference, e.g., `&$V`), modifications made by the recursive call to its elements are lost relative to the original array. This can bypass sanitization, validation, or data transformations. Pass the original array element by reference u
ReDoS (Regular Expression Denial of Service): Using /^\s*/ or /\s*$/ in String.replace() can cause catastrophic backtracking when processing strings with many whitespace characters followed by a non-whitespace character (CVE-2021-3749). The \s* zero-or-more quantifier combined with start/end anchors forces the regex engine into O(N^2) backtracking on adversa
A wrapper function exposing child_process methods directly passes an unqualified command parameter without apparent path validation. If the executing environment runs in an untrusted directory, this can trigger an Untrusted Search Path vulnerability (CWE-426), where a local executable is hijacked. Ensure that commands are validated (e.g., checking for path t
A printf-family function (swprintf_s/swprintf/sprintf_s/sprintf/snprintf/_snwprintf_s) is called with the destination buffer passed both as the output and as its own %s source, followed by a single attacker-influenced argument (e.g. `swprintf_s(buf, L"%s /run {%s}", buf, user_input)`). This is an unbounded self-concatenation into a fixed-size buffer with ove
In a CSV report generator, a value derived from external/untrusted input (e.g. an HTTP redirect Location header) is appended to a CSV-row accumulator without being wrapped in double quotes and without neutralizing spreadsheet formula-trigger characters (=, +, -, @). When the resulting CSV is opened in a spreadsheet application, the injected content can break
A HomeAssistantView HTTP handler passes a URL-supplied path parameter to a downstream function without first normalizing it with homeassistant.util.sanitize_path. When the underlying function reads files from disk, '..' segments in the URL can escape the intended web root and disclose arbitrary files readable by the Home Assistant process (CVE-2021-47942, CW
jsonpickle decode()/Unpickler() is defined or invoked with safe=False, enabling the legacy py/repr deserialization path that calls eval() on attacker-controlled JSON content. A JSON payload like {"py/repr": "os/os.system('id')"} achieves remote code execution. Change the default to safe=True (patched behavior) or pass safe=True explicitly at call sites.
Untrusted $_FILES[*]['name'] flows into the destination path of move_uploaded_file() without an extension whitelist or rename to a server-generated name. An attacker can upload a .php (or other executable) file under a chosen name; if the destination directory is web-accessible and the engine executes PHP there, this is unrestricted file upload leading to re
Logging sensitive data (like tokens, passwords, or forms containing them) in plaintext can expose credentials to local attackers via log files.
Recursive directory traversal using `fs::read_dir` recurses into child entries without first checking whether the entry is a symbolic link (via `symlink_metadata` / `is_symlink`) and validating its target against an allowed filesystem scope. An attacker who can place a symlink inside an allowed directory can use it to escape the sandbox/scope and enumerate r
A shell command is constructed using format strings with unquoted variables, and then executed. This can lead to OS command injection if the variables are user-controlled filenames containing shell metacharacters. Ensure variables are adequately shell-quoted before formatting them into the command string.
When looking up trusted public keys, the expected connection identity must be used rather than the subject extracted directly from the presented certificate. Extracting the identity from the unverified certificate can allow an attacker to bypass authorization by presenting a different, trusted certificate. Pass the expected identity (e.g., `identification_t`
Found an incomplete prototype pollution mitigation blocklist. The array blocks '__proto__' but does not adequately block 'constructor' or 'prototype'. Blocking 'this.constructor.prototype' is ineffective because the attacker controls the payload keys. Ensure that 'constructor' or 'constructor.prototype' is explicitly blocked.
Use of `tempfile.mktemp()` followed by `open()` on the returned path is insecure (CWE-377 / CVE-2023-2800). `mktemp()` only predicts a filename without atomically creating the file, opening a TOCTOU race in which a local attacker can place a symlink at the predicted path before it is opened, leading to arbitrary file overwrite. Replace this pattern with `tem
Filename is concatenated directly into a Content-Disposition HTTP header value without escaping double-quotes (") or backslashes (\). If the filename contains attacker-controlled input, these characters allow breaking out of the quoted parameter value and injecting arbitrary header parameters, spoofing the file extension, or bypassing browser security prompt
Persisting RKE FullState (PKI CertificatesBundle, EncryptionConfig, RancherKubernetesEngineConfig) into a Kubernetes ConfigMap named "full-cluster-state" in kube-system exposes the cluster CA private key, etcd encryption-at-rest keys, and credentials to any principal with ConfigMap read access (e.g. the built-in `view` ClusterRole). This allows privilege esc
Constructing a URL using `fmt.Sprintf` with unescaped request components (like `URL.Path` or `Header.Get`) can lead to reflected XSS, open redirects, or path confusion if the resulting URL is rendered directly to a client. Use `net/url` and its `JoinPath` method instead to ensure proper encoding.
`require_literal_leading_dot` is set with platform-flipped values: `false` on Unix and/or `true` on Windows. Dotfiles (e.g. `.env`, `.ssh/config`) are conventionally hidden on Unix and should NOT be matched implicitly by glob wildcards such as `*` or `**`. The secure defaults are `true` on Unix and `false` on Windows. The flipped configuration allows wildcar
The CodeIgniter `db->order_by()` is being called with a value passed through `db->escape()`. `CI_DB::escape()` is a value-escaping helper that wraps strings in single quotes for SQL literal contexts; it does NOT sanitise SQL identifier contexts like ORDER BY. An attacker controlling the value (typically via a `sort` query parameter) can inject SQL fragments
Passing the result of $DB->escape() (a value escaper that wraps strings as SQL string literals) to $DB->order_by() does not sanitize SQL identifiers. When the argument is user-controlled, this allows ORDER BY SQL injection (commas, function calls, sub-selects, time-based payloads). Use an identifier-quoting/whitelisting helper such as quote_order_by() or res
Passing user-controlled input to CodeIgniter's $db->order_by() after only running it through $db->escape() does not sanitize SQL identifiers. escape() quotes string literals but does not constrain ORDER BY column tokens, allowing an attacker to inject arbitrary SQL (subqueries, CASE/IF expressions, UNION fragments, boolean payloads) into the ORDER BY clause.
The value passed to CodeIgniter's `$db->order_by(...)` is sanitized with `$db->escape(...)`, which only quotes string-literal values for use in WHERE clauses. It does NOT sanitize SQL identifiers or strip ORDER BY syntax (subqueries, CASE expressions, UNION ordering tricks, etc.). Attacker-controlled `sort` / `order_by` parameters can therefore inject SQL in
Path traversal vulnerability during archive extraction. The application utilizes GLib's GIO file APIs to create local files from an archive container (e.g., using minizip's unzReadCurrentFile) but fails to verify that the extracted file path resides within the intended bounds of the extraction sandbox directory. To prevent arbitrary file overwrites, always v
Constructing shell command strings dynamically with `g_strdup_printf` and passing them to execution or parsing mechanisms like `g_shell_parse_argv` or `g_spawn_command_line_sync` is vulnerable to argument injection. An attacker can supply a filename starting with a dash (`-`) that will be interpreted as a command option, leading to arbitrary code execution.
Constructing a shell command via string concatenation (strcat/strcpy) with non-literal variables and passing it to system() or popen() can lead to OS command injection. Apply proper quoting using snprintf (e.g., "%s") or use safer execution APIs avoiding the shell altogether.
XSRF/CSRF token is read from cookies and attached to request headers when `withCredentials` is true, without being restricted to same-origin requests. When `withCredentials: true` is used on a cross-origin request, the browser includes the target domain's cookies; this code reads the CSRF token from those cookies and forwards it as a request header, allowing
Unauthenticated OS command injection detected. Untrusted HTTP request parameters are directly passed into a command execution function without sanitization or authorization. Ensure user input is never piped into execution contexts or that the endpoint is appropriately protected.
The return value of a privilege-dropping function like setuid() or setgid() is ignored. If the system call fails (e.g., due to resource limits like RLIMIT_NPROC), the program may silently continue executing with unintended elevated privileges, leading to a local privilege escalation vulnerability. Always check the return value and handle failures appropriate
Unrolled processing of edge/padding elements (e.g., unconditionally acting on indices 0, 1 and W-1, W-2) without checking the bounds can lead to out-of-bounds memory accesses if input dimensions are smaller than the unrolled margin length. Ensure dimensions are correctly checked (`if (w >= MIN)`) or use bounded margin loops like `for (i = 0; i < MIN(w, 2); i
An off-by-one arithmetic condition where reading at index ($Y + $R) requires bounding $Y + 1 < $HEIGHT - $R to avoid an out-of-bounds read. Use strict checks when iterating over multidimensional boundary conditions.
Missing length check before `memcmp` and `memcpy` of the same buffer and length. This pattern can lead to an out-of-bounds read and heap buffer overflow if `$LEN` is attacker-controlled and exceeds the size of `$DEST`. Ensure `$LEN` is validated against the size of the destination buffer.
Missing length validation before `memcmp` and `memcpy` operations on a buffer can lead to out-of-bounds read and heap-based buffer overflows. Ensure that the length variable is properly validated against the destination buffer size (e.g., using `sizeof`) before comparing and copying data.
PHP MIME-type blocklist maps PHP variants (e.g., 'php7:*' => 'text/x-php') but omits 'php8:*' and/or 'php9:*'. Uploaded files with a .php8 / .php9 extension will not be reclassified as text/x-php and may bypass the PHP-handler blocklist, leading to Remote Code Execution on servers that execute these extensions as PHP (CVE-2023-52044, CWE-434).
Constructing file paths by concatenating untested strings (e.g., via `g_string_append_printf`) without validating that the path is safely bounded by an intended directory can lead to path traversal and arbitrary file write vulnerabilities. Validate untrusted inputs and ensure that `g_file_get_relative_path()` is used to verify the resulting path does not esc
Extracting untrusted CPIO archives using the `cpio` command-line utility can lead to arbitrary file writes outside the extraction path, as `cpio` unsafely follows stored symlinks by default. Connecting the 'application/x-cpio' MIME type to `cpio` handlers exposes the application to path traversal. Use a safer extraction library or utility (e.g., Unarchiver).
Extracting zip files with minizip without validating the extracted paths can lead to a Zip Slip vulnerability. An attacker can use directory traversal sequences (e.g., `../`) to overwrite arbitrary files on the filesystem. Ensure that paths are validated by checking that the extracted file's canonical or absolute path strictly resides within the intended bas
Changing file permissions during cleanup operations without passing `follow_symlinks=False` can lead to unintended modifications of files targeted by attacker-created symlinks. When handling temporary directories or un-trusted file trees, following symlinks is a security risk (CWE-59).
Missing validation or defaulting of HPA scaling behaviors can lead to a nil pointer dereference.
The uploadFile() method declares a rename/sanitize flag parameter (e.g., $renameFile) that defaults to false. Callers that don't explicitly pass true will keep the attacker-controlled client filename verbatim, including dangerous extensions like .php. This enables Unrestricted File Upload (CWE-434) leading to RCE when files land under a web-served directory.
Anonymous-access allowlist gated by `endswith()` on a raw HTTP path is vulnerable to suffix spoofing (CVE-2024-10081, CWE-288 / CWE-420): an attacker can craft a URL whose raw path ends with one of the allowlisted tokens (e.g. '/Authentication') while the request is dispatched by the router to a different, privileged endpoint, yielding an authentication bypa
Quoter / escape function accumulates a buffer length by iterating over ZSTR_LEN($STR) and then passes the result to zend_string_alloc() without validating it against ZSTR_MAX_LEN. On 32-bit platforms a long attacker-controlled input can overflow the size_t length accumulator (or exceed ZSTR_MAX_LEN), producing an undersized allocation and a subsequent out-of
`torch.load()` is called without `weights_only=True`. By default (in torch < 2.6), `torch.load` uses Python's `pickle` deserializer, which executes arbitrary code embedded in the input file during deserialization. If the loaded file path is attacker-influenced or comes from an untrusted source, this leads to remote code execution (CVE-2024-11392, CWE-502: De
`pickle.load()` / `pickle.loads()` in a checkpoint-conversion script deserializes a user-supplied path without a `TRUST_REMOTE_CODE` environment-variable opt-in guard. Python's pickle protocol can execute arbitrary code embedded via `__reduce__` during deserialization, so loading an attacker-controlled checkpoint, metadata file, or weight bundle enables remo
`pickle.load()` is invoked on a checkpoint file inside a HuggingFace Transformers model-conversion script without first verifying the `TRUST_REMOTE_CODE` environment variable. Python pickle deserialization executes arbitrary code embedded in the input via `__reduce__`, so unpickling attacker-controllable checkpoint files (e.g. `model_args.pkl`, `.metadata`)
Iterating over ZIP entries without validating that the constructed destination paths fall within the target extraction directory can lead to a Zip Slip (Path Traversal) vulnerability. Malicious archives with embedded directory traversal characters (e.g., `../`) might cause files to be written outside the intended target. Validate the extracted path by checki
Extraction of ZIP entries without validating that the extracted path stays within the intended directory can lead to path traversal (Zip Slip). Verify the path using `QFileInfo(...).absoluteFilePath().startsWith(...)` or a similar check.
The result of picklescan's scan_file_path() is checked only via .infected_files. A crafted pickle file that triggers picklescan's InvalidMagicError sets scan_result.scan_err but leaves infected_files at 0, so this guard passes and any subsequent pickle-based deserialization (e.g., torch.load) executes attacker-controlled code (CWE-502 / CVE-2024-12029). The
Potential Regular Expression Denial of Service (ReDoS): the regex passed to a `re` module function contains nested quantifiers of the form `(?:...(?:...)+...)*` or `(?:...(?:...)+...)+`. The regex engine explores exponentially many backtracking paths when crafted input partially matches the prefix but fails the suffix, causing unbounded CPU usage and Denial
This is a placeholder rule. The underlying vulnerability is a project-specific business logic bug (improper logical classification/grouping of scan results) which cannot be abstracted into a general code pattern safely.
A parameter-list serializer (toString(int, boolean)) returns a bare numeric value (Integer.toString / Long.toString / Short.toString / Float.toString / Double.toString / Number.toString) without wrapping it in quotes, parentheses, or an explicit type cast. In simple-query mode (preferQueryMode=simple) this lets a literal '-' in the SQL template fuse with a n
A file opened for pickle.load() is located via os.path.join(). os.path.join does not enforce containment under a trusted base directory: a relative '..' traversal segment escapes the base, and an absolute POSIX path or Windows UNC path supplied as a later component silently replaces the base entirely. If any component of the joined path is attacker-controlle
Overwriting object properties during object iteration without validating the key can lead to prototype pollution.
Validation of URLs or paths using standard `regexp` sequential allow/deny lists is prone to logic errors and bypasses (e.g., SSRF or LFI). Standard Go regular expressions lack powerful exclusion features like negative lookaheads, making it easy to introduce logical flaws when attempting to filter malicious payloads. Consider using proper URL parsers or a reg
The key `$K` is extracted from an array and checked against restricted properties (e.g., `__proto__`) using strict equality (`===`) without prior string coercion. An attacker can bypass this check by providing a nested array (e.g., `['__proto__']`). During property access (`$O[$K]`), implicit string coercion turns the array into the restricted key, leading t
The application implements a blocklist for URL protocols but fails to include `view-source`. An attacker can bypass the `file://` blocklist by prefixing the URL with `view-source:`, leading to Server-Side Request Forgery or arbitrary local file read (CVE-2024-21549). Include `'view-source'` in the unsupported protocols list.
eval()/exec() is called with a fake "__builtins__": {} sandbox in globals. This is a well-known broken sandbox: any module exposed in the same globals dict (e.g. `math`) lets an attacker reach `module.__spec__.__init__.__builtins__` and recover `__import__`, enabling arbitrary code execution. Replace with a proper sandboxed evaluator (e.g. simpleeval/Restric
A raw HTTP request parameter (via $request.get / $request.getParameter) is interpolated directly into XWiki wiki syntax such as a wiki link "[[ ... >> ... ]]" or a macro body, without escaping. Attacker-controlled input can break out of the wiki link/macro and inject arbitrary wiki macros (e.g. {{html}}, {{groovy}}, {{async}}) which are evaluated server side
Discord command handler interpolates user-controlled `$ARG` into a shell command string and executes it with `subprocess.*(..., shell=True)` without first calling `CommandInjection.sanitizeInput($ARG)`. Any user able to invoke this command can inject shell metacharacters (`;`, `&&`, `|`, backticks, `$()`) and execute arbitrary OS commands on the bot host (CV
Detected an incomplete escaping mechanism for Windows cmd.exe. Replacing double quotes with '""' or constructing an invocation like `/c "{args}"` using an f-string is vulnerable to command injection. Double quotes do not prevent the expansion of environment variables like `%VAR%` under cmd.exe, allowing attackers to execute arbitrary shell commands. Ensure `
Setting Protobuf string values directly from raw network buffers or casted byte arrays without UTF-8 sanitization can lead to serialization failures or gRPC bypasses, such as CVE-2024-23324. Always sanitize potentially non-UTF-8 strings using `MessageUtil::sanitizeUtf8String` before assigning them to protobuf string fields.
Generic input validation relies on naive string prefix matching (`pg_strncasecmp`) instead of full syntax parsing or safe structural validation. Malicious inputs containing a valid prefix but followed by injected SQL fragments can bypass the string checks and execute unauthorized logic.
Validation of function calls (e.g., `FuncCall`) only checks the top-level function name without traversing the abstract syntax tree for nested function calls. This allows attackers to smuggle malicious code inside arguments or nested functions. Ensure you traverse the entire expression using a tree walker (e.g., `raw_expression_tree_walker`) to validate all
Overly broad vulnerability resolution due to grouping by scanner without report_type isolation.
JSON strings often contain unescaped HTML characters ('<', '>'). Direct injection of JSON.stringify() output into realistically interpreted contexts via `dangerouslySetInnerHTML` can result in Cross-Site Scripting (XSS). An attacker who can control the shape or content of the data being serialized can break out of arbitrary tags (such as <script>) and execut
This `post_user` handler accepts a `UserRequest` (which carries a caller-supplied `role`) but takes no `initiator_id` parameter and performs no Root/Admin authorization check on the caller. Any authenticated user can therefore create an account with elevated privileges (e.g. `UserRole::Root`), enabling vertical privilege escalation (CVE-2024-24830). Fix: add
A URL is being generated in a function related to authentication, invitations, or password tokens without first explicitly setting a trusted host in the router context. This could lead to Host Header Injection. If this URL is sent to a user out-of-band (e.g., via email), an attacker could provide a malicious Host header and spoof the domain, leading to phish
Calling BeautifulSoup output serialization methods with `formatter=None` completely disables HTML entity escaping. This behavior unescapes explicitly escaped HTML entities (e.g., replacing `<` with `<`), which can render safe input strings originating from untrusted users into executable HTML tags, leading to Cross-Site Scripting (XSS) and HTML Injection.
Inadequate minimum bounds check on `$LEN`. The variable is allowed to reach a value that causes an integer underflow when `$SUB` is subtracted in the loop condition, potentially leading to out-of-bounds memory access.
A path returned by SafePath() is consumed by a path-based os.* / syscall operation. The validator resolves symlinks once (e.g. via filepath.EvalSymlinks) but the subsequent syscall re-resolves every component, creating a TOCTOU window an attacker can exploit by swapping a symlink between check and use to escape a sandbox root (CVE-2024-27102). Use an atomic
Dictionary keys are directly passed to query object constructors without validation. This can lead to SQL injection or authorization bypass if attackers can supply arbitrary functions as keys.
Checking if a float is negative using `$ARG < 0` after converting it to a string can fail for the value `-0.0`. In Go, `-0.0 < 0` evaluates to false, but `strconv.FormatFloat` outputs `"-0"`. If you are conditionally wrapping or escaping negative numbers to prevent injection (e.g., SQL's `--` comment), an attacker can supply `-0.0` to bypass the check and in
The struct field `memoryImport` is not cleaned up before the module is freed. This can lead to a memory leak and ultimately a Denial of Service via memory exhaustion. Ensure `FreeImportInfo` is called on `memoryImport` before freeing the parent structure.
The `__array__` magic method was unconditionally defined on Netref objects. This allows an attacker-controlled network response to trigger arbitrary code execution via `pickle.loads()` when `numpy.array()` or property accesses query the object locally.
The application instantiates an XML TransformerFactory without enabling XMLConstants.FEATURE_SECURE_PROCESSING. This unsafe default configuration allows the execution of arbitrary Java extension functions embedded within XSL stylesheets, leading to Remote Code Execution (RCE). Ensure that FEATURE_SECURE_PROCESSING is set to true.
Using `jinja2.Environment` without restrictions to render dynamically provided templates allows for Server-Side Template Injection (SSTI). An attacker can execute arbitrary OS commands by abusing the unrestrained environment. Keep data and templates separate or switch to `jinja2.sandbox.SandboxedEnvironment` if dynamic template inputs are strictly required.
A cookie is set via `res.cookie` without specifying the `sameSite` attribute. Without `sameSite` correctly configured to 'lax' or 'strict', the cookie will be sent in third-party contexts, exposing the application to Cross-Site Request Forgery (CSRF). Always supply an options object configuring `{ sameSite: 'lax' }` or stricter, along with 'httpOnly' where a
A container configuration is generated via `Substitute()` without segregating non-substituted secrets. This allows "no commands" restricted secrets to be substituted into insensitive configuration fields and bypass log masking. The fix requires segregating secrets that do not allow substitution and injecting them only after substitution.
Appending directly to a slice parameter might modify its underlying array in-place if capacity > length. In a concurrent context, this causes data races and memory corruption (e.g., cryptographic keys). Allocate a new slice using `make`, then copy or append the parameter's contents into it.
An overly strict path traversal check using `realpath()` throws an exception or fails when `realpath()` returns false. `realpath()` returns false for non-existent paths, which causes valid nested archives or uncreated directory structures to falsely trigger path traversal errors. This can lead to Denial of Service (DoS) during archive extraction or file oper
A potentially global class grants read access to project-scoped roles. This may cause an Improper Access Control vulnerability where any project admin can read all globally registered entities (such as users).
Extracting zip files using minizip without validating the paths of the extracted entries can lead to Zip Slip (directory traversal) vulnerabilities. Attackers can embed `../` in filenames to extract files outside the intended directory. Validate the paths using `.absoluteFilePath().startsWith()` or similar mechanisms.
A custom iteration over `Object.keys()` is used to access or assign to another object without explicitly filtering out dangerous keys like `__proto__`, `constructor`, or `prototype`. This pattern is typically found in vulnerable merge routines and can lead to Prototype Pollution.
Untrusted input read from $_SERVER['argv'] is passed to a shell-invoking function without integer casting, intval(), or shell-argument escaping. When PHP's register_argc_argv directive is On (the default in many environments, including the official PHP Docker image), URL query-string tokens populate $_SERVER['argv'] for HTTP-served scripts, so an unauthentic
User-controlled superglobal (e.g. $_POST, $_GET, $_REQUEST, $_COOKIE) is concatenated directly into a shell command passed to exec()/shell_exec()/ system()/passthru()/popen()/proc_open(). An attacker can break out of any surrounding single/double quotes and inject arbitrary shell commands. Wrap the value with escapeshellarg() (or an equivalent helper that si
The application mounts a `StaticFiles` directory without applying Content-Security-Policy (CSP) headers. If this directory serves user-uploaded files, an attacker could upload and execute malicious scripts (e.g., via embedded JavaScript in SVG files), leading to Stored Cross-Site Scripting (XSS). Wrap the `StaticFiles` application in a middleware that adds a
path.join() is invoked with a user-controlled filename interpolated directly into a template literal segment without being normalized (e.g., wrapped in normalizePath(), path.basename(), or path.normalize()). When the filename originates from user input (HTTP body, multer originalname, persisted settings such as logo_filename / pfpFilename), it may contain '.
Unsanitized user input from `router.query` or `useSearchParams()` is passed directly to `router.push()` or `router.replace()`. This can lead to Open Redirect or Cross-Site Scripting (XSS) if a `javascript:` URI is provided. Sanitize the URL before redirecting, for example using `@braintree/sanitize-url`.
Extracting or parsing user input before performing critical application state/authorization checks. If the parser throws an exception on malformed data, it bypasses the conditional check and enters the catch block. If the error handler contains sensitive state alterations or destructive fallbacks, an attacker could achieve denial of service or privilege esca
Use of unencrypted HTTP protocol for network requests exposes traffic to Man-in-the-Middle (MITM) attacks. Use HTTPS to encrypt the transport channel.
Explicitly ignoring specific errors (e.g., cycle detection) in a loop reading structured results can lead to unsafe defaults, such as authorization bypasses if a denying clause is silently dropped.
The `strcpy` function copies strings without checking the size of the destination buffer, leading to buffer overflow vulnerabilities (CWE-120). Replace `strcpy` with a bounded string copy such as `strncpy` (ensure manual null-termination), `strlcpy`, or `snprintf`.
The XWiki rendering verbatim block ({{{ ... }}}) wraps feed output that may contain user-controlled data. Because verbatim only escapes wiki parsing, an attacker who can influence the wrapped content (e.g. via a feed title/description filled from a request parameter) can inject a literal "}}}" to terminate the verbatim block early and then have arbitrary mac
The application code imports `commons-collections` (version 3.x) classes. This legacy version contains known gadget chains that facilitate insecure deserialization attacks (e.g., via JMX/RMI). Even if the direct use of the library in your code module is benign, its presence in the classpath enables an attacker to achieve unauthenticated remote code execution
Custom shell escaping logic prefixes metacharacters with an escape character but does not use quotes for specific characters like newlines. This can lead to OS command execution when evaluate by a shell. Use appropriate quoting mechanisms for newlines instead of raw escape prefixing.
Masa CMS / Mura CMS configBean sets enableDynamicContent, enableMuraTag, or sharableRemoteSessions to true by default. With these flags enabled, the setDynamicContent renderer treats user input containing [m]...[/m] (or [mura]/[sava]) tags as live CFML and passes the inner expression to evaluate(), enabling pre-authentication remote code execution (CVE-2024-
Use of jinja2.Environment (non-sandboxed) to render a template via `.from_string(...).render()` allows Server-Side Template Injection (SSTI) leading to Remote Code Execution when the template string is user-controlled. Jinja2 expressions in a non-sandboxed Environment can traverse Python attributes (e.g. `__init__.__globals__.__builtins__`) and import arbitr
Java Management Extensions (JMX) is configured with authentication disabled (`com.sun.management.jmxremote.authenticate=false`). This allows any user who can connect to the JMX port (even locally) to execute arbitrary code by remotely loading an MBean. Remove this configuration or set it to 'true' and ensure proper authentication.
Detected a loop traversing object properties using user-controlled deep assignments without prototype pollution protections. Using `obj[key] ?? fallback` allows traversing out into `Object.prototype`, which can enable attackers to blindly pollute the global object. Use `Object.hasOwn(obj, key)` before accessing or assigning nested arbitrary properties.
Numeric parameter value is inlined into a SQL fragment as a bare, unquoted string via Short/Integer/Long/Float/Double.toString(...) inside a JDBC ParameterList#toString(int index, boolean standardConformingStrings) formatter. When this string is substituted into a SQL template that may apply unary minus immediately before the placeholder (e.g. "WHERE x = -?"
The application uses `os.path.commonpath` to verify if a path is within a designated directory, but the path is not normalized. `commonpath` evaluates path components lexically, meaning `../` traversal segments are not resolved. An attacker can bypass the directory restriction by providing a path like `/static/../etc/passwd`. Normalize paths using `os.path.n
The MalfeasanceProof_MalfeasanceType enum does not define MALFEASANCE_INCORRECT_PREV_ATX. This can cause the node to fail in categorizing and properly penalizing actors who publish an incorrect previous ATX.
A Time-Of-Check to Time-Of-Use (TOCTOU) vulnerability exists when a file is created using the built-in `open()` and its permissions are subsequently altered using `chmod`. An attacker can read or modify the file in the small window between creation and the permission change. Securely create the file with the correct permissions atomically by using `os.fdopen
Sanitizing a fully rendered view bypasses the sanitization process for dynamic variables. Blade templates automatically HTML-encode variables (e.g. converting `<script>` to `<script>`). Consequently, passing the rendered view to functions like `strip_tags` or `stripDangerousTags` will fail to remove these encoded, malicious tags. If the view output is
Unbounded user-controlled data is used directly as a loop counter via `.times`. This can lead to a persistent Denial of Service (DoS) vulnerability by executing a block an exceptionally large number of times and exhausting critical resources (CPU, worker threads). Enforce an upper bound limit on external inputs before using them in iterators.
Potential double-free (CWE-415): $F->buf[0] was previously assigned via av_buffer_create(...) with a custom release callback that owns resources such as the MppFrame / AVDRMFrameDescriptor / decoder ref. The subsequent assignment $F->hw_frames_ctx = av_buffer_ref(...) checks for NULL and on failure jumps to a manual cleanup label via 'goto'. The manual clean
Exposing `<script>` tags in an HTML sanitizer's whitelist (e.g., `xss` package) allows potential Cross-Site Scripting (XSS). Even with custom attribute checks, attackers can often bypass them by omitting attributes or supplying malformed ones. Remove `script` from the whitelist completely.
Constructing executable strings from abstract syntax tree (AST) components and passing them to an evaluation function can lead to arbitrary code execution. Avoid dynamically evaluating unescaped or malicious AST data. Instead, process AST operations natively in the language or use a safe static interpreter.
A boundary check on a max size or limit configuration uses strict equality (`== 0`) to apply a default value. This validation fails to account for negative configuration values. When negative sizes bypass initialization and are passed to parsing or decompression libraries, it can bypass their internal zero-value checks and lead to unrestricted memory allocat
An authorized project is loaded via `getProject()`, but the application uses the untrusted `project_id` from the request payload to perform sensitive operations. This leads to an Insecure Direct Object Reference (IDOR) where an attacker can act on other projects. Pass the ID of the strictly authorized project (e.g., `$project['id']`) instead.
Authorization decision for included/displayed content is gated by an equality comparison between the included document's content author and the current author (Objects.equals(getContentAuthorReference(), getCurrentAuthorReference())). This pattern only switches the author execution context when authors differ, so any document edited by a user that is include
The session store Get method reads a session identifier from a client-controlled source (via getSessionID) and uses it as the key for a newly generated session without resetting the ID when Storage.Get returns no matching data. This honours attacker-supplied session identifiers and enables session fixation (CWE-384, CVE-2024-38513). When the storage lookup y
A file extension variable is interpolated into a path string directly after os.path.splitext, which may allow path traversal or dropping arbitrary extensions if the extension originates from untrusted metadata. Ensure the extension is validated or sanitized before use.
`for...in` loop is guarded only by an own-property check (`hasProp`/`hasOwnProperty`) without filtering the dangerous keys `__proto__` and `constructor`. When the loop body forwards `prop` into a recursive merge or assignment on another object (a common pattern in `mixin`/`extend`/`configure` helpers), an attacker who can supply the iterated object via `JSON
Recursive deep-merge iterates source-object keys with `for...in` and assigns to `base[key]` by recursing into `base[key]` itself (`base[key] = merge(base[key], value)`) without filtering the dangerous keys `__proto__`, `constructor`, or `prototype`. If any source object is derived from attacker-controlled input (e.g., JSON.parse of a request body), reading `
Bypassing webhook authorization checks by returning early when a Kubernetes object has no OwnerReferences can allow attackers to hijack unmanaged resources. Ensure that proper authorization checks (such as tenant or ownership verification) are performed even for objects without OwnerReferences, instead of allowing requests unconditionally.
Validating path traversal using `startswith()` on normalized or absolute paths is vulnerable to prefix matching bypasses (CWE-22). An attacker can request a path that shares the same string prefix but is a sibling directory. For example, '/foo-malicious' trivially starts with '/foo'. Instead, use `pathlib.Path.is_relative_to()` (Python 3.9+) or verify that `
Calling `URI.open` with a user-controlled string variable can result in arbitrary OS command execution if the string begins with a pipe character (`|`). To safely fetch URLs, parse the string into a URI object first using `URI(url).open` or `URI.parse(url).open`.
Enabling the shared holotree feature in Robocorp RCC (via `holotree shared --enable`) configures Python environments with overly permissive access rights. This enables unprivileged local users to edit the environment files, potentially leading to local privilege escalation if the environment is later accessed or executed by a higher-privileged user or system
execSync/exec is being called with a template literal that contains interpolated expressions. Because exec/execSync run the command through a shell (/bin/sh), any shell metacharacter present in the interpolated value (quotes, backticks, $(), ;, &&, |) will be parsed by the shell and can lead to OS command injection. Use spawnSync/spawn with an argv array ins
Using `addslashes()` directly on user input (e.g., `$_POST`, `$_GET`) is insufficient for preventing Cross-Site Scripting (XSS) and modern injection attacks. It fails to HTML-encode special characters like `<` and `>`. Use `htmlspecialchars` for HTML context, or strong parameterized methods for data storage.
A structure length field is used in a write() operation alongside its expected data buffer without checking if the length is bounded by the buffer's true size. Doing so allows an attacker to control the struct fields and write out-of-bounds stack memory, causing a buffer overflow (CWE-120/CWE-121). Verify that the length field is checked against the maximum
The return value of coap_msg_get_payload() is passed directly to memcpy() as the source pointer without a NULL check inside the CoAP client Block2 blockwise exchange handler. coap_msg_get_payload() can return NULL (e.g., for a CoAP response with no payload bytes), and passing NULL as memcpy's source argument is undefined behavior and can crash the client pro
Binary HTTP request components (method, scheme, authority, path) are decoded from a byte buffer directly to Strings without pre-validation. This allows attackers to inject arbitrary malicious characters (e.g., CRLF, whitespace), bypassing downstream checks and making the application susceptible to HTTP Request Smuggling, Desync attacks, and Server-Side Reque
An *http.Request body read/forward is gated only on `ContentLength > 0`, without also accepting chunked Transfer-Encoding. RFC 7230 specifies that Content-Length is ignored when Transfer-Encoding: chunked is set, and Go's net/http reports `r.ContentLength == -1` for chunked requests. A client can therefore smuggle a body past this gate by sending a chunked r
Directly interpolating GitHub Action expressions (`${{ ... }}`) into `actions/github-script` is vulnerable to code injection. Instead, map untrusted data into environment variables (`env:`) and reference it via `process.env.*` in the script.
Bounds checking uses `>` instead of `>=` against width/height dimensions. This allows an off-by-one out-of-bounds access if the value equals the dimension size. Fix by using inclusive `>=` conditional bounds checking.
Unsanitized user input or session data is used in `putenv()`. Modifying environment variables with untrusted input can lead to OS command injection or environment manipulation (e.g., CWE-78, CWE-74) if these variables are later evaluated implicitly by shell scripts, subprocesses, or dynamic linkers. Validate the input against a strict allowlist or sanitize i
Markdown-it is configured to override the `html_inline` renderer rule, but `html_block` is not being overridden. If `html_inline` is used to sanitize or filter XSS, failing to also sanitize `html_block` leaves the application vulnerable to XSS via block-level HTML tags (e.g., `<script>`, `<div>` with event handlers). Ensure `html_block` is sanitized alongsid
Direct interpolation of an unescaped value into an HTML string literal can lead to Cross-Site Scripting (XSS). Always use proper HTML escaping or dedicated templating engines.
A DataSet filter is dynamically built using string concatenation or interpolation, and passed to `getData()` without SQL parameters. This leads to SQL Injection. Use parameterized queries by populating a `$params` array and passing it as the third argument to `getData()`.
Blindly passing all client-provided SSH environment variables into a process environment can allow an attacker to control execution via variables like LD_PRELOAD. Sanitize or allowlist environment variables before passing them to subprocesses.
Invoking `ldd` on untrusted ELF files can lead to arbitrary code execution. Because `ldd` invokes the dynamic linker against the parsed binary, malicious files (e.g., payloads with a custom `.interp` section) will be executed locally by the OS. Use static analysis tooling (such as `readelf`, `objdump`, or Ruby libraries like `elftools` and `patchelf`) to par
Using '\0', '\x00', or '\\0' as a range end in etcd operations creates an "open at the top" range. In a shared/multi-tenant environment, this grants access to or fetches all keys lexicographically greater than or equal to the base key, leading to arbitrary data traversal or cross-tenant privilege escalation. Restrict operations using `clientv3.GetPrefixRange
A Velocity variable is interpolated directly into an XWiki view-file/office/attach rendering syntax call (e.g. {{pdfviewer file="$x" /}}, {{office reference="attach:$x" /}} or [[attach:$x]]) without being passed through $services.rendering.escape($value, $xwiki.currentContentSyntaxId). When the variable holds a user-controlled value (e.g. a macro parameter f
FastAPI route handler invokes a Python code-execution primitive (validate_code / exec / eval / compile / importlib.import_module) on request-derived input without an explicit authentication dependency. This exposes a remote code execution primitive to unauthenticated network callers (see CVE-2024-42835). Require authentication via dependencies=[Depends(get_c
Path segments are sanitized to remove illegal characters after bypassing the `..` directory traversal check. An attacker can supply obfuscated traversals (e.g., `.".` or `.>.`) which bypass the `..` check and are subsequently stripped into `..`. This permits directory traversal escapes out of a restricted folder. Perform character filtering on the complete p
A buffer pointer is advanced using the return value of `sprintf` or directly appended without bounds checking. This can lead to a stack or heap buffer overflow. Ensure that the remaining buffer limit is explicitly checked before appending.
Validating translation files solely with `msgfmt` may not protect against language-specific vulnerabilities such as malicious format string interpolations, missing placeholders, or XSS payloads. Ensure additional translations content validation is performed before rendering strings in the application backend.
The HTML sanitizer configuration allows `id` or `name` attributes. This can lead to DOM Clobbering vulnerabilities where an attacker can inject elements with malicious `id` or `name` attributes to override global variables or properties of the DOM tree. Avoid universally allowing `id` and `name` in sanitizers. If needed, apply them conditionally or ensure th
File-write endpoint takes a path from $_POST/$_GET/$_REQUEST and uses it as a filesystem path argument (updateFile/file_put_contents/fopen/file/ move_uploaded_file/rename/copy) without an authentication gate (no include of authenticate.php) and without normalizing the path (no realpath/basename checks or rejection of ".."). This is the unauthenticated arbitr
The legacy tl_templates component is vulnerable to insecure deserialization (CWE-502) and has been removed in patched versions of Contao.
XML Signature Wrapping (CVE-2024-45409): SAML signature validation uses a document-root-relative XPath ("//ds:...") to locate ds:Reference, ds:CanonicalizationMethod, ds:DigestMethod, ds:DigestValue, or ds:Transforms/ds:Transform. Because these queries traverse the entire document instead of the already-authenticated SignedInfo/Reference subtree, an attacker
A sandbox context bypass was identified. The template engine does not verify the sandbox security constraints of the loaded template immediately before rendering. This can allow an attacker to bypass the sandbox checks using preloaded, non-sandboxed templates. Ensure `$LOADED->unwrap()->checkSecurity();` is executed right before `$LOADED->render()`.
Variables passed into a translation string and subsequently rendered with the `|raw` filter bypass automatic HTML escaping. This can lead to Cross-Site Scripting (XSS) if the variables are user-controlled and not explicitly escaped. Apply `|escape` or `|e` to variables injected into translations that are piped to `raw`.
The `enforce_permission_to` authorization check is incorrectly parameterized with `:document` rather than `:collaborative_text`. This mismatch causes the Decidim authorization framework to bypass intended access control constraints for collaborative texts. Change the subject from `:document` to `:collaborative_text`.
Call to StringUtils_createStringFromBufferInBuffer() copies `size` bytes into a fixed-size destination buffer via an unchecked memcpy plus NUL terminator. When `size` is derived from an untrusted source (for example an MMS / BER TLV length field from a peer), this leads to a stack/heap buffer overflow (CVE-2024-45971, CWE-120). Use StringUtils_createStringFr
Loop iterates a NULL-terminated pointer array using a signed `int` counter (`for (i = 0; arr[i]; i++)`) inside string_rebuild_split_string (and similar split-string consumers). If the array contains more than INT_MAX elements, the counter overflows to INT_MIN and `arr[i]` then reads memory before the array, causing out-of-bounds access and potential heap cor
An integer truncation occurs when a 64-bit array element is assigned to a 32-bit integer. When this truncated value is subsequently used in a function call (such as a memory allocation size), it can result in allocating an undersized buffer, leading to an overflow. Ensure the variable is of an adequate type (e.g., `uint64_t`) and implement bounds checking on
Kernel#eval is invoked with a non-literal value pulled from a variable or collection. If the argument is influenced by configuration, plugins, database/cache contents, or any other writable source, this is a Ruby code-injection sink (CWE-95) leading to RCE. Store callbacks as Proc/Lambda objects and invoke them via `.call` (or `&:call`) instead of eval'ing s
A function accepting an array by reference recursively calls itself using a by-value copy of an element from a `foreach` loop. Modifications made by the recursive call overwrite the local copy rather than the original array, meaning sanitizations and validations are bypassed for nested items. To fix this, pass the explicit array index reference (e.g., `$ARR[
An IPP attribute response is being returned without being validated by `ippValidateAttributes()`. A malicious IPP server can provide crafted unvalidated IPP attributes, which when fed into downstream CUPS components can lead to arbitrary command execution or configuration manipulation. Ensure `ippValidateAttributes()` is called on the response object before
Use of Python's built-in eval() to deserialize data from a CLI-supplied configuration file or an HTTP response. eval() executes arbitrary Python expressions, so any attacker who can influence the file contents or the network response can achieve arbitrary code execution. Use ast.literal_eval() (for Python literals) or json.loads() (for JSON) instead.
Unquoted HTML attributes relying on ASP.NET Razor interpolation (e.g., attr=@Value) are vulnerable to Cross-Site Scripting (XSS). ASP.NET's default HTML encoding securely escapes quotes but does not escape spaces. If user-controlled input can contain a space, an attacker can break out of the attribute context and inject arbitrary HTML attributes such as even
Unescaped return value in TablePager::formatValue. This method expects raw HTML, so passing user-controlled data directly without escaping leads to Cross-Site Scripting (XSS). Use htmlspecialchars() or MediaWiki's Html::element() to safely escape data before returning.
Directly using untrusted input from parameters to set the Content-Type header allows an attacker to spoof the response type (e.g., forcing it to text/html). Combined with reflected user input, this leads to Cross-Site Scripting (XSS). Verify and sanitize the Content-Type value against a safe allowlist, or use defined server-side constants.
Constructing a JDBC URI dynamically by passing unsanitized input as the Schema Specific Part (SSP) can lead to parameter injection. Attackers can embed query parameters (e.g., '?enable_load_extension=true' for SQLite) to alter database connection behavior or potentially execute arbitrary code. Ensure user input does not contain '?' characters, or append expl
This FastAPI route handler calls validate_code() — a helper that parses user-supplied Python and invokes exec()/compile() on ast.FunctionDef nodes — but the route decorator does not declare an authentication dependency. Because Python evaluates decorators and default-argument expressions at function-definition time, exec() on a FunctionDef immediately runs a
A file path derived from a $_POST template parameter ('tpl' or 'template') flows into plxUtils::write() without being validated against an allowlist of permitted template files (e.g. in_array($tpl, $aTemplates)) and without basename() stripping. An authenticated admin can supply a path-traversal payload such as '../../index.php' to overwrite arbitrary files
A callsign value passed through xss_clean() (or $this->security->xss_clean()) flows into the first argument of $this->db->query() that is built by string concatenation. xss_clean() is an HTML/JS sanitizer and performs no SQL escaping or type coercion, so the value remains a SQL injection sink (CWE-89, CVE-2024-48253 – Cloudlog OQRS). Use CodeIgniter's parame
Two or more user-controlled values that were "cleaned" only with $this->security->xss_clean() are concatenated into a raw SQL string and executed via the single-argument form $this->db->query($sql). xss_clean() strips HTML/JS but does NOT escape SQL metacharacters, so the values remain attacker-controlled inside the WHERE/VALUES clause. Use parameter binding
A SQL LIMIT clause is being constructed by concatenating or interpolating a variable directly into the query string without integer coercion (intval, (int), max/min clamp, sprintf %d). If the variable is derived from user input, this enables SQL injection because parameter bindings passed to the query function do not cover raw appended text. Coerce the value
The app dynamically loads code from another package using `createPackageContext` with `CONTEXT_IGNORE_SECURITY` without checking if the target package is a verified system application. This allows local privilege escalation via package squatting, enabling untrusted code execution. Verify the package against `ApplicationInfo.FLAG_SYSTEM` or properly check its
Executing a subprocess with a relative path (e.g., 'cp', 'iptables') rather than an absolute path makes the application vulnerable to Untrusted Search Path (CWE-426) attacks. If the application is run from a directory controlled by an attacker, or if the PATH environment variable is manipulated, an attacker can execute arbitrary binaries, potentially leading
Administrator password is hardcoded to a well-known weak/default value in a PHP configuration file shipped with the legacy 'Adult Video Script' (AVSCMS) application. Shipping a default credential (e.g., 'admin'/'admin') in version control allows any unauthenticated attacker who can reach the admin login endpoint to gain full administrative access to any depl
View function reads JSON from `request.body` and concatenates a value from it into a shell command passed to `ProcessUtilities.outputExecutioner` / `ProcessUtilities.executioner` without first performing an in-view authentication/ACL check (`request.session['userID']` followed by `ACLManager.loadedACL(...)`). This is the CVE-2024-51378 pattern: because the p
A boolean function checks for help flags ("--help" or "-h") using a generic list Contains method. This pattern causes parser desynchronization (also known as argument injection or bypasses) when placed alongside a strict argument parser. An attacker can append `-- --help` so the manual check returns true, but the underlying CLI ignores `--help` as a flag and
A Windows reserved-device-name denylist enumerates the ASCII variants COM1..COM9 and LPT1..LPT9 but does not include the ISO-8859-1 superscript variants COM¹, COM², COM³, LPT¹, LPT², LPT³ (U+00B9 / U+00B2 / U+00B3). Windows resolves these Unicode names to the same physical COM/LPT devices, and `to_uppercase()` / ASCII case folding does not normalize superscr
A credential is being formatted into the userinfo portion of a URL via a `%s` placeholder (e.g., `://user:%s@host` or `://x-access-token:%s`). Once the secret is inlined into the URL string, it leaks to any code path that renders the URL — logs, wrapped errors, diagnostic output, stored Repo/Clone URL fields, etc. This is how CVE-2024-52009 exposed GitHub Ap
Sensitive Craft CMS control panel configuration keys such as 'cpTrigger' and 'baseCpUrl' are being exposed without checking if the current context is a Control Panel request. This leaks administrative routing details to frontend visitors. Guard this exposure with a check like `if ($request->getIsCpRequest())`.
The control panel trigger or base URL is unconditionally included in data exposed to the frontend. This can allow an attacker to bypass defense-in-depth measures and discover the hidden administrative URL. Ensure these values are only returned for control panel requests (e.g., guarded by `getIsCpRequest()`).
Base R `unserialize()` is being called directly on bytes derived from external/character input (`charToRaw(...)` or `memDecompress(...)`). R's serialization format can encode a PROMSXP (promise) whose body is an arbitrary LANGSXP, which executes attacker-controlled code the first time the deserialized object is accessed (CVE-2024-52338, CVE-2024-27322 "R-bit
Detects references to the malware domain Leostop, indicating a compromised asset.
The application parses XML using the `LIBXML_DTDLOAD` or `LIBXML_DTDATTR` flags. These flags enable the loading of external DTDs or default DTD attributes. On modern PHP versions (8.0+), this can lead to XML External Entity (XXE) or Server-Side Request Forgery (SSRF) vulnerabilities when parsing untrusted XML, as traditional entity loader disablement methods
Unconfigured 'DocumentBuilderFactory' is vulnerable to XML External Entity (XXE) attacks. Ensure that external entities and doctypes are disabled by calling 'setFeature' or by using a safely pre-configured factory method.
Unsanitized binary metadata (such as `bclass` or `rclass`) is passed into a native Rizin command evaluator like `rz_core_cmdf`. These functions dynamically parse and execute format strings, allowing an attacker to inject shell commands (e.g., using `!sh`) via a malicious binary. Use programmable APIs to modify configuration rather than building string-based
os.system() is invoked with a shell command built by interpolating an object/attribute value (e.g. self.path, obj.attr) via str.format(), f-string, %-formatting, or string concatenation. Because os.system() passes its argument to /bin/sh -c, an attribute whose value originates from user input (file dialogs, network input, parsed config) can carry shell metac
A GLPI plugin script includes the framework's core `includes.php` initialization script but fails to call `Session::checkLoginUser()` or a comparable authorization function. This exposes the endpoint to unauthenticated access and can allow attackers to perform unauthorized actions or data queries. Always ensure that endpoint scripts assert authentication at
The code redacts a specific sensitive key (e.g., 'password') from a dictionary using a hardcoded string check. This pattern often leads to data exposure by failing to censor secondary sensitive keys (e.g., 'token', 'secret', or organization-specific credentials). Instead of hardcoding a single key, define a comprehensive list of sensitive keys and iterate ov
Async writer serializes a mutable object parameter to disk via JSON.stringify inside the write call. If the caller also retains a reference to the same object (for example, by inserting it into a shared in-memory cache), any mutation performed between the call and the deferred write will be persisted, allowing one execution context to poison a shared on-disk
Ansible module parameters are passed to a logger without being sanitized. Sensitive write-only fields (like passwords or tokens) may be written to log files in clear text. Sanitize the parameters using a redaction or blanking function before logging.
Incomplete path-traversal sanitizer: str_replace(["|..|","|"],"/", $INPUT) only strips the tokens "|..|" and "|". An input containing a bare "..|" sequence is not matched by "|..|"; the subsequent "|" -> "/" substitution then rewrites "..|" into "../", letting a directory-traversal sequence survive sanitization. In RhinOS this allowed CVE-2024-5407: a crafte
User-controlled input flows into PHP's unserialize() (often via base64_decode). Calling unserialize() on attacker-controlled data allows instantiation of arbitrary objects whose magic methods (__wakeup, __destruct, __toString, etc.) execute automatically, enabling PHP Object Injection / gadget-chain exploitation (CWE-502). Use json_decode() with json_encode(
The result of `TreeEntry(...)` is discarded (assigned to `_`), so the returned entry is never inspected with `IsSymlink()` (or `IsTree()`) before the corresponding path is used to write/edit a file. This allows symlink-following writes through the repository working copy and is the root cause of CVE-2024-54148 in Gogs' editor handler. Capture the entry and r
Potential integer-overflow bypass of a buffer bounds check. The condition `$OFFSET + $SIZE > $BUF.size()` performs unsigned addition that can wrap around when `$OFFSET` and `$SIZE` are attacker-controlled unsigned values (e.g., uint32_t parsed from a file header such as an ICC profile tag). When wraparound makes the sum small while `$OFFSET` alone exceeds th
The boolean return value of Oiiotool::read() is being discarded immediately before a stats-computing path (compute_stats = true / print_stats / computePixelStats). If the underlying image read fails (for example a truncated/malformed PNM/PGM whose declared geometry exceeds the actual pixel payload), execution continues with a partially-initialized ImageBuf w
A CORS misconfiguration allows overly permissive cross-origin requests. The flask-cors CORS module is instantiated without origin restrictions, allowing all domains by default. Attackers can exploit this to steal sensitive information or perform unauthorized actions on behalf of a user. Ensure you explicitly configure restricted domains using 'origins' or 'r
Strapi's `document-service` validation function fails to reject the internal `lookup` parameter. An attacker can exploit this by passing a crafted `lookup` query parameter to access private or restricted data fields (e.g. passwords, reset tokens).
The Koa middleware processes requests and calls next() without verifying any authentication token. In a proxy setup, this allows an attacker to make unauthenticated requests that could lead to Denial of Service via resource exhaustion. Ensure routes are protected by checking for a token and returning a 401 status.
The transliteration compiler function fails to update the maximum expansion size when detecting that character transliteration will force a string upgrade to UTF-8. This underestimation of the destination string size causes insufficient memory allocation, resulting in a heap buffer overflow. Ensure the expansion size (e.g. `max_expansion`) is updated appropr
Validation checking for blocked 'file:' URIs by strictly matching 'file:/' or 'file://' is incomplete and insecure. Attackers can bypass this filter using alternate pathing without leading slashes, such as 'file:..', resulting in Local File Read (LFR) or Path Traversal. Ensure the application catches all file scheme URIs by validating against 'file:' instead
cURL TLS certificate verification is disabled. Setting CURLOPT_SSL_VERIFYPEER to false/0 disables peer certificate chain validation, and setting CURLOPT_SSL_VERIFYHOST to false/0/1 disables proper hostname verification. With these disabled, libcurl accepts any TLS certificate (including self-signed, expired, or hostname-mismatched ones), enabling man-in-the-
A boolean one-shot guard wraps a per-route authentication-filter registration (e.g. Javalin `$SERVER.before($URL, ...)`). After the first iteration the flag is flipped to true, so any subsequent distinct URL passed to `before(...)` is skipped and its endpoint is publicly accessible. Track registered URLs in a `Set<String>` keyed on the URL so every distinct
User-controlled value from $_POST / $_GET / $_REQUEST / $_COOKIE flows into a raw SQL string passed to $DB->query() or $DB->queryOrDie() (GLPI DBmysql abstraction) without integer/float casting, escaping, or use of the parameterized $DB->request() / $DB->update() / $DB->insert() / $DB->delete() APIs. This is a classic SQL injection (CWE-89), matching the pre
Validation is performed and returns errors before verifying user authorization. This can expose sensitive information or allow an attacker to enumerate valid system resources (e.g., database IDs) through validation error messages. Ensure that authorization checks (like `isSuperUser`, `can`, or `allows`) occur before or encapsulate the validation logic.
This Spring HandlerInterceptor.preHandle method returns true when the authenticated principal (e.g. session user / token subject) is null, so unauthenticated requests are allowed to proceed to the controller. preHandle must return false or throw on missing credentials, otherwise the interceptor is a no-op authentication stub (CVE-2024-57155, CWE-284: Imprope
This code writes the authenticated identity to the request 'user' HTTP header (e.g. as a Base64-encoded JSON blob) so it can be forwarded to downstream services, but the surrounding module never calls `delete req.headers['user']` to strip an attacker-supplied incoming 'user' header. An unauthenticated client can therefore set their own 'user' header on reque
Mojolicious applications and framework code should not use the predictable application moniker or insecure PRNGs like `rand` to generate session secrets or CSRF tokens. This allows an attacker to compute valid HMAC signatures and forge session cookies. Replace predictable secrets with strong cryptographic random strings (e.g. `Mojo::Util::urandom_urlsafe`).
shutil.copyfile is invoked with a user-influenced source path and/or a destination built with os.path.join, without a preceding os.path.realpath(...).startswith(...) containment check. Because os.path.join discards earlier components when a later component is absolute, and accepts '..' traversal, the source can read and the destination can write arbitrary fi
Direct call to services().rooms.set_alias(...) inside the user-facing alias HTTP handlers (create_alias_route / delete_alias_route) bypasses authorization checks and allows any authenticated local user to bind or unbind any local room alias, including the privileged #admins alias used by Conduit's admin bot. Route alias mutations through services().rooms.ali
When determining a specific user (like an object creator or task dispatcher) from a permission query, falling back to the first user with any permissions can return users who have domain or model-level access (e.g., administrators), rather than the specific actor. This leads to privilege escalation or incorrect ownership assignment. Always filter `get_users_
The `MarkAsResolvedService` is called without a `report_type`. Grouping and resolving vulnerabilities by `scanner` alone can lead to privilege escalation or security bypass if a scanner is shared across different report types.
A permissive CORS configuration was detected. Setting `allow_origins` to include `"*"` allows requests from any origin. If this server runs on localhost or inside a private network, this exposes the API to Cross-Site Read (CORS) attacks, potentially leaking sensitive information to attacker-controlled websites. Use specific origins driven by configuration in
Extraction of ZIP entries without validating that the generated file path stays within the canonical target directory. This can lead to a Zip Slip directory traversal vulnerability.
Using `eval()` to parse values after a string key match can lead to arbitrary code execution if the data originates from an untrusted source, such as external files or user input. Instead of `eval()`, use safer alternatives like `ast.literal_eval()`, or explicit type conversions like `bool()`, `int()`, or custom parsers.
Serializing or deserializing a TensorFlow Tensor without first validating its data type via a dedicated function check. Processing untrusted types like `DT_VARIANT` and `DT_RESOURCE` can lead to Use-After-Free during unpacking because the underlying instances may be improperly initialized, allowing attackers to overwrite vtables and achieve RCE. Ensure the `
Grouping ingested vulnerabilities solely by scanner can cause findings from different report types (e.g., dependency scanning vs container scanning) to be conflated if a single scanner supports multiple report types. Use a compound key with both the scanner and report type to track ingested ids.
A server-side OAuth2 configuration (`config.OAUTH2_CONFIG`) is assigned directly into a Jinja template render context (e.g., `page_props`) without filtering out secret fields. `OAUTH2_CONFIG` entries contain `OAUTH2_CLIENT_ID` and `OAUTH2_CLIENT_SECRET`, which will be embedded verbatim in the rendered HTML/JS of an unauthenticated page and disclosed to any v
Missing quoting in venv activation script replacements leads to command injection (CVE-2024-9287)
Packer Proxmox builder template defines an SSH builder user via ssh_username/ssh_password but no provisioner locks the account (e.g. `usermod -L {{user `ssh_username`}}`) before image capture. VM images produced from this template will ship with the default builder credentials enabled, allowing any attacker reachable on TCP/22 to SSH in and escalate to root
Vulnerabilities clustered by scanner alone without report_type can result in erroneous resolutions across scan types. Ensure vulnerability aggregation and resolution accounts for both the scanner identity and the report type.
Possible Zip Slip vulnerability. The application extracts a zip archive using minizip without properly validating the extracted paths against the intended destination directory.
Overlapping or empty security artifacts mapped solely by scanner name can bypass tracking controls and erroneously group findings. Scans should utilize a composite key tracking both tool and report type to avoid colliding resolution sets.
Pointer arithmetic and unsigned size subtraction using an int count (typical pattern: `size - N * 4` followed by `ptr + N * 4`) without first validating that the source pointer is non-null and that `N >= 0` and `N * stride <= size`. When N originates from untrusted/parsed input (e.g. a Lottie gradient's mColorPoints), a negative or oversized N causes size_t
Vendored/embedded copy of Abseil's raw_hash_set appears to contain the pre-fix `RawHashSetLayout::alloc_size()` which computes `slot_offset_ + capacity_ * slot_size` with no overflow guard (CVE-2025-0838 / CWE-190). The patched version adds an `ABSL_SWISSTABLE_ASSERT(slot_size <= ((std::numeric_limits<size_t>::max)() - slot_offset_) / capacity_)` before the
When scanning files with PyTorch extensions, catching `InvalidMagicError` and returning an empty `ScanResult` causes a fail-open behavior. If an attacker renames a malicious standard pickle file to `.pt`, the scanner flags no issues, but the application may still parse the malicious payload successfully. The fix is to fall through and try scanning via other
The scanner performs an exact match against a blocklist for module names. This allows malicious payloads to be loaded via submodules of dangerous packages (e.g., 'asyncio.unix_events' instead of 'asyncio'). Validations should verify the root module of any imported module against the blocklist by splitting the module name on '.' and validating parent packages
Checking user-provided URLs against a denylist using string prefix functions (like `str_starts_with`) without first properly parsing the URL scheme can lead to bypasses. Malicious payloads containing linebreaks or spaces (e.g., `fil\ne://`) will bypass strict string validations but might still be treated as valid schemes by underlying parsers (like Chromium,
The application validates URLs by checking for blocked prefixes (e.g., using `str_starts_with`) without structurally parsing the URL first. Attackers can bypass prefix blocklists using malformed URLs (e.g., 'fil\n e://') which are then leniently parsed by underlying tools like external browsers or network clients, resulting in SSRF or Local File Inclusion. E
A file received from flask.request.files is being written into the publicly-served "static" directory without validating the MIME type or verifying the file content (magic bytes). Because Flask serves /static/ directly, an attacker with upload access can stage arbitrary HTML, JS, SVG, or other payloads at a trusted URL on the application's own origin (stored
ClusterRoleBinding (or RoleBinding) grants permissions to the built-in group "system:authenticated" (or "system:unauthenticated"). This binds the referenced role to every authenticated principal in the cluster, effectively making the role's permissions universal. This pattern caused CVE-2025-10725 (opendatahub-operator) by binding a Job/Workload-create role
The application uses `yaml.load` with an unsafe YAML loader (`yaml.Loader`, `yaml.UnsafeLoader`, or `yaml.CLoader`). This configuration is capable of executing arbitrary code or instantiating arbitrary Python objects through malicious YAML tags, leading to Remote Code Execution (CWE-502). Use `yaml.safe_load` instead.
A Node.js child_process exec/execSync call is being invoked with a template literal (or string concatenation) that interpolates an external variable into the shell command. Because exec() spawns a shell (cmd.exe on Windows, /bin/sh elsewhere), any shell metacharacters in the interpolated value will be interpreted by the shell, enabling arbitrary command inje
SFTP handle-size guard validates the client-supplied length against WOLFSSH_MAX_HANDLE (and the remaining packet space) but does not require it to equal sizeof(WFD) / sizeof(HANDLE). The following WMEMCPY into the fixed-size stack-allocated file-descriptor variable can then overflow up to (WOLFSSH_MAX_HANDLE - sizeof(fd)) bytes of stack memory (CWE-787). Add
The regular expression passed to `re.compile()` contains consecutive nested quantifiers (a `)+)*`, `)*)*`, `)+)+`, or `)*)+` sequence), a structural signature associated with catastrophic backtracking (ReDoS). When specially crafted input partially matches but ultimately fails the pattern, the regex engine explores an exponential number of backtracking paths
PHP copy() is invoked on a path produced by str_replace() that swaps a URL prefix for a filesystem path prefix on an external $url. If the URL does not begin with the expected prefix, str_replace() is a no-op and copy() will fetch the URL as a remote stream when allow_url_fopen is On, writing attacker-controlled content into the destination (CVE-2025-12352,
Detected a function argument that flows into `child_process.exec()`. `exec` executes the command inside a shell, which can lead to OS command injection if the input contains unescaped shell metacharacters. Mitigate this by using `child_process.spawn()` or `child_process.execFile()` with an array of arguments, which bypasses the shell string evaluation.
Cloudinary SDKs before 2.7.0 are vulnerable to Arbitrary Argument Injection in the `api_sign_request` function. The function concatenates parameter keys and values without properly escaping ampersands (`&`), allowing attackers to inject additional parameters (e.g. `&overwrite=true`) if parameter values are user-controlled. Use the built-in `verify_api_respon
The expression evaluator dispatches a function popped from its evaluation stack (`f = nstack.pop(); ...; f.apply(undefined, args)`) without first verifying that `f` is in a registered allowlist (e.g., a call to `isAllowedFunc(f, expr, values)` that throws on rejection). This is the CWE-94 root cause of CVE-2025-12735 in `expr-eval` / `expr-eval-fork`: when t
An unhandled SQLAlchemy query can raise exceptions (e.g., operational or mapping errors) that crash the surrounding task. If this task is responsible for critical security state changes (like revocation updates), the unhandled exception can bypass the state update. Consider wrapping database queries in try/except blocks when used inside critical asynchronous
The `torch.load()` function uses Python's `pickle` module by default, which is vulnerable to insecure deserialization. Loading untrusted PyTorch models can lead to arbitrary code execution. Set `weights_only=True` to prevent this vulnerability.
Using PyTorch's `torch.load` without explicitly setting `weights_only=True` allows unsafe deserialization via `pickle`. This can lead to arbitrary native code execution if untrusted data is loaded. Use `weights_only=True` to limit deserialization to known tensor types.
The `torch.load()` function uses `pickle` underneath to deserialize data. When loading models from untrusted sources without restriction, this can lead to remote code execution. Enforce secure deserialization by passing `weights_only=True` to `torch.load()`.
`torch.load` implicitly uses Python's `pickle` module, which can execute arbitrary code during deserialization. This can lead to Remote Code Execution (RCE) if loading model files from untrusted sources. Use `weights_only=True` to mitigate this vulnerability.
Using `torch.serialization.safe_globals` with excessively broad namespaces (e.g., 'torch', 'collections') re-introduces untrusted deserialization risks, deliberately bypassing the local security of `weights_only=True`.
Custom API route `network.GET()` returning NetworkStatus is missing the `@redacted_response` decorator. This causes the internal router to log the entire secret-bearing response in plaintext.
A non-sandboxed jinja2.Environment instance is constructed. When such an Environment is later used with from_string()/render() against template strings influenced by user input (e.g., a webhook body, email template, or any stored user-supplied content), the unsandboxed environment permits Jinja2 attribute traversal (__class__, __mro__, __subclasses__, __glob
Livewire component's updatedFiles() hook persists uploaded files via Spatie MediaLibrary's addMedia(...)->toMediaCollection(...) without invoking $this->validate(...). The public $files property bound by the WithFileUploads trait is therefore accepted with no file/mimes/mimetypes/size constraints, allowing an attacker to upload a malicious file (e.g., shell.
Zip Slip vulnerability: The extracted file path is not validated to securely stay within the intended destination directory. An attacker can craft a ZIP archive with directory traversal characters (e.g. `../`) and overwrite arbitrary files. Ensure the constructed file path is strictly within the target directory by checking the canonicalized path.
Python's built-in exec()/eval() is being called with a non-literal, dynamic argument. Any value that originates from an LLM response, a function parameter, network input, or a file can be arbitrary Python and will execute in-process with full privileges. This is the vulnerability pattern behind CVE-2025-1497 (PlotAI): LLM-generated code was piped straight in
A template literal with dynamic interpolation flows into `child_process.exec` / `execSync` (or a `promisify(exec)` alias), which executes its argument via `/bin/sh -c <string>`. Shell metacharacters in the interpolated values (`$()`, backticks, `;`, `&&`, ...) result in command injection (CVE-2025-15061 / CWE-78). Use `execFile` / `spawn` with an argv array,
A buffer shift operation was detected that uses the destination offset directly in length calculations ($SZ - $DST). This can cause a heap over-read by moving more bytes than are remaining at the source offset. When shifting left (e.g., removing a substring), the length must be calculated relative to the source pointer or explicitly bounded, otherwise bytes
importlib.import_module() is called with a variable module name in a function that also resolves arbitrary attributes via vars(mod).get(name) or getattr(mod, name) (a deserialization / config-loading path). With no allow-list constraining the module name to a trusted prefix, an attacker who controls the serialized payload can have any importable Python modul
Constructing executable or plugin search paths inside `C:\ProgramData` can lead to privilege escalation. Windows allows unprivileged users to create subdirectories inside `C:\ProgramData` by default. If a privileged process searches for an executable in a non-existent subdirectory of `ProgramData`, a low-privileged attacker can pre-create the directory and p
Perl's built-in rand() is being fed into a cryptographic hash (SHA-1/SHA-256/SHA-512/MD5) to derive bytes. rand() is seeded with at most 32 bits and is not a CSPRNG, so hashing it (optionally with $$, Time::HiRes::time, or other low-entropy values) does not produce cryptographically strong output. This pattern produces predictable session IDs, CSRF tokens, a
Heap out-of-bounds write in a zlib-style inflate() GZIP EXTRA-field handler. A zmemcpy/memcpy writes into the caller-supplied extra-field buffer at offset `len` (= extra_len - state->length) using `extra_max - len` as the copy size, but the enclosing guard does not verify `len < extra_max`. When inflate() is driven across multiple incremental calls, `len` ca
A vulnerability resolution orchestration loop skips items without checking the 'disable_ds_on_sbom_report' feature flag, allowing dependency scanning vulnerabilities to be improperly bypassed.
move_uploaded_file() is being called with a destination path whose extension is derived directly from the user-supplied upload filename (via getExt(), pathinfo(..., PATHINFO_EXTENSION) or end(explode('.', ...))) without any extension allowlist or image-content validation (e.g., ValidateImage(), getimagesize(), or an in_array() check against a whitelist of sa
The 'reset_code' field is being written as an empty string ('') instead of NULL. This creates a shared sentinel value across all validated users; combined with a forgot-password gate that uses isset($_GET['c']) (which is true for ''), an unauthenticated attacker can request /forgot_password/?c= and match any user whose reset_code was stored as ''. Use NULL t
Allowing `ExceptionGroup` or `try/except*` (`TryStar` AST nodes) in an environment executing untrusted Python code exposes the application to a sandbox escape via a type confusion vulnerability in CPython < 3.13.2 (CVE-2025-22153). Disallow `ExceptionGroup` and `TryStar` nodes in restricted execution environments.
Unvalidated database backup path passed to `restore()` can lead to directory traversal and Remote Code Execution. The `restore()` method relies on shell execution and is unsafe if the path contains shell metacharacters. Use `FileHelper::isWithin()` to securely validate that the path is within the expected base backup directory.
Rendering a jinja2.Template on potentially user-controlled input without sandboxing enables Server-Side Template Injection (SSTI). The default jinja2.Template class permits attribute access (e.g. __class__, __base__, __subclasses__) that lets attackers reach arbitrary callables and execute OS commands (CVE-2025-23211 in Tandoor Recipes). Replace with jinja2.
A directory is listed and its contents are directly used to instantiate and save database models without validating file extensions. If the base directory path is controllable by users, this behavior can be abused to enumerate or ingest arbitrary system files. Add validation such as file extension checks (e.g., using `.endswith()`) to ensure only intended fi
User-controlled input from a PHP superglobal (e.g. $_POST, $_GET, $_REQUEST, $_COOKIE) is concatenated/interpolated into a SQL string and executed via PDO::query()/PDO::exec(), which do not parameterize inputs. This is the CWE-89 pattern fixed in CVE-2025-23218 in the WeGIA pet "adicionar_especie" DAO endpoint. Use prepared statements with bound parameters (
User-controlled input from a PHP superglobal ($_POST) flows into a PDO ->query() / ->exec() call via string concatenation or interpolation. This is a SQL Injection (CWE-89). Use PDO::prepare() with bound parameters (bindParam/bindValue or an execute([...]) array) instead of concatenating user data into the SQL string.
User-controlled input from a PHP superglobal ($_POST/$_REQUEST['raca']) flows into a database query executed via PDO::query()/PDO::exec() or the legacy mysql(i)_query API. These functions execute their argument as a raw SQL string, so any unescaped tainted value yields SQL injection (CWE-89). Use a prepared statement: $pdo->prepare($sql) followed by bindPara
The path passed to sqlite.Open is built from filepath.Join(baseDir, userInput) without verifying that the resulting cleaned path remains inside baseDir. filepath.Join invokes filepath.Clean, which resolves ".." segments — so a traversal payload such as "../etc/passwd.db" collapses out of the intended directory and becomes an attacker-controlled absolute path
Zero-padding lookup table slots implicitly introduces a (0, 0) entry. This undermines the soundness of the zero-knowledge proof by allowing a malicious prover to prove f(0) = 0 for any lookup table. To fix, pad unused slots with a valid lookup table entry (e.g., the first element).
A client-side logout/signout function was found that clears local storage or session storage but does not clear `document.cookie`. If the application relies on cookies for certain features or authentication (such as a separate dashboard token), failing to clear them during logout can allow subsequent users on shared devices to reuse the hijacked session. Ver
A sensitive cookie is being set without the `SameSite` attribute. Without `SameSite=Strict` or `Lax`, the browser may send this cookie in cross-origin requests, exposing the application to Cross-Site Request Forgery (CSRF) or authentication bypasses.
The application decodes a Signal synchronization message without verifying that the sender matches the local user's UUID. This allows an attacker to forge sync messages and impersonate other devices belonging to the user.
Use of an unbounded string format specifier (e.g., `%s` or `%[...]`) in a `scanf`-family function. This allows an indefinite number of bytes to be read from input, causing a buffer overflow if read data exceeds the size of the destination buffer. Add a field width restriction (e.g., `%32s`) or use a memory-allocating modifier (e.g., `%ms`) to prevent overflo
Matching `req.originalUrl` or `req.url` against a regular expression can lead to authentication bypasses or routing flaws. These request properties include the query string. If the regular expression is unanchored, an attacker can satisfy the match by injecting a specific substring into a query parameter (e.g., `?bypass=/api/public`). Evaluate route matches
The application explicitly limits MFA verification to instances where the authentication type is "local". Alternative mechanisms like LDAP, SAML, or External could bypass MFA unless every provider identically replicates the verification. Centralize MFA checks around the user object and session properties regardless of the initial authentication provider.
SAML signature-validation pipeline re-queries the raw XML document with REXML::XPath using `signed_element_id` as the `@ID` lookup variable to fetch downstream identity content (NameID, Attributes, Subject, etc.). The cryptographic signature was verified by Nokogiri on a (potentially) different document tree; trusting REXML's ID-based lookup on the raw docum
Extracting trusted SAML assertion fields via REXML::XPath while binding the `id` XPath variable to `signed_element_id` (e.g. `REXML::XPath.first(doc, "/p:Response/a:Assertion[@ID=$id]...", { ..., "id" => doc_to_validate.signed_element_id })`) is vulnerable to XML Signature Wrapping (CVE-2025-25292 / GHSL-2024-330). Nokogiri (used for canonicalization/signatu
Use of `java.beans.XMLDecoder` to deserialize data from an InputStream or file is insecure. XMLDecoder interprets XML as a sequence of method invocations and can instantiate arbitrary Java classes (e.g., java.lang.Runtime, java.lang.ProcessBuilder), enabling remote code execution when the input is attacker-controlled. Replace with a safe deserializer (e.g.,
Reading a property from a plain object with a non-literal key and a `|| {}` fallback, then writing into the resulting object via bracket notation, enables prototype pollution (CWE-1321; see CVE-2025-25977). If the key evaluates to "__proto__", the lookup resolves to Object.prototype (not undefined), and the subsequent `props[name] = value` writes onto the gl
Nashorn JavaScript engine is being instantiated without the "--no-java" flag. Without this flag, evaluated scripts can resolve arbitrary Java classes via `Java.type` / `java.lang.*` and call methods such as `java.lang.Runtime.getRuntime().exec(...)`, leading to OS command execution when the evaluated script is attacker-controllable (CVE-2025-26074, CWE-78).
A SQL string containing PHP variable interpolation (e.g. "DELETE FROM t WHERE id = $x") is executed via a PDO/mysqli ->query() call. If any interpolated variable is reachable from request input (especially after extract($_REQUEST), or from $_GET / $_POST / $_REQUEST / $_COOKIE), the query is exploitable as SQL Injection (CVE-2025-26606, CWE-89). Replace with
User-controlled input from a PHP superglobal ($_GET/$_POST/$_REQUEST/$_COOKIE) flows into a PDO::query()/exec() call via string concatenation or interpolation. This is a SQL injection (CWE-89). Use $pdo->prepare() with bindValue/bindParam or a parameterized execute() instead of concatenating untrusted input into the SQL string.
extract() is being called on a user-controlled superglobal ($_POST, $_GET, $_REQUEST, or $_COOKIE). Any attacker-supplied parameter name will be injected into the local symbol table and can overwrite pre-existing variables, including SQL fragments, query parameters later passed to PDOStatement::bindParam, authorization flags, or file paths. This is the root
Calling extract() on a request superglobal ($_REQUEST, $_GET, $_POST, $_COOKIE, $_FILES) imports every attacker-controlled key into the local variable scope without a whitelist or type check. In WeGIA's AlmoxarifadoControle (CVE-2025-26611) this lets an attacker materialise arbitrary locals such as $nextPage and $descricao_almoxarifado, which then flow into
User-controlled data from the PHP superglobal `$_GET['id_fichamedica']` (or equivalent $_POST/$_REQUEST access) flows into a `$pdo->query(...)` / `mysqli_query(...)` call without being parameterized via prepare()/bindValue()/bindParam(). This enables SQL injection (CWE-89, CVE-2025-26617). Use `$pdo->prepare()` with placeholder binding (bindValue/bindParam)
The send queue enforces a limit on the number of chunks but lacks a limit on the total enqueued byte size. This allows unbounded memory accumulation, which can be exploited by an attacker to cause an Out-of-Memory (OOM) crash and Denial of Service (DoS). Add a soft limit on the total bytes allowed in the queue.
Passing a raw `*http.Request` object directly into an HTML or Text template can expose unsanitized request data (such as `Request.URL.Path`, headers, or query parameters) directly to the template context. If rendered in unsafe contexts, this can lead to Cross-Site Scripting (XSS). Avoid passing the entire HTTP request to templates; instead, explicitly extrac
A SQL statement obtained from `re.split(";", ...)` (or built directly from regex-extracted text) is passed to a DB cursor `.execute()` call as a single string argument, with no parameter values tuple. This is the CVE-2025-27135 (ExeSQL) anti-pattern: regex "sanitization" of an LLM/user-influenced SQL string does not prevent UNION-based or subquery-based SQL
A URL-building function unconditionally returns absolute request URLs directly, bypassing any configured base URL restriction. When user-controlled absolute URLs are passed as the request URL, the base URL is bypassed entirely, enabling Server-Side Request Forgery (SSRF) or credential leakage (CVE-2025-27152). Add a control parameter (e.g., 'allowAbsoluteUrl
Method `$METHOD` writes credential/token data to a file via `open(self.$PATH, "w", ...)` without restricting the file's permissions. The created file inherits the process umask (typically yielding mode `rw-r--r--` / 0644), which exposes the stored secret to any other local user or process running as a different UID (CWE-276 — Incorrect Default Permissions; C
Laravel Validator uses the static, predictable wildcard placeholder literal '__asterisk__' inside a str_replace() call. This is the vulnerable form patched by CVE-2025-27515: an attacker-supplied request key named literally "__asterisk__" collides with the internal placeholder after parseData() encodes real "*" keys, allowing wildcard validation rules (files
Constructing inline standard input (heredocs) for pipelines using double-quoted string interpolation (e.g., `"<<[join ...]"` or `"<<$var"`) without `list` protection can lead to OS command injection in Tcl. When this string is evaluated in a command pipeline (such as via `open |` or `exec`), literal newlines or pipe metacharacters (`|`) within the string are
Re-encoding parsed query parameters (like SAMLRequest or SAMLResponse) using urlencode() to reconstruct a query string for signature validation is unsafe. Framework query parsing (e.g., `getQueryParams()`) may drop duplicate parameters or decode values differently than they appear in the raw request. This can allow an attacker to bypass SAML signature valida
torch.load() is invoked without weights_only=True on a dynamically-constructed file path (os.path.join, f-string, string concatenation, .format()). By default, torch.load uses Python's pickle module, which deserializes arbitrary objects and executes __reduce__ / __setstate__ callables embedded in crafted model files. When the file path can be influenced by u
`torch.load()` is called inside `model_blender` without `weights_only=True`. The two checkpoint paths passed to this function originate from the Gradio Voice Blender tab and are attacker-controllable. By default, `torch.load` uses Python's `pickle` module to deserialize the checkpoint, which can execute arbitrary code embedded in a malicious file (e.g. via `
`torch.load` is called without `weights_only=True`. By default, `torch.load` uses Python's `pickle` module to deserialize checkpoint files, which executes arbitrary code embedded in the file (e.g. via `__reduce__` hooks). If the loaded path can be influenced by an attacker-controlled checkpoint (community model hubs, user-supplied paths, shared drives), this
`torch.load()` is called without `weights_only=True`. By default, `torch.load` uses Python's pickle protocol, which can execute arbitrary code embedded in a checkpoint file (e.g., via a malicious `__reduce__` method). If the path passed to `torch.load` is influenced by user input (a downloaded model, a user-selected file in a UI, etc.), this leads to remote
User-controlled value is split and joined with a SQL single-quote separator ("', '") to build a SQL IN(...) clause without escaping each token. An embedded single quote in the input breaks out of the quoted literal, enabling SQL injection (CVE-2025-28056 pattern in AdvFilterParser.SFT branch). Route every token through an SQL escape helper (e.g. CommonsUtils
Use of Python's built-in `eval()` on a non-literal expression is unsafe and can lead to arbitrary code execution (CWE-94) when the argument is influenced by user input. This was the root cause of CVE-2025-2945 in pgAdmin 4, where `eval(value)` and `eval(args.high_availability)` allowed an authenticated attacker to execute arbitrary Python via POST parameters
A variadic execution function (`execl`, `execlp`, `execle`) calls `login` with dynamically sized arguments but does not specify the end-of-options delimiter (`--`). This exposes the program to argument injection vulnerabilities (CWE-88). An attacker providing user input starting with `-` can inject flags, such as `-froot` to force an unauthenticated login by
A struct-field slice (selector expression like `params.Log`) is iterated and each element is passed directly to os.Open / os.ReadFile / os.OpenFile. When the struct is bound from an HTTP request body, the attacker controls the path and can read arbitrary host files (path traversal / arbitrary file read, CVE-2025-30206). Restrict the iteration source to a har
GeoNetwork release version is < 4.4.10, which transitively depends on a GeoTools version vulnerable to CVE-2025-30220 (XXE / SSRF in gt-xsd-core Schemas and gt-wfs-ng DataStore not honoring EntityResolver) and predates the addition of @PreAuthorize("hasAuthority('Editor')") on WFSHarvesterApi.indexWfs. Upgrade to 4.4.10 or later, which bumps the GeoTools dep
Password verification uses hash('sha256', ...) with direct equality comparison (== or !=). This is improper authentication (CWE-287): SHA-256 is fast/unsalted and vulnerable to offline cracking, and string equality is vulnerable to timing attacks. Use password_verify() against a hash produced by password_hash($pw, PASSWORD_DEFAULT). For legacy hash migration
SQL string is built by interpolating a PHP variable directly into the query and then executed via PDO::query() / PDO::exec(). When the interpolated variable originates from user input (e.g. $_GET, $_POST, $_REQUEST, or variables created by extract($_REQUEST)), this enables SQL injection (CWE-89). Use a prepared statement with bindParam/bindValue and pass onl
Debug assertions (`DCHECK`, `assert`) are compiled out in release builds (e.g., when NDEBUG is defined). Using them exclusively for bounds checking discards the safety guarantee, potentially enabling memory corruption vulnerabilities if out-of-bounds data is processed. Enforce bounds limits using `CHECK`, exceptions, or standard conditional validation that p
Using `/dev/null` directly as a mount source without verifying its device type exposes the system to attacks where an adversary controls `/dev/null`. In a container, it could be a symlink to `/proc/kcore` or other sensitive paths, leading to privilege escalation, host filesystem modification, or container escape. Also avoid dynamically checking `Rdev` agains
Initializing a Typer application with default exception handling will print local variables during exception tracebacks. This can inadvertently expose sensitive information such as credentials, API keys, or tokens in standard output and logs. Explicitly pass `pretty_exceptions_show_locals=False` to `Typer()` to prevent this leakage.
A JDOM2 SAXBuilder was created without explicitly disabling external DTDs or schemas. This can lead to XML External Entity (XXE) injection vulnerabilities when parsing untrusted XML documents. Ensure you secure the SAXBuilder by setting XMLConstants.ACCESS_EXTERNAL_DTD to an empty string.
In this Velocity template, $services.query.hql.checkOrderBySafe(...) is called on an order variable that is then reassigned by a subsequent `#set` before being concatenated into an HQL `order by` clause. The validator therefore runs on a stale, pre-mutation value while the final attacker-influenced value is what is substituted into the query, allowing HQL/SQ
ZMQ socket `recv_pyobj()` deserializes incoming messages with Python pickle, enabling remote code execution if an attacker can reach the socket. Similarly, `send_pyobj()` establishes a pickle-based wire protocol that is unsafe to receive. Replace with `recv()` / `recv_multipart()` and safe binary deserialization such as `struct.unpack()`. See CVE-2025-32444.
Using `mergo.Merge` with `mergo.WithOverride` to merge a user-supplied `Container` (typed as the upstream `k8s.io/api/core/v1.Container` or reachable through a CR `Spec.Template.Container`) into an operator-built container lets a low-privileged tenant override arbitrary container fields — image, command, args, securityContext (privileged/runAsUser/capabiliti
Wiki page data derived from TikiLib::lib('wiki')->get_page_info(...) is being returned to the caller while only $perms->view is enforced. The $info structure can carry raw wiki source (plugin calls, embedded SQL, template references, author-only metadata) that should be gated behind $perms->edit. Add an edit permission check before returning $info or array_m
FastAPI route handler invokes validate_code() (which internally compiles and execs attacker-supplied Python source) without an authentication dependency declared in the route decorator. Because Python evaluates function-definition decorators and default-argument expressions at the moment exec() processes the definition, an unauthenticated attacker can embed
Found use of unescaped localized message text (e.g., `text()` or `plain()`) as an array key in an HTMLForm 'options' array. HTMLForms output 'options' keys as raw HTML labels, introducing a Cross-Site Scripting (XSS) vulnerability. Use the 'options-messages' property instead, where keys are treated directly as message identifiers safely, or manually escape w
DatasourceConfiguration subclass returns a JDBC URL from getJdbc() without routing it through JdbcUrlSecurityPolicy.validate(...). Authenticated users can submit attacker-controlled JDBC URL parameters (e.g. H2 "INIT=RUNSCRIPT FROM <url>", Oracle JNDI/LDAP lookups, MySQL autoDeserialize) that reach driverClass.connect() and trigger remote code execution (CVE
Treating an HQL short-form prefix check as proof of safety lets an attacker bypass parser-based validation. The expression `isShortFormStatement(stmt) || isSafe(stmt)` short-circuits whenever the statement starts with `,`, `where `, or `order by `, so injected HQL/SQL after that prefix is never validated. Always expand the fragment to its complete form (e.g.
memcpy() copies into a fixed-size local char buffer using a length taken from a struct field, without first checking that the length is less than sizeof(destination). If the struct field is attacker-controlled (e.g. a hostname, URI, or other length-prefixed input), this is a stack-based buffer overflow (CWE-121 / CWE-787). This is the exact root-cause patter
The conditional fallback `$X if $X is not None else $Y` is used as a bare expression statement and its value is discarded. This is the missing-assignment defect from CVE-2025-3777 in `BridgeTowerImageProcessor.preprocess`, where the absent `=` silently dropped the configured default (e.g. `self.do_center_crop`) and caused downstream `validate_preprocess_argu
Regular Expression Denial of Service (ReDoS): a regex pattern uses a lazy wildcard quantifier (e.g., `(.*?)` or `(.+?)`) embedded inside angle-bracket token delimiters (e.g., `<prefix_(.*?)>`). When this pattern is evaluated against untrusted input— especially inside a loop or with `re.IGNORECASE`—the regex engine explores an exponential number of backtracki
Session/token identifier is derived by hashing the output of Perl's built-in rand(), which is a non-cryptographic PRNG seeded with only ~32 bits and is therefore predictable. Combining it with $$ (PID), time, or stringified references (memory addresses) does not add meaningful entropy, and wrapping the result in a digest (sha1_hex/md5_hex/sha256_hex/...) doe
A command string built via string interpolation (%, f-string, .format(), or concatenation) flows into a subprocess call with shell=True. If any interpolated value can be influenced by untrusted input, shell metacharacters (";", "|", "$(...)", backticks, "&&", newline, etc.) will be interpreted by the shell, enabling arbitrary OS command execution (CWE-77 / C
The "current password" submitted to a change-password handler is verified with a bare check_password() call that has no failed-attempt counting, lockout, or notification side effects. An attacker holding an authenticated session can brute-force the user's password by replaying this endpoint without ever being rate-limited or locked out. Validate the submitte
GetTokenID errors are silently ignored: the entire one-time-token reuse check is gated on `err == nil`. Any provisioner whose GetTokenID returns an error (e.g. ACME, SCEP) completely bypasses token validation and silently receives a nil (success) return, enabling unauthenticated certificate signing (CVE-2025-44005). Replace the if-init pattern with a separat
Incorrect remaining buffer size calculation using 'sizeof(buf) - (buf - ptr)'. Pointer arithmetic 'buf - ptr' results in a negative value when 'ptr' is advanced past 'buf', leading to a larger buffer length calculation than the actual remaining capacity. This causes integer underflow and can lead to a stack-based buffer overflow. The correct calculation is '
Database-derived ID3 tag value (artist / album_artist / artist_sort / album_artist_sort / album / title / genre) is written into a newline-delimited MPD response via evbuffer_add_printf without sanitizing embedded newline characters. A media file with a crafted tag containing '\n' will inject extra MPD response lines and corrupt the line-based protocol frami
Apache Shiro is pinned to a version prior to 1.5.3 in this pom.xml. Versions 1.0.0-incubating through 1.5.2 are affected by an authentication bypass (CVE-2020-1957 and related, including the class of bug behind CVE-2025-45611 in hope-boot) caused by a path-normalization discrepancy between Shiro's filter chain and Spring MVC. An unauthenticated attacker can
A CheckResponseCacheEntry is written to a cache without first checking whether the response has CycleDetected=true. A cycle-detected check result is indeterminate (Allowed=false from a cycle-truncated sub-evaluation), and persisting it poisons the cache so subsequent Check / ListObjects requests within the TTL receive a false-negative authorization decision.
User-controlled data flows into pg_query() without PostgreSQL identifier escaping. An attacker who controls this value can inject arbitrary SQL via identifier context (e.g. table or column names). Wrap dynamic identifiers with pg_escape_identifier() and literal values with pg_escape_literal() before embedding them in query strings. (CVE-2025-46337)
The CSS preset filename parameter is forwarded to ThemeManager::addCustomCSSPreset() (which writes attacker-controlled content to the web-accessible custom/css-presets/ directory) without first validating via pathinfo() that the extension is 'css'. An attacker can supply a '.php' filename to drop a webshell, leading to remote code execution (CVE-2025-46347).
A @Route ACL annotation contains "public" alongside another ACL token (e.g. "@admins" or "+"). YesWiki's ApiService::isAuthorized treats the presence of the "public" specifier as a sufficient grant, so the additional restriction is silently bypassed and the route becomes reachable without authentication (CVE-2025-46348). Remove "public" from the ACL set when
Case-sensitive String.contains() blacklist applied to a URL-decoded JDBC/connection URL is bypassable because JDBC drivers (Redshift, PostgreSQL, MySQL, etc.) parse connection parameter names case-insensitively. An attacker can change the case of a forbidden parameter (e.g. SocketFactory instead of socketFactory) to evade the filter and reach dangerous param
Returning `size_t` for the serialized size of an object can lead to integer overflow on 32-bit systems where `size_t` limits computation to 4GB. This can lead to small memory allocations for large payloads, resulting in out-of-bounds writes. Return a fixed 64-bit integer like `uint64_t` to guard against stream sizes larger than 4GB.
Python's built-in eval() is being called on an expression string with a pandas DataFrame exposed in locals (e.g., eval(expr, {}, {"df": df})). Empty globals do NOT sandbox eval: attribute chains such as df.__class__.__init__.__globals__ or pd.io.common.os.system reach arbitrary Python builtins, allowing arbitrary code execution when the expression originates
Calling eval() with an empty globals dict ({}) is NOT a sandbox. Python expressions can reach __builtins__ via attribute traversal (e.g. (df).__class__.__mro__[-1].__subclasses__()...__init__.__globals__ ['__builtins__']['__import__']('os').system(...)) on any reachable object, enabling arbitrary code execution. If the evaluated expression is untrusted (e.g.
Unvalidated request input flows directly into the port section of a URL. An attacker can inject an '@' character to force the URL parser to treat the preceding host string as a username, redirecting the request to an arbitrary external domain. Validate the port and cast it using `parseInt()` before interpolation.
Validating a URL or path prefix using `startsWith()` where the expected prefix does not end in a trailing slash (`/`) is insecure. An attacker can bypass the check by extending the matched path or domain component (e.g., `expected-target` -> `expected-target-bypass`). Ensure that boundary delimiters like trailing slashes are appended when constructing the ex
Passing the result of str_replace() directly to unserialize() to strip a fixed file-guard prefix (e.g. "<?php exit;//") is unsafe. str_replace() replaces every occurrence of the needle anywhere in the buffer — including copies that appear inside the serialized payload (such as user-controlled string values). This corrupts the serialized byte-length headers a
str_replace('php', ...) is used as an extension-blocklist sanitizer but only neutralizes the literal substring "php". Web servers commonly execute .phtml and .pht as PHP, so attacker-controlled inputs containing those tokens survive sanitization and can be persisted into an attachment/upload allow-list, enabling arbitrary PHP file upload and remote code exec
A local char buffer is passed to xmlrpc_getstring() but is declared with a hardcoded size instead of CONFIG_XMLRPC_STRINGSIZE+1. xmlrpc_getstring() performs an unbounded strcpy() from an internal buffer of CONFIG_XMLRPC_STRINGSIZE+1 bytes, so any smaller destination can be overflowed by a remote attacker-controlled XML-RPC string parameter (CVE-2025-47869).
Missing bounds check for decompressed data. A buffer overflow may occur if the decompressed size exceeds the pre-allocated uncompressed buffer size.
Django `Widget` and `Field` instances are typically instantiated once at module-load time as class attributes on Forms. Generating a unique token (such as a UUID, random bytes, or signed string) in their `__init__` method will cause that token to be shared across all requests and all users handled by the worker process. This can lead to information disclosur
Path traversal validations often use `realpath()` to resolve paths and ensure they fall within an expected base directory. However, `realpath()` returns `false` if the target path does not yet exist on the filesystem. Strictly checking whether the resolved path is `false` (e.g., `if ($dest === false || strpos($dest, $base) !== 0)`) and treating it as a trave
User invitation lookup via `User::where('invite_hash', ...)` is performed without validating an expiration / freshness condition on the invitation. An attacker who possesses an unactivated invitation email can replay the `invite_hash` indefinitely to self-activate an account whose owner was later blocked or deleted (CVE-2025-48481, CWE-841 - Improper Enforce
H2 JDBC URL is validated against a hardcoded "INIT"/"RUNSCRIPT" blocklist using String.contains() (or a List.contains-driven loop over the same literals). H2 treats JDBC URL parameter names case-insensitively and tolerates URL-encoding and Unicode-equivalent forms, so a raw substring blocklist can be bypassed (e.g. `init=RUnSCRIPT FROM '...'`), allowing the
Unvalidated HTTP request input flows through str_replace('.', '/') into a translation file loader (->load()). The dot-to-slash conversion transforms user-controlled dot-notation into filesystem path separators, creating a path-traversal primitive. When the loader resolves the constructed path and require()s the resulting PHP file, an attacker can achieve arb
Untrusted user input is routed from an HTTP request to the `set_remote` function of a Git wrapper. This allows an attacker to inject shell metacharacters into the repository URL, leading to arbitrary OS command injection when the wrapper executes the underlying Git command.
Reading an executable path directly from an environment variable without sanitization or privilege boundary checks (like `secure_getenv`) can lead to privilege escalation.
An httpbody.HttpBody response is constructed with a ContentType derived from a stored resource.Type without coercing browser-renderable types (image/svg+xml, text/html, application/xhtml+xml) to a non-executing type such as application/octet-stream. Attackers who can upload files (e.g. SVG with embedded <script> or onload= handlers) can achieve stored XSS in
A callable from the static_tools dictionary is returned without wrapping in a return-value validator inside a Python AST name-evaluation function. Attackers can compose whitelisted higher-order functions (getattr, map, filter) with an allowed module attribute to produce forbidden module references — bypassing the sandbox's attribute-access guards and achievi
Security scans are being grouped or resolved solely by scanner, losing the report_type context. Update the grouping key and resolver execution to include both scanner and report type to avoid inaccurate vulnerability states.
Generating a Curve25519 key pair without appropriately initializing the randomness pool can result in low-entropy, duplicate, or predictable cryptographic keys. Ensure that the PRNG is correctly initialized and salted with sufficient hardware or system entropy (e.g., via `RNG.begin()` and `RNG.stir()`) prior to invoking `Curve25519::dh1()`.
Calling extract() on a request superglobal ($_REQUEST, $_GET, $_POST) inside MedicamentoControle imports every attacker-controlled HTTP parameter as a local variable without validation or type coercion. The resulting variables (e.g. $id, $nomeMedicamento) flow into SaudePetDAO SQL calls and into Location headers, enabling SQL injection (CWE-89) and arbitrary
Missing validation on table identifier before concatenation.
User-controlled HTTP input flows from an unvalidated Illuminate\Http\Request parameter into a Loader::load() call without allowlist validation. An attacker can supply path-traversal sequences (e.g. '../../../') in locale or namespace parameters to escape the translations directory and force inclusion of arbitrary PHP files, enabling unauthenticated remote co
An nftables configuration allows established connections or ARP/NDP packets before applying MAC/IP anti-spoofing filters. This improper network rule order permits an inside attacker to effectively spoof ARP or NDP messages and intercept traffic, bypassing required bridge network isolation features. To repair this issue, ensure MAC address authentication filt
Case-sensitive check for the `phar://` stream wrapper prefix using str_starts_with (or stripos/strpos/substr) without lowercasing the input. PHP stream wrapper resolution is case-insensitive, so attacker-controlled values like `PHAR://`, `Phar://`, or `pHaR://` bypass this guard. When the checked path is subsequently passed to filesystem functions (is_dir, f
The application calls `torch.load()` without the `weights_only=True` parameter. This can lead to arbitrary code execution via insecure deserialization of pickle data if the loaded file is untrusted or attacker-controlled.
JDBC URL parameter denylist uses URLDecoder.decode(...).contains(...) without case normalization. JDBC drivers (Postgres/Redshift, MySQL, etc.) treat parameter names case-insensitively, so an attacker can bypass this denylist by varying the case (e.g. "SSLFactory" vs "sslfactory") and still have the driver honor the parameter to load attacker-controlled clas
JDBC URL validation uses URLDecoder.decode(...).contains(...) against a denylist of dangerous parameter names. This check is case-sensitive and easily bypassed with case-shifted parameter names (e.g., SSLFactory vs sslfactory) that JDBC drivers still honor, enabling parameters like sslfactory/sslfactoryarg to load attacker-controlled classes (CVE-2025-53005)
JDBC URL is validated only via a substring blocklist using URLDecoder.decode(...).contains(...). Blocklists of dangerous JDBC parameters (e.g. socketFactory, sslfactory, sslhostnameverifier, sslpasswordcallback, authenticationPluginClassName) are inherently incomplete; the PostgreSQL/Redshift JDBC drivers honor several SSL-side parameters that, if forwarded
Using `Sanitizer::safeEncodeTagAttributes` to compile an HTML attribute string and directly passing it to a template parser object bypasses the view layer's native escaping mechanisms. If the Mustache/TemplateParser renders this data using raw evaluation (e.g., `{{{attributes}}}`), attackers can supply payloads that bypass attribute boundaries. Instead of ma
Unescaped output of potentially user-controlled variables using triple mustaches (e.g., `{{{.}}}`) allows Cross-Site Scripting (XSS). Variables representing untrusted fields like descriptions, summaries, or user messages should be escaped using double mustaches (`{{.}}`) to ensure correct HTML encoding.
Unsanitized input passed to `mw.util.addSubtitle` can lead to Cross-Site Scripting (XSS). This API inserts content as HTML into the DOM. Ensure that any dynamic input is escaped using `mw.html.escape()` before being passed to this function.
The 'shortdesc' property retrieved via `getProperty()` may contain arbitrary user-controlled HTML (e.g., from Extension:ShortDescription). Using or returning it without sanitization can lead to Stored Cross-Site Scripting (XSS). Ensure it is sanitized with `htmlspecialchars($val, ENT_QUOTES)` before use.
A SQL clause fragment containing a column comparison (`table.column OP`) is being built by concatenating a string literal with a method-call expression on `$this` (e.g. `' AND col.field = ' . $this->getX()` or `" entrada.data >= '" . $this->getPeriodo()['inicio'] . "' "`). When the resulting query string is later executed via PDO::query() (or similar), user-
Unsanitized query or path parameters are incorporated into the `openapi_url` passed to `get_swagger_ui_html` or `get_redoc_html`. This can lead to Reflected Cross-Site Scripting (XSS) because the URL is embedded directly in a Javascript context without additional escaping. Sanitize the user input using `urllib.parse.quote` before generating the documentation
A plugin or metadata structure lacks explicit validation of the `Version` field inside its `Validate()` function. Lack of strict validation (like Semantic Versioning constraints) allows attackers to embed directory traversal characters (e.g., `../`). This can result in arbitrary file writes when the dependency manager constructs paths using the unvalidated v
A credential field read from Docusaurus plugin options flows into client-side route data via addRoute or createData. Plugin options are serialized into webpack bundles at build time and are visible to anyone who inspects the site's JavaScript assets. Secrets must be read from process.env at build time only and must never be included in options passed to addR
A reader obtained from archive/zip (*File).Open() is decompressed with io.Copy and no cumulative size limit. A crafted zip archive (zip bomb) can inflate to arbitrary size and exhaust disk or memory, causing a denial of service (CWE-405; CVE-2025-53633). Replace io.Copy with io.CopyN inside a loop that accumulates bytes against a maximum-size budget, or wrap
The return status of opj_j2k_read_header is stored in $RET but the following guard on the output image pointer ($P && *$P) does not include $RET. When opj_j2k_read_header fails, *$P keeps the caller-supplied uninitialized value, and subsequent writes through *$P (e.g. color_space, icc_profile_buf, icc_profile_len) become an uninitialized- pointer dereference
Checking if a path is within a directory using `startsWith` without a trailing directory separator can allow attackers to access sibling directories. For example, `/app-malicious` starts with `/app`. Ensure that you append `path.sep` or a trailing slash to the base path before checking.
Sanitizing untrusted input by only replacing forward slashes ('/') is insufficient to prevent path traversal on systems like Windows, where backslashes ('\') are valid path separators. Attackers can bypass this sanitization using sequences like '..\'. Use robust path resolution (e.g., verifying the resolved path starts with the expected base directory) or us
Livewire HandleComponents calls the generic recursive `hydrate([$value, $meta], ...)` with attacker-supplied `$value` and snapshot meta during property-update hydration. Because `hydrate()` recurses into nested children without re-anchoring to the checksum-validated snapshot (`$raw`), an attacker can embed a synthetic-tuple `[payload, ['s' => '<key>', 'class
SQL query is built with fmt.Sprintf interpolating a caller-controlled identifier (e.g., a table or column name passed as a parameter) via %s and then passed to db.Prepare. Go's database/sql prepared statements parameterize VALUES only and cannot bind SQL identifiers, so this pattern is exploitable as SQL injection (CVE-2025-54379, CWE-89). Validate the ident
A PHP value is interpolated into a string with literal shell-quote characters (single or double quotes wrapping a variable) but without escapeshellarg(). When that string is later executed by a shell via ImageMagickHandler::process() (which forwards the assembled command to proc_open / exec / shell_exec / system / passthru), attacker-controlled values contai
Value from getenv() flows into a shell command executed via popen()/system() without validation or sanitization. An attacker who can influence the environment (e.g., container/pod spec, parent process) can inject arbitrary shell commands (CWE-77/CWE-78) and may also trigger a stack-buffer overflow when sprintf writes the unbounded value into a fixed-size buf
Logout handler does not regenerate or destroy the PHP session ID. Clearing application-level authentication state without rotating the session identifier leaves the session cookie valid after logout, enabling session hijacking and session-fixation attacks (CWE-613). Add a call to session_regenerate_id(true), session_destroy(), or an equivalent session-ID rot
Path component is sanitized with a blocklist that only strips '/', '\\', and ':' but leaves '..' segments intact. When this sanitized value is later joined into a filesystem path and used for I/O, an attacker can supply '..' to escape the intended directory (CWE-22 / CVE-2025-54802 in pyLoad CNL addcrypted). Use os.path.normpath() on the joined path and veri
opj_jp2_read_header() returns the result of opj_j2k_read_header() directly without first capturing it and validating that *p_image was initialized. On failure paths (truncated/malformed stream) opj_j2k_read_header() returns OPJ_FALSE without writing to *p_image, so propagating the result with a tail call leaves callers (e.g. OpenCV's Jpeg2KOpjDecoderBase::re
The privilege-elevating request parameter 'new_user_is_admin' is read without first checking that the caller has admin privileges. Because the same createAction() endpoint is reachable from the public registration flow, an unauthenticated attacker can submit this hidden parameter and self-register as an administrator (CVE-2025-54875 / CWE-284). Gate the read
The code silently falls back to `joblib.load()` on an else-branch after a condition failure. `joblib.load()` functions like `pickle.load()` and can execute arbitrary code from untrusted inputs. Loading an insecure format must happen via explicit opt-in (e.g., checking an `allow_pickle` flag) rather than serving as a silent fallback.
memcpy() writes $SIZE bytes to a destination computed by pointer arithmetic with offset `$IDX * $SIZE`, and the same $SIZE is used as the length. There is no preceding ET_CHECK_MSG capacity assertion of the form `offset + size <= buffer_size`. If $IDX or $SIZE is derived from untrusted tensor metadata, this is a heap buffer overflow (CVE-2025-54949, CWE-122)
Allocator call receives an unchecked `$N * sizeof($T)` byte count. If `$N` is large (e.g., attacker-controlled, derived from a model/file field), the multiplication can wrap `size_t` and the allocator will return an under-sized buffer while the caller still indexes up to `$N` elements, causing a heap buffer overflow (CWE-680, CVE-2025-54952). Guard the multi
fx_media_format() is called without checking its return status. If the format fails (for example because the RAM-disk buffer is smaller than total_sectors * sector_size), execution continues and subsequent fx_media_open / driver I/O operations on the misconfigured media can perform out-of-bounds reads/writes in the RAM driver, corrupting adjacent memory. Thi
User-controlled HTTP request data ($_POST/$_GET/$_REQUEST/$_COOKIE) flows into a PDO::query() or PDO::exec() call without prepared statements or integer validation. This enables SQL injection (CWE-89). Use $pdo->prepare() with bindValue/bindParam, or validate via filter_input(..., FILTER_VALIDATE_INT) / intval() before building the query string.
XWiki macro parameter ($xcontext.macro.params.PARAM) is interpolated directly into a Velocity string without XWiki rendering syntax escaping. Because the assembled string is subsequently parsed as XWiki 2.1 syntax, an attacker can supply metacharacters to close the current attribute context and inject executable macro blocks (e.g., {{groovy}}...{{/groovy}}),
A macro parameter retrieved with $xcontext.macro.params.get() is assigned directly to a variable without rendering-level escaping. If this value is later interpolated into XWiki 2.1 wiki syntax, an attacker can supply metacharacters (e.g., "%) " to break out of attribute context) and inject arbitrary wiki markup including scripting macros like {{groovy}}, ac
Zip extraction lacks validation to ensure the constructed extracted path remains safely confined within the target destination hierarchy. This allows an attacker to control the output location using directory traversal patterns, potentially overwriting sensitive files (Zip Slip). Verify the absolute extraction path using a boundary validation like `QFileInfo
Unconditionally overwriting a data structure's field with a temporary generated value that is later cleaned up via `defer`. If the field already contains a pre-assigned valid ID (like a user's private group ID), this operation overwrites it with an ephemeral ID that disappears on return, potentially causing fallback to default/unprivileged groups (e.g., GID
A Spring handler that returns the Assistant entity (which stores the third-party AI provider API `key`) is annotated with @NoTokenRequired. JwtTokenAdminInterceptor treats @NoTokenRequired as an unconditional auth bypass, so the raw entity — including the API secret — is returned to unauthenticated clients (CVE-2025-57266). Remove @NoTokenRequired and requir
getJdbc() returns the user-supplied JDBC URL via getJdbcUrl() inside the urlType != "hostName" branch without first validating that the URL begins with the expected JDBC scheme (e.g., getJdbcUrl().startsWith("jdbc:sqlserver")). An attacker who can set the datasource type to any non-H2 type while supplying driver=org.h2.Driver and jdbcUrl=jdbc:h2:mem:db;INIT=
When comparing an expected token or digest against user-provided input using `strncmp()`, dynamically calculating the comparison length using an input string size minus an offset (e.g., `input.size() - offset`) creates an authentication bypass vulnerability. An attacker can provide a shorter input or empty credentials that match a prefix of the expected toke
JDBC URL blocklist `illegalParameters` on a JNDI-prone DatasourceConfiguration subclass (DB2, Impala) omits JNDI/LDAP/Kerberos tokens (e.g. "jndi", "java.naming.factory.initial", "java.naming.provider.url", "connectionProperties", "krbJAASFile", "krb5.conf"). Driver-specific JNDI properties such as DB2's clientRerouteServerListJNDIName or Impala's krbJAASFil
Direct interpolation of untrusted GitHub Actions expressions in a `run` script can lead to command injection. Threat actors can escape string bounds or inject shell metacharacters. Map untrusted input to environment variables using `env:` and access them safely from within the shell context.
A DatasourceConfiguration subclass exposes getJdbc() that validates illegal URL parameter tokens but does not assert that the JDBC URL starts with the expected driver scheme prefix (e.g., "jdbc:h2"). Because the configuration's driver/URL fields are attacker-controllable, an attacker can substitute a different driver (e.g., com.amazon.redshift.jdbc42.Driver)
Direct interpolation of an unvalidated file extension into a file path before os.path.join can lead to path traversal.
`child_process.exec()` is being invoked with a template literal that interpolates a variable into the shell command string. Because `exec()` spawns a shell (`/bin/sh -c` or `cmd.exe`), shell metacharacters in the interpolated value can be used to inject arbitrary commands (CWE-77). Use `child_process.execFile()` with an arguments array, or `spawn()` without
Filesystem path is constructed by interpolating an unsanitized multipart upload filename property (`originalName` / `originalname`) into a template literal. The value is attacker-controlled and not normalized via `basename()` or replaced with a server-generated name, so path traversal sequences (e.g. `../`) escape the intended directory and cause arbitrary f
Chaos Mesh ctrlserver port (10082) or CTRL_ADDR is configured for the chaos-controller-manager in a rendered/static manifest. This exposes an unauthenticated GraphQL /query endpoint (CVE-2025-59358) containing OS command injection sinks in the killProcesses, cleanTcs, and cleanIptables mutations (CVE-2025-59360, CVE-2025-59359, CVE-2025-59361). The mutations
Base64 decoded data is parsed or used as a URL without protocol validation. Ensure the URL scheme is validated against 'http://' or 'https://' before using it to prevent Cross-Site Scripting (XSS).
`Function()` constructor called with string concatenation and immediately invoked is equivalent to `eval()`. Any attacker-controlled segment in the concatenated argument enables arbitrary JavaScript code execution with full Node.js runtime privileges (CWE-94). Replace with a safe, non-executing parser such as `JSON.parse()` or `JSON5.parse()`. Detected patte
AWS provider-config string field is validated only for emptiness or only via a prefix check, with no character-set / format constraint. These values are rendered by Terraformer into Terraform configuration and shell scripts that execute on the seed cluster, so attacker-controlled values can break out of the template (Terraform `${...}` interpolation, HCL syn
MediaWiki's HTML sanitizer permits generic `data-*` attributes supplied via user wikitext. Reading these non-prefixed `dataset` properties and parsing them as JSON allows attackers to inject malicious configuration payloads, leading to DOM-based Stored XSS. Attributes intended to be protected from user spoofing must use the `data-mw-` prefix (accessible via
Potential mass assignment. The 'is_project_admin' field is missing read_only constraints in get_extra_kwargs.
`JXPathContext.newContext(...)` is created without restricting its function library. Apache Commons JXPath, by default, allows XPath expressions to invoke arbitrary Java methods (e.g., `exec(java.lang.Runtime.getRuntime(),'cmd')`). If the XPath strings evaluated against this context can be influenced by untrusted input, this enables Remote Code Execution (CV
Using `pickle.loads` or other unsafe pickle functions as default arguments creates an implicit unsafe deserialization vector (CWE-502). If callers omit this parameter, untrusted data may be processed with `pickle`, leading to arbitrary code execution. Require callers to provide a deserializer explicitly, or default to a safe alternative like `json.loads`.
A `[0-9]+` quantifier without a possessive `++` appears before `\.` (literal dot) or `(` (alternation/capture group) in a regular expression passed to the `re` module. When the input is a long digit sequence that lacks the expected suffix (e.g. decimal point or ordinal ending), the regex engine tries every possible backtrack point exponentially, causing cata
The dchester/jsonpath library uses JSONPath components as object keys in its write-capable / traversal methods (value, apply, parent, _vivify, nodes, _normalize) without rejecting prototype-chain keys such as `__proto__`, `prototype`, or `constructor`. In versions < 1.2.0 this allows prototype pollution (CVE-2025-61140, CWE-1321) when path strings are influe
Hardcoding the SMTPSecure property to 'ssl' forces the use of a potentially deprecated SSL protocol instead of allowing modern dynamic options like STARTTLS ('tls'). This can expose communications to interception if the environment requires a different protocol configuration.
The user-controlled `id_pet` request parameter ($_GET/$_POST/$_REQUEST) is forwarded into a "Location:" header redirect whose URL carries the raw value back in the `id_pet=` query argument, without integer/whitelist validation. In CVE-2025-61605 (WeGIA /html/pet/profile_pet.php) this pattern allowed the raw `id_pet` value to be propagated to a downstream SQL
The middleware conditionally validates the 'Authorization' header only if it is present and formatted correctly, but falls through to request processing if it is absent or malformed. If this endpoint is meant to be protected, an attacker can bypass authentication by omitting the header. Ensure that the presence and validity of the Authorization header is enf
A tool was added to the MCP server without an internal authorization check. If the MCP server is exposed publicly or to untrusted local users via HTTP/SSE, this could allow unauthenticated users to execute the tool. Ensure that you authenticate the request, for example by checking `request.Header.Get("Authorization")` inside the handler, or by explicitly wra
Processing user-provided URLs directly into local file openings or HTTP requests without prior verification allows Local File Inclusion (LFI) and Server-Side Request Forgery (SSRF). Ensure paths and network accesses are checked against an allowlist or safe directory prefix.
Constructing paths via `filepath.Join()` from an archive entry (e.g., `header.Name`) without checking if the resulting path is still within the destination directory leaves the application vulnerable to Zip Slip or Path Traversal attacks. Ensure you validate the path using `strings.HasPrefix(target, dest)`.
A file path is opened without O_PATH, the file descriptor is immediately closed without being used for mounting, and the same path is later passed as a bind-mount source or destination. This TOCTOU window (CWE-363 / CWE-61) allows an attacker to replace the path with a symlink between close() and mount(), causing an arbitrary file to be bind-mounted and bypa
Authentication bypass vulnerability (CVE-2025-62235) in Apache NimBLE. The stack queries the security database for existing peer keys only if the incoming Security Request contains the BLE_SM_PAIR_AUTHREQ_BOND flag. An attacker can clear this flag to ignore the previously established bond and incorrectly initiate a new unauthenticated pairing procedure inste
Inadequate payload boundary check for EAP-MSCHAPv2 failure processing. The total message length is verified against 3 instead of accounting for the message header size. This causes an integer underflow when the header size is later subtracted off, enabling heap-based buffer overflows or out-of-bounds reads. Include the appropriate header length offset in the
`pickle.loads()` is invoked on bytes received as a parameter of a `deserialize()` method (typically a FrameSerializer / wire-format deserializer that receives data from WebSocket / network peers). Python's pickle module executes arbitrary code embedded in the stream via opcodes such as REDUCE / `__reduce__`, so unpickling attacker-controlled data is equivale
The event_thumbnail function is called without the extension argument, which leads to an internal server error when the application attempts to read properties off the shifted integer parameter.
A missing rate-limit check before verifying an authentication code allows an attacker to brute-force the code. Ensure that rate limiting, such as `check_email_authentication_attempt`, is enforced and its error is handled before querying for the authentication code.
Policy arguments inherited from another request may retain `DenyOnly = true`. When verifying restricted session policies, this causes only explicit denials to be checked, bypassing explicit allow requirements and leading to privilege escalation. Ensure `DenyOnly = false` is enforced when checking a session policy.
Archive entry sizing must account for PAX extended headers to prevent archive entry smuggling (CWE-130 / CWE-1284). Relying exclusively on the basic ustar header size allows an attacker to specify a falsely small size, causing the parser to prematurely conclude the file read and misinterpret remaining file data as injected tar entry headers. Ensure PAX exten
`Process::myself()` from the `procfs` crate performs component-by-component path resolution of `/proc/self` without anchoring to a pre-opened directory file descriptor. In environments with shared mount namespaces (container runtimes, sandbox code), an attacker can race the traversal by bind-mounting over an intermediate path component between a validation c
An untrusted integer size read directly from a message buffer is used to allocate memory via `$ALLOC` before verifying that the message actually contains that much data. This can trigger an Out-Of-Memory (OOM) condition. Verify the size against the available data limits using safe 64-bit arithmetic or dedicated limit verifiers before allocation.
`getProxyForUrl()` from `proxy-from-env` does not normalize hostnames with trailing dots (e.g., `localhost.`) or IPv6 bracket notation (e.g., `[::1]`). Using its result directly to configure a proxy without an independent no_proxy bypass check allows these non-normalized hostname variants to evade `no_proxy` matching, routing requests through the proxy when
User-controlled HTTP input reaches a shell execution function without per-argument escaping. Applying escapeshellcmd() to the full command string is insufficient: it intentionally leaves '/' and '.' unescaped, enabling path traversal (CWE-22) and OS command injection (CWE-78). Each untrusted argument must be individually escaped with escapeshellarg(), or inp
A user/session/API token is generated using `:base62.encode/1` without sourcing entropy from `:crypto.strong_rand_bytes/1`. This pattern produces structurally-predictable tokens (especially when combined with HMAC over user-identifiable inputs) that are brute-forceable or enumerable (CVE-2025-64097, CWE-330). Replace the token body with `:crypto.strong_rand_
Found a user-controlled title rendered in a Blade template without the `v-pre` directive. When this output is evaluated by Vue.js on the client side, it can lead to Client-Side Template Injection (Stored XSS) because Vue processes template expressions (like `{{ }}`) that standard Blade HTML escaping does not neutralize. Add the `v-pre` attribute to the immed
Field `$FIELD` is declared in a Lombok `@Data`/`@Getter` annotated class and its name starts with "get" followed by an uppercase letter. Lombok will generate the accessor `getGet...()` for this field, so any call that looks like `get<X>()` will silently dispatch to a different method (typically inherited from a parent class) instead of returning this field's
The NSIS installer script applies file and directory permission restrict policies exclusively when run with administrative privileges. If the installer runs as a standard user in a shared or writable location, the installation directory will retain overly permissive default permissions inherited from the parent location. This is a local privilege escalation
Constructing HTML attributes via direct string interpolation of untreated loop elements can lead to Cross-Site Scripting (XSS). An attacker can supply malicious payloads containing string-breaking characters like double quotes to inject arbitrary scripts. Ensure the value is sanitized using `CGI.escapeHTML` or a similar function before interpolation.
Path traversal leading to unsafe pickle deserialization.
A vulnerability resolution service is being invoked with only a pipeline ID, scanner ID, and ingested IDs, without distinguishing the specific report type. This logic flaw can cause a Denial of Service of security reporting in systems where different types of reports (such as SBOM vs. continuous scanning) use the same underlying scanner ID, allowing active v
The HTTP POST handler on an Invitation DetailView calls `$INV.accept(...)` without first invoking `self.validate_invitation(...)` to confirm that the authenticated request user is the invitation's intended recipient. The GET handler performing this check is not sufficient: a different authenticated user can submit the acceptance POST and gain the invitation'
Direct return of user-controlled content using `NextResponse` with a dynamic `Content-Type` but without `Content-Security-Policy` headers can lead to Stored XSS if the content is an SVG. Either validate and sanitize the content or set a strict `Content-Security-Policy` header with a `sandbox` directive.
The `httpx` client is initialized without explicit `event_hooks` or a custom network `transport`. When this client handles untrusted URLs, it is highly vulnerable to Server-Side Request Forgery (SSRF) and TOCTOU DNS rebinding. Pre-request static URL checking natively bypasses redirect loops and secondary DNS resolution, rendering such checks largely ineffect
HTTP request parameter is directly used in HQL query construction without bind parameterization, enabling HQL/SQL injection (CVE-2025-65091). Either a request parameter is assigned as the full HQL query string (allowing total query replacement), or it is interpolated inside a single-quoted string literal in the HQL WHERE clause (allowing single-quote escape
gray-matter is called without explicitly disabling the 'javascript' evaluation engine. Front-matter blocks using '---javascript' (or '---js') delimiters execute their body as arbitrary Node.js code, enabling remote code execution (CVE-2025-65108). Disabling only the 'js' alias key is insufficient; the canonical key is 'javascript'. Fix: matter(input, { engin
Command injection: subprocess called with shell=True and a formatted string (f-string, .format(), or %-formatting) that interpolates a variable into the shell command. Attacker-controlled values can inject shell metacharacters (e.g. ';', '&&', '|', backticks, $()). Pass arguments as a list with shell=False, or use shlex.split() on a fully-trusted constant st
Call to mktemp(3) creates a predictable temporary filename without atomically creating or locking the file. Any subsequent open()/fopen()/ creat() on that name is subject to a TOCTOU race (CWE-377): a local attacker who can write to the target directory can pre-create the predicted path as a symlink (causing arbitrary file write) or as a file whose name cont
This dict-encoder function escapes dict values but copies dict keys verbatim into the result dict (`$N[$K] = $QUOTED`). When the result is rendered into a SQL statement by a database driver's parameter converter, attacker-controlled dict keys are concatenated into the SQL unescaped, leading to SQL injection (CVE-2025-65896 in asyncmy; structurally identical
Insufficient URL scheme validation and incomplete SSRF filtering. Checking domains against blocklists merely by string matching without DNS resolution misses underlying IPs and allows DNS rebinding.
The model `$CLASS` is configured to allow public or guest users to perform the `$ACTION` operation. This is a sensitive model (like User or Account) and public mutation access can lead to privilege escalation, unauthorized account creation, or data tampering. Ensure that sensitive actions are restricted to authenticated and authorized users.
Bit-vs-byte unit confusion in bounds check against MAX_AIS_LENGTH. The constant MAX_AIS_LENGTH is defined in bits (MAX_AIS_BYTES * 8 = 1024), but shifting the index by `>> 3` converts it to bytes before the comparison. The guard therefore only fires when the bit index reaches ~8x the real buffer capacity, permitting a heap buffer overflow in the subsequent b
Potential Regular Expression Denial of Service (ReDoS, CWE-1333): the compiled regex pattern uses a greedy `.+` or `.*` quantifier flanked by literal character sequences on both sides. When user-controlled input matches the opening literal but lacks the closing literal, the engine performs O(n) backtracking per candidate start position, causing O(n^2) total
A logical precedence error allows short-circuiting of `is_uploaded_file` checks. The condition evaluates an `||` operator where the right side contains the `is_uploaded_file` security check. Due to short-circuiting, if the left side of `||` is true, the `is_uploaded_file` check is entirely skipped, allowing an attacker to supply a malicious local or arbitrar
A custom server configuration misses automatic DNS rebinding protection when bound to localhost. This was specific to FastMCP's 'transport_security' handling.
Detected direct assignment of the `altTable` argument to the internal CFML instance variable without validation or sanitization. This is indicative of a SQL Injection vulnerability if the table name is not checked against a list of valid structures or sanitized using `reReplace`.
The error from crypto/rand.Read (or uuid.NewRandom, which wraps crypto/rand) is silently swallowed: the failure path either returns without surfacing the error, returns the all-zero UUID constant, or falls back to another UUID/token generator. When the OS entropy source fails, the resulting identifiers become predictable (e.g. always the zero UUID), which br
HTTP forwarding headers X-Forwarded-For and X-Real-IP are client-controlled values that flow into a security-sensitive operation without trusted proxy validation. Any unauthenticated client can forge these headers to spoof their source IP, poison access logs, and bypass IP-based authorization checks (CVE-2025-66570 / CWE-290). Use the socket-level remote add
memcpy into a reassembly packet buffer (rbuf->pkt->data) using the incoming fragment's size (pkt->size) without verifying that the reassembly buffer is large enough (rbuf->pkt->size >= pkt->size). In the IPv6 fragment reassembly first-fragment (offset=0) path, omitting this bounds check allows a remote attacker who can send two crafted fragments with the sam
Session attribute "switchJimuDrag" is being stored as a boolean (auto-boxed to Boolean), but JimuReport's authorization code compares this attribute using String.equals (e.g. `"true".equals(session.getAttribute("switchJimuDrag"))`). Storing a Boolean here causes the authorization guard to silently fail open, exposing the `/jmreport/testConnection` endpoint t
File upload handler reads $_FILES and persists it via move_uploaded_file() without validating the file extension against a strict allowlist. MIME-type checks are insufficient: PHP source files match text/plain, and mime_content_type() silently does nothing on installations without the fileinfo extension. If the uploads directory is web-accessible, an attacke
A module blocklist was identified that attempts to protect against arbitrary code execution by blocking modules like `subprocess`, `sys`, and `builtins`, but fails to block `marshal`. Attackers can bypass this blocklist during deserialization (e.g. unpickling) or dynamic module loading by utilizing `marshal.loads` and `types.FunctionType` to deserialize and
The core context server is initialized using the legacy `ContextServer::http` method, which lacks dynamic OAuth token provisioning support. This can result in unauthorized access failures or authentication bypasses. Use `HttpTransport::new_with_token_provider` combined with `ContextServer::new_with_timeout` to ensure proper OAuth session management.
Discovered Bluetooth service UUIDs are copied into an array using an incremented index without a bounds check. A malicious device exposing an excessive number of services can cause a stack buffer overflow. Introduce a bounds check (e.g., `if (index < MAX)`) to prevent out-of-bounds writes.
Validation of AVRCP vendor command length is insecure. The code either uses AVRC_MIN_CMD_LEN (20 bytes) which is too small for vendor messages (29 bytes), or it relies on assert() for validation which is compiled out in production (NDEBUG) builds. This can lead to heap-based out-of-bounds writes. Replace assert() with a runtime conditional and use a properly
An absolute URI can implicitly bypass the configured base URI logic. Ensure the parsed host is validated against the base host to prevent SSRF and credential leakage to unintended external servers.
Hardcoded string literal used as a tonic gRPC `authorization` metadata value. This places a static, non-rotatable shared secret in the source tree, which is equivalent to no authentication at all once the code is published or leaked (CWE-798, CWE-287). Any peer that knows the literal can authenticate to the gRPC service. Replace the static token with a per-r
Security-sensitive token is derived from a non-cryptographic PRNG (mt_rand() and/or uniqid()) and then hashed (sha1/md5/hash). Mersenne Twister state is recoverable from a small number of outputs, and uniqid() encodes a microsecond timestamp (~20 bits of entropy). Hashing does not add entropy. Use random_bytes() (or random_int()) as the entropy source for au
Pydantic BaseModel declares a `command: list[str]` field with no `@field_validator("command")`. If this list is forwarded to a subprocess/docker/shell sink (e.g. concatenated with a docker binary path and executed via python_on_whales, subprocess, os.system, etc.), an attacker controlling the request body can inject arbitrary command-line arguments and subco
Regex compiled with a possessive quantifier ('++') can cause catastrophic backtracking (ReDoS) when the compiled pattern is applied to user-controlled text via .sub() or .match(). The possessive quantifier prevents the engine from releasing already-consumed characters, so .sub() scanning at every position in a crafted input yields O(N^2) CPU time. This is th
A cryptographically weak pseudo-random number generator (PRNG) was detected. Functions like `random()`, `rand()`, or weak wrappers (e.g., `turn_random()`) lack sufficient entropy for generating security-sensitive values like authentication nonces, keys, or for port randomization. This allows attackers to reconstruct the internal state and predict future valu
Authentication/API token is generated using itsdangerous.URLSafeTimedSerializer keyed by a non-secret value (e.g. tenant_id) and/or signing a predictable payload such as a UUID, with the output being sliced. This treats the serializer as a randomness source instead of a verifiable signed token. URLSafeTimedSerializer produces deterministic base64(payload).ti
Constructing SQL queries dynamically using string formatting (e.g., f-strings, `.format()`, `%`, or `+`) inside `sqlalchemy.text()` bypasses SQL parameter binding and creates SQL injection vulnerabilities. Use a static string literal with named parameters and `.bindparams()` instead.
A hard-coded string literal is used as the secret/key parameter of jsonwebtoken `sign` or `verify`. Embedding the HMAC signing key in source code allows anyone with access to the repository or a shipped bundle to recover the key and forge tokens with arbitrary identity and group claims, leading to authentication bypass and privilege escalation (see CVE-2025-
Express POST upload route writes user-supplied data to the filesystem without any authentication middleware between the route path and the handler function. Unauthenticated remote attackers can upload arbitrary files, enabling overwrite of sensitive files (e.g. user databases) or planting executable scripts (CVE-2025-69981, CWE-306/CWE-434). Register the rou
Path sanitization relies on a naive string/regex replace of "../" instead of resolving the final path and verifying it stays within the intended base directory. Blacklisting "../" does not handle absolute paths, encoded traversal sequences, mixed separators, or sequences that reappear after path.normalize, and is bypassable. Use path.resolve and verify the r
webpack-dev-server is configured with a `proxy` (or `contentBase`) but without an explicit `host` binding. Recent versions of webpack-dev-server bind to all network interfaces by default, and webpack-dev-server has no built-in authentication: any host reachable on the dev server's port can pivot through the configured proxy rules (for example forwarding /api
Signer certificate is validated against extendedKeyUsage XKU_CODE_SIGN but the X.509 keyUsage extension is not checked for X509v3_KU_DIGITAL_SIGNATURE. RFC 5280 section 4.2.1.3 requires that, when keyUsage is present, a certificate used for signing must assert digitalSignature. Failing to enforce this allows certificates whose issuing CA did not authorize di
Using `String.startsWith()` to check if a file path is safely contained within a directory is vulnerable to a partial path match bypass. For example, checking if `/tmp/dir_evil` startsWith `/tmp/dir` returns true, bypassing validation and potentially leading to path traversal (Zip Slip) attacks. Use the `java.nio.file.Path.startsWith()` method instead, which
Explicitly disabling TLS certificate validation by passing `ssl_verify_cert=False` to DAVClient makes the application vulnerable to Man-in-the-Middle (MitM) attacks.
Grouping scans or vulnerabilities solely by `scanner` without including `scan_type` or `report_type` can result in improper vulnerability resolution or cross-contamination if a single scanner produces multiple types of reports. Group items using a composite key.
An array containing private IP CIDR ranges is missing the IPv4 multicast block ('224.0.0.0/4'). If this list is used for SSRF protection via a denylist, attackers can bypass it using multicast IP addresses to route requests internally. Ensure '224.0.0.0/4' is included in the blocklist.
Tar archive members are being filtered via `name`, but checks for symbolic or hard links (`issym`, `islnk`, `linkname`) are omitted. This can lead to Path Traversal (TarSlip) vulnerabilities, enabling arbitrary file writes via crafted links.
An attribute is retrieved from a dynamically imported module and returned without type validation. If this code path is controllable by an attacker, it can lead to arbitrary code execution or unsafe deserialization bypasses when the caller attempts to instantiate or use the unauthorized object gadget. Ensure you validate the object's type against an expected
Template is rendered with gonja's default environment via gonja.FromString / gonja.FromBytes / gonja.FromFile. The default environment ships with an unrestricted filesystem loader, so Jinja2 composition directives in the template body (e.g. {% include "/etc/passwd" %}, {% extends %}, {% import %}, {% from %}) are resolved against the host filesystem. If any
A dictionary configuring standard HTTP security headers (such as Content-Security-Policy) was detected, but it lacks the 'Cross-Origin-Opener-Policy' (COOP) header. Without COOP, cross-origin pages that open your application can retain a reference to its browsing context and interfere with flows like OAuth. Ensure the COOP header is set and enforced (e.g., t
Data is being aggregated based purely on the `.scanner` property. This fails to differentiate by scan type, leading to business logic flaws where distinct scan reports clobber each other's vulnerabilities. Group by a composite key including both `.scanner` and `.scan_type` or `.report_type`.
The PHP `unserialize()` function was called with an options array using the incorrect key `'allowedClasses'` instead of `'allowed_classes'`. PHP ignores invalid keys, resulting in unrestricted deserialization, potentially leading to Remote Code Execution (RCE) via object injection. Update the key to `'allowed_classes'` or use a secure polymorphic deserialize
Insecure deserialization of user-controlled request data using `pickle`. This can lead to remote code execution (RCE) if an attacker provides a crafted serialized payload. Do not use `pickle` with untrusted data; instead, consider JSON, or correctly restrict unpickling operations.
An incomplete path traversal guard only checks for '/' or '..', but misses Windows-style backslashes ('\') or absolute paths. When used with `os.path.join()`, this allows attackers to bypass the guard using absolute Windows paths (e.g., C:\Windows\System32), leading to arbitrary file access and path traversal. To restrict file access to a specific directory
The URL validation method `is_safe_url` is invoked without enabling protections against private IPs (`block_private=True` or `strict=True`). This bypasses checks against Server-Side Request Forgery (SSRF) and allows enumeration of internal networks via private, loopback, or link-local address resolution. Ensure that URL validation explicitly blocks non-publi
When validating if a path is a subdirectory of a base directory using `str.startswith()`, it is necessary to append a trailing directory separator (e.g., `os.sep` or `/`) to the base directory. Otherwise, a path like `/var/music_secret` will incorrectly pass validation when checked against a base directory like `/var/music`, leading to path traversal or unau
AST visitor used to sanitize untrusted JavaScript expressions does not install a `visitWithStatement` hook. A `with(obj){}` block injects `obj`'s own properties into the scope chain at runtime, so an attacker can shadow locally-declared identifiers (e.g. `var constructor = 123` shadowed by `Function.prototype.constructor`) and reach `Function(...)`/`process.
Walking a dot-notation path via Array.reduce and assigning each segment as an object property (`$RES[$PROP] = $RES[$PROP] || {}`) without filtering `__proto__`, `constructor`, or `prototype` enables prototype pollution (CWE-1321). When the path is attacker-controllable (e.g., rule condition keys, JSON config, query parameters) a value such as `__proto__.x` w
torch.load() is called without weights_only=True inside the trainer's _load_rng_state method. By default, torch.load (on PyTorch < 2.6) deserializes via pickle and can execute arbitrary code from a malicious rng_state.pth checkpoint file. Wrapping the call in safe_globals() does NOT mitigate this on PyTorch < 2.6 because safe_globals() returns contextlib.nul
Security guard is conjoined with `! $request->ajax()`, so AJAX/API callers bypass the redirect/abort by setting `X-Requested-With: XMLHttpRequest`. Apply the security check to all requests and return an explicit 403/JSON response for AJAX clients instead of skipping the check.
This function validates a password-reset / token record by comparing `$RESET.key` for plain equality without verifying the record's age or using a constant-time comparison. Reset tokens that never expire allow account takeover when an attacker obtains a previously issued (unused) reset email — e.g., from a leaked mailbox archive (CWE-613). Enforce an expirat
Use-after-free / double-free: DeleteHint() is called on a hint manager after AddHint() has already transferred ownership of the same hint pointer to that manager. The hint manager owns and will eventually delete the hint object (and consumers of the manager may retain references into it), so an explicit DeleteHint() on the just-added pointer frees memory tha
Directly mutating properties (e.g., `Timeout`, `Transport`, `CheckRedirect`) of a shared `http.Client` structure (such as via a method receiver field) without synchronization can cause a race condition. This cross-request state contamination might result in leaking credentials or routing behavior to concurrent requests. Instead of mutating a shared `http.Cli
Authentication compares a bracket-indexed object lookup (e.g. users[username]) to a value using loose equality (==). When the bracket key originates from untrusted input, an attacker can pass "__proto__" so the lookup returns Object.prototype, which is truthy and is coerced by == to "[object Object]" — matching a chosen password and bypassing authentication.
Using the internal `safeDecodeURI` function from `find-my-way/lib/url-sanitizer` fails to properly canonicalize URL-encoded paths. This discrepancy allows attackers to bypass middleware constraints using URL context encoding (e.g., `/%61dmin` instead of `/admin`), while the underlying router resolves the targeted endpoint. Replace this internal method with t
Reassigning a raw, undecoded URL to the request object in a framework integration may create a parsing differential routing bypass if downstream routers expect a decoded path but native handlers decode it independently.
Explicitly retrieving a secret value via `.get_secret_value()` and logging the result can expose sensitive plaintext credentials in log files or centralized log aggregation systems. This defeats the purpose of wrapping secrets in protective types like Pydantic's `SecretStr`. Remove the secret extraction from all log statements.
Kyverno apiCall constructor invoked without a `policyNamespace` argument. Without this argument, `apiCall.Fetch` substitutes user-controlled context variables into `URLPath` and forwards the resolved path to `client.RawAbsPath` under the Kyverno admission controller ServiceAccount identity, with no enforcement that the request is scoped to the policy's own n
Throwing a host-realm `new Error()` at a VM/sandbox boundary exposes the full host prototype chain to sandboxed code. Sandboxed code catching this Error can traverse Error -> Error.prototype -> Error constructor -> Function constructor to reach the host Function constructor and execute arbitrary JavaScript in the host process, achieving full sandbox escape (
MCP stdio subprocess is launched via NewStdioMCPClientWithOptions with caller-controlled command/args/env, without a preceding allowlist validation (e.g. ValidateStdioConfig). Same root cause as CVE-2026-22688 / CWE-77: an authenticated user can supply arbitrary command and args (e.g. {"command":"bash","args":["-lc","..."]}) that are passed directly to os/ex
FastAPI exception handler returns exception detail/message to the client via ErrorInfo/ErrorResponse without sanitization. Python exception strings frequently embed object reprs of the form `<... object at 0x7f...>`, leaking heap addresses that defeat ASLR (CVE-2026-22778, CWE-532). Wrap the value passed to `message=` with `sanitize_message(...)` (or an equi
Direct execution of bulk SQL statements from a parsed file or string without statement validation. An attacker could bypass application intent to run arbitrary SQL statements if user inputs or unsanitized file contents reach this operation.
Reassignment of an AUDIO_FORMAT array via audio_formats_new() without first freeing the previous array (audio_formats_free) and resetting the associated formats_count counter to zero. Repeated execution (for example, multiple MSG_SNDIN_FORMATS PDUs from a remote server) causes the stale counter to drive writes past the end of the newly allocated array (CVE-2
Authorization middleware fails to check if the user has an explicit administrative role before granting access to sensitive handlers.
The constant-time "is non-zero" bitwise idiom `(x | x.wrapping_neg()) >> N` produces a boolean-shaped (0 or 1) result. Without a `core::hint::black_box()` optimization barrier wrapping this expression itself, LLVM may rewrite downstream mask arithmetic into a conditional branch on targets without a conditional-move instruction (notably `thumbv6m-none-eabi` /
Call to unserialize() without an 'allowed_classes' option (or with 'allowed_classes' => true) deserializes attacker-controllable data and will instantiate ANY class registered in the autoloader. This enables PHP Object Injection / unserialize gadget chains leading to Remote Code Execution (CWE-502). Always pass a second argument with an explicit allow-list,
Resizing a single capability buffer (FreeRDP_ReceivedCapabilityData / FreeRDP_ReceivedCapabilities / FreeRDP_ReceivedCapabilityDataSizes) via freerdp_settings_set_pointer_len_ while bumping the shared FreeRDP_ReceivedCapabilitiesSize tracker leaves the three logically parallel arrays out of sync. Later code iterates all of them up to ReceivedCapabilitiesSize
Constructing a file path using a `.slug` attribute without sanitization can lead to path traversal vulnerabilities (CWE-22) if the attribute is untrusted or controlled by an external/compromised entity (e.g., an API server). Directory traversal sequences like '../' or absolute paths can escape the intended output directory. Always use sanitization functions
A function declared with SECURITY DEFINER queries the `pg_seclabels` view. Querying this catalog view within a privileged context allows an attacker with CREATE privileges to execute malicious code via a crafted view with superuser privileges.
Missing yielding state verification during synchronization payload handling can lead to Use-After-Free if the underlying engine is replaced or freed. Ensure that asynchronous synchronization defers execution while scripts are currently yielding.
Hono node server (or equivalent serve() call) is bound to "0.0.0.0", exposing the service on every network interface. Local developer tools that expose privileged endpoints (process spawn, file access, plugin install) must bind to the loopback address ("127.0.0.1") to prevent remote attackers — including drive-by browser requests from malicious sites — from
A sandbox interception map registers the `Function` constructor but not `AsyncFunction`. Sandboxed code can escape the sandbox by accessing `(async () => {}).constructor` to obtain the native host AsyncFunction constructor, then calling it to create and execute functions entirely outside all sandbox restrictions. Register AsyncFunction (obtainable via `Objec
Retrieving sensitive data from URL query parameters risks exposing it in server access logs, reverse proxy logs, and browser history. Read sensitive data from the HTTP request body instead (e.g., via JSON payload or form data).
Potentially unbounded Error generation for debug stack traces during recursive/looping React element creation. Can cause Denial of Service when processing large inputs.
A potential Denial of Service (DoS) vulnerability exists where an array's length is arbitrarily expanded using unvalidated values from another array. A subsequent unbounded index-based `for` loop over this sparse array traverses all array empty slots (holes), potentially causing excessive CPU consumption and a blocked main thread. Validate integer bounds bef
A method accepts raw byte data, unmarshals it, and appends it to a stateful context without checking the cumulative size of the context data. In policy or template engines, this can allow attackers to mount memory amplification attacks leading to Denial of Service (DoS) via resource exhaustion.
NewEnvProxyMiddlewareWithParam is invoked without an AuthValidator argument. The environment proxy middleware runs before route-level authentication and, when an environment ID is non-local, forwards the request to the remote agent with the manager-held agent access token attached. Without an AuthValidator, unauthenticated callers gain agent-level access to
A custom tarfile extraction filter is being used. If this custom filter modifies the `TarInfo` (e.g., to strip path components) without validating against path traversal (Zip Slip), it may lead to arbitrary file writes. Ensure your custom filter composes with `tarfile.data_filter` to securely extract archives.
Constructing paths with `os.path.join` using user input can lead to path traversal vulnerabilities (CWE-22). If string prefix or similar checks are applied before resolving the final path, attackers can bypass access controls by tricking the prefix check while traversing directories later. Use `django.utils._os.safe_join` to securely combine paths so that th
Use of insecure unpickling wrapper.
`.yarnrc.yml` does not contain `enableScripts: false`. Yarn 4 executes install/postinstall lifecycle scripts from every (transitive) dependency by default. A malicious or compromised package resolved into the lockfile (typosquat, hijack, freshly published version) can therefore obtain arbitrary code execution on any developer or CI machine that runs `yarn in
Handling of Kubernetes Service Type "ExternalName" without configuration-based safeguards. An attacker who can create ExternalName Services and Ingresses can route traffic to arbitrary internal endpoints (SSRF). Ensure ExternalName routing is disabled by default and conditionally enabled via configuration.
A filename parameter is split using `os.path.splitext` and stored directly into instance configuration without being sanitized first. If this filename originates from an untrusted source (like a multipart upload) and its components are later used in file creation, directory traversal characters may lead to arbitrary file writes. Use `os.path.basename()` to s
Unescaped variables are concatenated directly into a quoted string within a loop. If this string is used in a text-based protocol (like IMAP, SMTP, LDAP), it can lead to command injection where attackers can inject quotes or newlines to break out of the string boundary. Ensure you escape variables appropriately before concatenation.
Direct concatenation of unsanitized strings starting with '/' into a generated PDF allows injection of arbitrary PDF objects, including malicious JavaScript actions.
FindContainer wrapper accepts a `container.ContainerLabels` authorization scope but forwards only the container ID to the delegated `FindContainer` call, silently dropping label-based access control. A label-restricted user can then resolve any container ID on the agent host, bypassing tenant/scope isolation (CVE-2026-24740, CWE-863). Pass `labels` through t
User input is passed to a file deletion API without sanitization. This can lead to arbitrary file deletion via path traversal.
The method 'getURL' or 'getSourceURL' declares '$grant = true' as the default parameter value. This automatically grants session-based access to protected assets for any caller that omits the argument, bypassing file permission checks entirely. Change the default to '$grant = false' so that access grants are an explicit, opt-in decision by callers rather tha
Proxy handler class with a `set(target, key, value, receiver)` trap accepts a wrapped object in its constructor without validating an unforgeable construction token. If an instance of this handler ever leaks to untrusted code (e.g., via util.inspect with showProxy:true, which exposes the handler in `this.seen`), an attacker can walk `Object.getPrototypeOf(ha
Deserializer iterates over feature flags from an externally-supplied buffer and only logs a warning (R__LOG_WARNING) for unrecognized bits instead of returning an R__FAIL error. An attacker who supplies a crafted RNTuple file can set a bit corresponding to a future or unsupported feature and have the current deserializer silently continue parsing footer/head
BN_bn2dec() writes `*lp = BN_div_word(...)` before checking that `lp` is still within the `bn_data` allocation. The buffer-size estimate derived from BN_num_bits() is off-by-one for certain inputs, so the post-write bounds check (`lp - bn_data >= bn_data_num`) allows a one-BN_ULONG out-of-bounds heap write before aborting (CVE-2026-24832, upstream CVE-2016-2
Extracting archive entries without validating concatenated paths could lead to path traversal (arbitrary file overwrite). Ensure that the resolved destination path is strictly validated to reside within the intended extraction directory bounds.
Byte index computed via strings.Index/LastIndex/IndexAny on a strings.ToLower() copy will be misaligned with the original string when the input contains Unicode characters whose lowercase form has a different UTF-8 byte length (e.g. Ⱥ → ⱥ grows from 2 to 3 bytes, İ expands to two codepoints). If that index is later used to slice or offset into the original (
Unauthenticated PHP endpoint (sets $ignoreAuth = true to bypass auth) echoes the raw return value of an API login call directly as JSON. Login responses commonly contain bearer tokens, session credentials, or other secrets. Filter the response before echoing — return only non-sensitive status fields such as {"success": true} or {"error": "..."} — and add a f
Variables derived from archive extraction are read directly into memory using `fs.readFile()`. If the archive is a "zip bomb" (highly compressed large files) and lacks size checks, this leads to memory resource exhaustion and Denial of Service (DoS). Replace complete file buffering with bounded streams or explicitly validate the file size before reading it i
Disabling TLS certificate verification by default allows Man-in-the-Middle (MitM) attacks. Relying on insecure default configurations can compromise all subsequent communications. Ensure the default configuration requires secure TLS validation by setting this parameter to 'false'.
This AST visitor inspects attribute names in `visit_Attribute` but does not implement `visit_MatchClass`. Python 3.10+ structural pattern matching binds class attributes to local names via `ast.MatchClass.kwd_attrs` (e.g. `case Exception(__traceback__=tb)`) without producing an `ast.Attribute` node, so the denylist enforcement in `visit_Attribute` is silentl
The OAuth callback fails to validate the `state` parameter. It retrieves the `code` parameter but does not fetch or check a `state` parameter. This missing verification allows an attacker to conduct a Login Cross-Site Request Forgery (CSRF) attack by supplying their own authorization code. Always fetch and validate `state`.
An internal custom unmarshaling routine reads a dynamically-sized length field from a message and uses it as the byte-count parameter for copy operations into a fixed-size buffer, without verifying if the length exceeds the boundary of the target field.
A sandbox op handler passes the raw return value of a native host-realm function call directly to the done() completion callback without checking for dangerous host objects (e.g. globalThis or the host Function constructor). An attacker can chain Object.values/Object.entries with Array.prototype.at to extract the host Function constructor and execute arbitra
Calling hasOwnProperty() as a direct instance method on an object can be defeated by an attacker who supplies an object with a shadowed hasOwnProperty (e.g., { hasOwnProperty: () => true }). In sandbox or security-boundary code this causes prototype-access guards to silently pass, enabling host Object.prototype pollution. Use Object.prototype.hasOwnProperty.
Calling `.hasOwnProperty()` as an instance method in a function-property mutation guard is unsafe in sandbox or access-control code. When the guarded object is itself a prototype (e.g., `Map.prototype`), its built-in methods ARE own properties. As a result, `!obj.hasOwnProperty(prop)` evaluates to `false` and the guard silently permits the overwrite. This al
`importlib.import_module()` is called with a non-literal argument and the result is passed to `getattr()` to dynamically resolve a class. If either value originates from user-controlled input (e.g., a JSON "__type__" field, a msgpack payload, or any deserialized structure), an attacker can load arbitrary installed Python modules and instantiate arbitrary cla
A URI path is resolved and validated against `os.getcwd()`. When processing external resources (like archives or unzipping logic), validation must be bounded against the specifically intended container extraction base, not the generic working directory. Falling back to `os.getcwd()` permits directory traversal attacks that can overwrite or query any files ac
A recursive merge/assign callback writes to `result[key]` (and may recurse via a deep-merge call) without filtering the dangerous property names "__proto__", "constructor", and "prototype". When the source object is attacker-influenced (e.g., parsed JSON used as request config), iterating its keys and assigning them onto a fresh object pollutes Object.protot
Property key $KEY is used in a hasOwnProperty() security check and then in a computed property access without first coercing it to a string primitive. A non-primitive $KEY implementing toString() or [Symbol.toPrimitive] can return different values on successive evaluations — an allowed name during the hasOwnProperty check and a dangerous key ('__proto__', 'c
Call to CodeChecker permissions helper (`require_permission`, `require_manager`, or `has_permission`) does not pass the `is_auth_enabled` flag. With a missing flag, these helpers short-circuit to True when `auth_session` is None, granting anonymous callers full authorization for permission-management RPCs reachable via the `/Authentication` Thrift endpoint (
The `Templite` templating engine processes embedded Python expressions within templates. Initializing `Templite` with untrusted template data leads to Server-Side Template Injection (SSTI) and arbitrary Remote Code Execution. Replace the insecure `Templite` engine with a standard logic-less implementation like `pystache` (Mustache) or configure an isolated e
Unescaped user input passed into PDF /JS string context. An attacker can use unescaped parentheses ')' to break out of the string literal and inject arbitrary PDF objects or commands. Provide proper escaping for parentheses before embedding.
WebSocketServer is instantiated without an explicit `host` parameter. The `ws` library defaults to 0.0.0.0 (all network interfaces) when `host` is omitted, exposing the server to any remote attacker with network access to the port. Set `host: '127.0.0.1'` to restrict to localhost unless external access is explicitly intended and separately protected by authe
Certificate verification does not account for alternate fingerprints generated by ECDSA signature malleability (high-S/low-S forms). An attacker can alter the signature to its alternate valid form, changing its fingerprint without affecting signature validity, and thus bypass a fingerprint-based blocklist.
bcrypt.hash() / bcrypt.hashSync() is being called with a hardcoded string literal as the password argument. This embeds a known credential into the source code (CWE-798: Use of Hard-coded Credentials). Even if the resulting bcrypt hash is stored in a database, the cleartext password is publicly visible in the repository, so any attacker can authenticate with
Untrusted HTTP request body or remote response is being deserialized with pickle.loads / pickle.load / cPickle.loads. Python's pickle protocol can execute arbitrary code via __reduce__ during deserialization, which yields unauthenticated remote code execution when the input originates from a network source (e.g. Flask `request.data`, `request.get_data()`, `r
Calling `SkipClean(true)` on a `gorilla/mux` router disables automatic URL path cleaning. This allows unnormalized path payloads (like using multiple consecutive slashes) to bypass path-based access control, routing, or authorization rules that rely on normalized paths. If the underlying filesystem or downstream service subsequently cleans the path, an attac
A JWT is being signed with identity claims (e.g., id/groups) derived from a client-controlled HTTP request header (such as `x-auth-user` or any value read from `req.headers`). This lets an unauthenticated caller forge the header and receive a valid server-signed token asserting an arbitrary identity (CVE-2026-25893, FUXA pre-1.2.10). Derive identity exclusiv
The application backend fails to verify the specific configuration state (`Installer::isConfigured()`) before proceeding with privileged plugin modification operations, allowing an attacker to bypass frontend feature toggles. Fix this by checking the installation state and throwing an `AccessForbiddenException`.
Authentication / authorization decision based on the HTTP `Referer` header. The Referer header is set by the client and is trivially spoofable, so calling `next()` (or otherwise granting access) based on its contents bypasses any real authentication check (CWE-290 / CWE-306). Verify a cryptographic credential (JWT, API key, signed session) instead of trustin
Unsanitized assignment to jsPDF AcroForm properties `appearanceState` or `AS` can lead to arbitrary PDF object injection. Attackers can leverage this to execute malicious actions (such as embedded JavaScript) within the context of the PDF viewer. Update jsPDF to version 4.2.0 or later, or properly escape input (e.g., removing PDF structural characters like '
RdpgfxClientContext registers UpdateWindowFromSurface but does not register UnmapWindowForSurface in the same initializer. UpdateWindowFromSurface caches an XImage whose data pointer aliases the RDPGFX surface buffer; without an UnmapWindowForSurface callback to invalidate that cached alias before the surface backing buffer is freed by gdi_DeleteSurface, a m
buildFixedString on TextColumnsFormatter renders a string field directly to the terminal column output without neutralizing ANSI / control escape sequences. Attacker-controlled string fields from eBPF events (comm, args, filenames, etc.) can inject terminal escape sequences, enabling log forgery, cursor manipulation, OSC 8 phishing, clipboard writes, or term
xf_cliprdr_free_formats is called on $C->lastSentFormats without the surrounding xf_lock_x11/xf_unlock_x11 pair. The cliprdr channel thread can free this array while the X11 event thread concurrently iterates it in xf_clipboard_changed / xf_clipboard_format_equal, producing a heap use-after-free (CVE-2026-25997, CWE-416). Serialize the free with xf_lock_x11(
The validateMsg() overload for geometry_msgs::msg::PoseWithCovarianceStamped checks the header and pose sub-fields but never validates the 36-element pose.covariance array. Unsanitized non-finite or extreme (>1e9) covariance entries flow into AMCL's pf_init()/pf_cluster_stats(), where a negative cluster index (-1) is used as an array subscript and corrupts h
Using `Array.prototype.includes()` to guard against prototype-pollution keys ('__proto__', 'constructor', 'prototype') is bypassable. An attacker who can execute JavaScript in the same realm before this guard runs can shadow `Array.prototype.includes` (e.g., `Array.prototype.includes = () => false`), causing the check to silently pass and allowing the forbid
Using `strings.HasPrefix` to verify that a path resides within a directory can lead to partial-path traversal bypasses. If the directory path does not reliably end with a path separator, an attacker can access sibling directories with similar names (e.g., matching '/path/to/lakefs_evil' when the base is '/path/to/lakefs'). Enforce a trailing path separator w
A gin Group has REST API handlers registered via `RegisterRoutesTo` without the `authenticate` middleware being applied to that group. When this group is mounted on the metrics/management gin engine (default TCP/9091), it exposes business endpoints (collection CRUD, credential management, search/query) without authentication — even when `common.security.auth
Untrusted bytes received from a ZMQ socket are passed to pickle.loads(), which deserializes attacker-controlled data and enables arbitrary code execution via pickle's __reduce__ machinery (CWE-502). The ZMQ socket provides no authentication by default, so any network-reachable peer can send a malicious pickle payload. Replace pickle with a safe format (JSON,
A function is retried inside a `setTimeout` block using a new callback parameter ($U) instead of the previously utilized variable ($SAN) from the outer scope. This pattern suggests a logic/shadowing error where dirty initial input is inadvertently passed into the retry mechanism.
A value read from an untrusted buffer is used as a loop boundary for array indexing without being validated against a maximum limit. This missing bound check can lead to out-of-bounds read or write operations, potentially causing heap corruption or information disclosure vulnerabilities (CWE-502, CWE-119, CWE-787). Ensure that boundary limits parsed from unt
A state variable is forcefully set to 0 before calling `CONF_parse_list` and restored to 1 afterward. This logic temporarily flattens structural groupings during recursive list parsing, removing hierarchical layers such as key exchange preference tuples. This can lead to negotiation downgrades by treating distinct security items as a single flat group. Use a
A shell command string is constructed with util.format() and passed to child_process.exec() / execSync(), which executes via /bin/sh -c. util.format()'s %s/%d/%j interpolation does NOT shell-escape its arguments, so any value containing shell metacharacters (quotes, ;, &, |, $(), backticks) breaks out of the surrounding quoted token and lets attackers execut
File path sanitized only by whitespace escaping (replace(/\s/g, '\\ ')) flows into child_process.exec(). Shell metacharacters such as ;, |, &, backticks, $(), ", ' are NOT neutralized, enabling OS command injection through attacker-controlled filenames (CVE-2026-26831). Use child_process.execFile()/spawn() with an argument array, or apply complete shell quot
child_process.exec() is called with a command string built by concatenating non-literal values. exec() runs the string through `/bin/sh -c`, so any shell metacharacter in the interpolated values (`;`, `&`, `|`, `$()`, backticks, embedded quotes, etc.) is interpreted by the shell. This is the root-cause pattern of CVE-2026-26833 in the `thumbler` package, whe
Validating postMessage origins using string search methods like `includes`, `indexOf`, `startsWith`, or `endsWith` is insecure and prone to bypasses. For example, `origin.includes('trusted.com')` allows bypasses from origins like `https://trusted.com.attacker.com`. Attackers can use this to send malicious messages resulting in Cross-Site Scripting (XSS) or d
Validating postMessage origin using 'includes()' enables an attacker to bypass origin checks by registering a malicious subdomain or using a crafted domain string. Additionally, comparing against a dynamically derived origin from event.data is unsafe.
Native function call result is filtered only through getGlobalProp() and returned via done(...) without passing through sanitizeArray(). getGlobalProp() only inspects the top-level reference; arrays returned by native functions (e.g. Object.values, Array.at, Array.slice) can still contain raw global constructors such as Function, enabling sandbox escape (CVE
fast-glob is invoked with an unanchored recursive glob pattern (a string literal starting with "**/") and no `ignore` option excluding node_modules. The matched paths may include attacker-controlled files inside node_modules; if those results are later dynamically imported (e.g., a plugin loader), this enables arbitrary code execution (CVE-2026-26974, CWE-82
The application restricts administrators to single, case-sensitive regular expression URL filters by using a single string configuration. This limitation frequently leads to incomplete SSRF mitigations that can be bypassed using mixed-case URL schemes. Update the configuration representation to accept string slices (multiple regexes) to improve user-configur
The createdProjects tracking map governs whether subsequent resources in the same namespace are created via s.client.InternalClient(), which bypasses the per-request SubjectAccessReview. Adding an entry to createdProjects without first asserting err == nil lets a failed Project create/update (e.g. AlreadyExists when targeting a pre-existing Project namespace
Validating an origin or domain by checking if a string starts with an allowed origin is insecure. An attacker can bypass this check by registering a domain that shares the same prefix (e.g., `https://target.com.attacker.com` starts with `https://target.com`). Parse the input using `new URL()` and check for exact equality against `url.origin` or `url.hostname
Constructing environment or configuration file contents using naive string concatenation or interpolation allows injection vulnerabilities. If the variables contain unescaped characters like newlines or quotes, an attacker can inject arbitrary key-value pairs, leading to application misconfiguration, Denial of Service, or Remote Code Execution. Use a secure
The DTLS cookie-generate callback wrapper copies the callback-returned cookie bytes into the fixed-size OpenSSL `out` buffer via `out[0:len(cookie)] = cookie` without first bounding the cookie length against DTLS1_COOKIE_LENGTH (255). A callback returning more than 255 bytes overflows the OpenSSL-provided buffer (CVE-2026-27459, CWE-120). Add `if len(cookie)
Validation of paths using `is_symlink()` only checks the final component of a path. If intermediate directories are symbolic links, this check can be bypassed, leading to path traversal vulnerabilities (CWE-59, CWE-22). Use `canonical()` or `weakly_canonical()` to fully resolve paths against the actual operating system file system.
formGetContext() returns a value derived from the 'form_context' POST parameter, allowing authenticated users to override the server-side form rendering context. Combined with context-specific form field visibility, this lets clients coerce a more permissive context that exposes privileged fields (e.g. role_id, is_superuser, permissions) and persist arbitrar
A constant set of "dangerous" Windows shell metacharacters used for caret-prefix escaping ('^X') contains the double-quote character ('"'). Caret escaping is only honored by cmd.exe. Native Win32 binaries (e.g. php-cgi.exe and any CGI interpreter built with the MSVCRT runtime) parse their command line via CommandLineToArgvW, which only recognises '\"' as an
executor.ExecutionRequest is constructed in webhook code with an Arguments map that has not been filtered through filterToDefinedArguments against the Action's declared Arguments. Unfiltered keys from a webhook JSON/template payload bypass TypeSafetyCheck and are substituted into the action's Shell template before reaching exec.CommandContext("sh", "-c", ...
Directly trusting the `readableContentHtml` property without passing it through a sanitizer like DOMPurify can lead to Stored XSS.
Extracting the first IP address from the 'X-Forwarded-For' header can lead to IP spoofing. Load balancers like AWS ALB append the real client IP to the end of the header, leaving earlier values attacker-controlled. Extracting the first element allows an attacker to spoof their IP address by injecting their own 'X-Forwarded-For' header. Use the last IP addres
A buffer expansion function is called inside a conditional before a memmove-based prepend (memmove(ptr + len, ptr, filled) / memmove(ptr, src, len)). If the guard condition does not verify that the buffer has at least 'filled + len' bytes of free capacity – i.e., it only checks whether any free space exists rather than enough free space for 'len' additional
Detected a pattern indicative of a custom decoding and deserialization wrapper. A substring of an untrusted input parameter is extracted, decoded into an intermediary representation (like a byte array), and then passed to a custom utility method. The generic result is cast to an explicit type before return. If this backend utility wraps object deserializatio
The API endpoint `pwg.history.search` is registered without restricting access to administrators (`admin_only`). This exposes sensitive browsing history to unauthenticated users. Add `array('admin_only' => true)` to the method registration options.
Filtering email options via an allowlist that includes 'attachments' but omits 'disableFileAccess' and 'disableUrlAccess' silently strips these security mitigations. This exposes the application to SSRF and Local File Disclosure (LFD) if attackers control part of the attachments array, since Nodemailer allows reading file paths and URLs by default. Ensure th
Unvalidated path component combined with a directory prefix. This can enable a directory traversal attack if an attacker provides path escape sequences like '../'. Always validate such components before using them in path construction.
A custom tarfile extraction routine extracts symlinks without validating the symlink's target (`member.linkname`). An attacker can exploit this to create a symlink pointing outside the intended destination directory, allowing arbitrary file writes when subsequent tar members are extracted through the symlink. Validate that the resolved symlink target points
GitHub Actions workflow combines the `pull_request_target` event with a checkout step (or an explicit checkout of the pull-request head ref such as `ref: ${{ github.event.pull_request.head.sha }}`). `pull_request_target` runs in the base repository's privileged context — with access to repository secrets and a write-scoped GITHUB_TOKEN — so checking out and
Detected use of the vulnerable `authenticateUserByTokenOrUserId` function (CVE-2026-27960, CWE-287). This function authenticates a request by looking up the supplied bearer/basic-auth value in the `platformUsers` cache map, which is keyed by `api_token`, `internal_id`, `standard_id`, and `x_opencti_stix_ids`. Because the function never cryptographically veri
The backup MANIFEST's ExternalDecompressor field is attacker-controllable (anyone with write access to the backup storage can modify it). Passing it directly to prepareExternalCmd/shlex.Split/exec.Command{,Context} executes it as an OS command on the tablet host (CVE-2026-27965, CWE-78). Route the manifest value through resolveExternalDecompressor() so it is
Calling Node's CommonJS `require()` with a non-literal module path and then dynamically indexing the loaded module by a non-literal symbol name is unsafe deserialization / dynamic code loading (CWE-502). If the path or symbol can come from request data (e.g. a deserialized payload or function parameters at an RPC boundary), an attacker can load any CommonJS
The `HTTP_X_URL_PREFIX` request header is being read from the WSGI environment and assigned directly to a `*.prefix` attribute without validation. In Ajenti (CVE-2026-27975) this value was later substituted as `%(prefix)s` into the served index.html — both inside HTML attributes and inside a JavaScript string literal — and concatenated into outgoing `Locatio
GetWorkflowTemplate / GetClusterWorkflowTemplate handler reads a template via the server-credentialed informer cache (getTemplateAndValidate) without calling auth.CanI(ctx, "get", ...) first. Because the informer is initialized with the Argo server's own service-account credentials, the cache read bypasses Kubernetes RBAC, so any caller (including a request
Validation of Git arguments using the regex `/^\s*-u\b/` is insufficient to prevent dangerous option injection. Git allows single-letter options to be grouped (e.g., `-vu`, `-4u`), which bypasses this regex check. Attackers could execute arbitrary code by passing a modified `-u` (upload-pack) option. Use a more robust check that accounts for Git's option gro
Unsanitized user-supplied input flows into a shell execution function, enabling OS command injection (CWE-78). Wrap every user-controlled value with escapeshellarg() before concatenating it into a shell string, or replace the shell invocation with proc_open() using an argument array so the shell interpreter is bypassed entirely.
Untrusted proxy_url from a dynamic configuration dictionary is added directly to an allowlist without explicit domain host verification. This can lead to SSRF if the allowlist is used to validate reverse-proxy routes.
Direct assignment of unsanitized component props or data to innerHTML can lead to Cross-Site Scripting (XSS). Ensure the input is sanitized utilizing a library like DOMPurify before rendering it as HTML.
A cryptographic verification function returns `True` explicitly when the generated hash or value is falsey. This indicates a fail-open behavior where unsupported algorithms or missing values bypass the integrity check. Verification should fail closed by returning `False` when the hash cannot be computed.
The custom FastAPI console proxy copies and forwards client-provided identity headers directly to the downstream system without enforcing authentication, allowing authorization bypass.
JWT tokens often contain sensitive information in their payload. Storing them in a cookie without encryption exposes this data (such as user IDs or emails) to anyone who can access the cookie. Ensure the JWT is encrypted before saving it in an HTTP cookie.
The Starlette application configures middleware but does not include `TrustedHostMiddleware`. If the application generates sensitive URLs (like password resets) based on the incoming Host header, this could lead to Host header injection vulnerabilities.
A function parameter is interpolated as a file extension into a filename f-string and then used to open or path-join a file, without first validating the parameter against an allowlist of permitted formats. Attackers can supply values such as "../../etc/cron.d/x" or dangerous extensions (".py", ".sh", ".php") to traverse outside the intended directory or wri
A JWS "none" algorithm class defines a verify() method that returns a constant (e.g., False or True) instead of inspecting the signature argument. RFC 7518 §3.6 requires a "none" JWS to carry an empty signature. The verify() implementation must therefore explicitly check that the signature is empty (e.g., `return sig == b""`). Returning a constant leaves sig
Detected an inets `mod_alias`-style alias lookup that calls httpd_util:multi_lookup(ConfigDB, alias) without also concatenating httpd_util:multi_lookup(ConfigDB, script_alias). This is the vulnerable shape of `which_alias/1` from CVE-2026-28808: mod_auth derives the filesystem path used for `<Directory>` access-control matching from this list, so omitting `s
An incorrect buffer size calculation for formatting a list of IPv6 addresses leaves no space for a null terminator, leading to a heap buffer overflow. Removing the `- 1` subtraction and explicitly adding space for string termination prevents this corruption.
Untrusted input (e.g. $_GET / $_POST / $_REQUEST / $_COOKIE / base64_decode of one of these) flows into a PHP shell execution function (exec, shell_exec, system, passthru, popen, proc_open, or AVideo's execAsync helper) without being wrapped with escapeshellarg() / escapeshellcmd(). Even when the value is placed inside double-quoted "..." segments of the com
Iteration callback writes `$OBJ[$K] = $V` to a plain object without filtering prototype-polluting keys (e.g. '__proto__', 'constructor'). When the iterated collection's keys are attacker-controlled (e.g. an Immutable.Map built from `fromJS(JSON.parse(input))`), this triggers the prototype setter and pollutes the returned object's prototype (CVE-2026-29063, C
SQLAlchemy text() uses the hardcoded bind parameter name 'val' via .bindparams(val=...). When multiple such text() fragments are composed into a single query (e.g., iterating over filter conditions in a loop), every fragment references the same ':val' bind slot. SQLAlchemy's last-write-wins semantics for duplicate bind names silently discards all earlier bin
create_postgres_query() result is captured in a single variable, meaning the full SQL string (with user-controlled filter keys and values embedded via str.format()) is used as raw SQL without psycopg2 parameterization. The safe pattern is to unpack the return value as (sql, params) and pass params as the second argument to cursor.execute(), which enables the
Extracting dimension attributes like 'width' or 'height' from untrusted strings using RegExp and unconditionally parsing them as integers can enable a Denial of Service (DoS). An attacker providing extremely large dimensions can trigger massive memory allocation during rendering. Ensure parsed dimensions are constrained by a maximum limit, or use safe defaul
The hardware logic improperly uses `menvcfg.DTE` to gate writes and reads for the machine-mode `mstatus.SDT` register. `menvcfg.DTE` should only control the supervisor mode alias `sstatus.SDT`. This improper hardware state isolation causes WPRI (writes preserve values, reads ignore values) violations and incorrectly impacts M-mode execution, allowing attacke
VS-mode (cpu.v == 1) access to the supervisor interrupt CSRs sie/sip is being dispatched through vmode_get_sie / vmode_set_sie / vmode_get_sip / vmode_set_sip. These helpers do not apply the RISC-V H-extension delegation masking (get_hideleg() & (mideleg | MIDELEG_FORCED_MASK), hvien) and write directly to machine-level mie / hvip, which violates the privile
The read value of CSR henvcfg is masked with the full MENVCFG_WMASK against menvcfg (e.g. `henvcfg_out &= menvcfg->val & MENVCFG_WMASK;`). Because MENVCFG_WMASK covers bits [7:4] (CBIE/CBCFE/CBZE) in addition to STCE/DTE/PBMTE, this overbroad mask incorrectly subordinates henvcfg's cache-block-management fields to menvcfg. Per the RISC-V H-extension specific
A method loads a model via `Model::query()->findOrFail($input[...])` using a user-supplied identifier and then passes that model to another action/service, but does NOT call `$this->authorize(...)` before using it. An authenticated attacker can supply a foreign model ID to operate on resources belonging to other tenants/projects (missing authorization, CWE-8
OAuth `authenticate` builds its payload with a logical-OR fallback that ends in `params.query`. Because `params.query` is the raw, attacker-controlled HTTP request query string, an unauthenticated attacker who calls /oauth/:provider/callback directly (without ever invoking the authorize step) can forge a profile object via the query string and obtain a valid
MongoDB adapter constructs a query filter from an `id` parameter via `getObjectId(id)` without first validating that `id` is a string, number, or ObjectId. An attacker (e.g. via Socket.IO) can supply an object such as `{ $ne: null }` or `{ $regex: '^' }` which Mongo evaluates as query operators, matching/modifying/deleting arbitrary documents (NoSQL injectio
Rule skipped. Vulnerability relies on a logic flaw in a custom, hardcoded domain blocklist.
A user-controlled property named 'command' is passed to a generic execution method (e.g., .start(), .run()). This could indicate command injection if the underlying method acts as an OS command execution wrapper. (Ruleability: Skip)
Time-of-Check to Time-of-Use (TOCTOU) data race detected. A structure field is checked for NULL and then dereferenced. In multithreaded environments, another thread can nullify or free the pointer between the check and the dereference, causing a NULL pointer dereference. Either cache the pointer in a local variable or wrap the check and use securely within a
`bgp.ValidateUpdateMsg` is called without checking if the message has already been flagged as malformed in previous parsing steps. Unconditionally validating malformed attributes may result in an unhandled panic, potentially causing a Denial of Service. Ensure the validation is guarded by checking that the state is priorly verified (e.g., `handling == bgp.ER
Calling `fs::set_permissions` (or `<Path>.set_permissions`) with `Permissions::from_mode(0o0777)` / `from_mode(0o777)` grants world read/write/execute on the target path. When this path is a shared directory used to host IPC sockets, lock files, or other privileged endpoints (e.g. under `/tmp`), any local user can enumerate, replace, or pre-create entries an
Constructing a file path by simply replacing a substring or prefix from a user-supplied property (e.g., `name` or `filename`) is unsafe. This often fails to remove path traversal sequences (like `../`), potentially leading to arbitrary file read/write (Local File Inclusion / Path Traversal). Use a robust sanitization function (like `path.basename` or a dedic
SCEP `UpdateReq` is grouped with `PKCSReq`/`RenewalReq` in this CSR-handling switch case. If the API layer only validates the SCEP challenge password for `PKCSReq` and `RenewalReq` (without an else branch for `UpdateReq`), an attacker can submit a `MessageType = UpdateReq` PKIOperation to obtain a CA-signed certificate without supplying any challenge passwor
mci_check_login() declares its username/password parameters without a string type declaration. PHP's SOAP server delivers parameters using the XML schema type sent by the client (e.g. xsi:type="xsd:integer" arrives as a native PHP int). Without `?string`/`string` typing, an attacker can force the password to arrive as an integer, bypassing null-only normaliz
Sandbox Manager.Execute forwards an ExecuteConfig (script, args, stdin) directly to the underlying sandbox without security validation. Untrusted input — for example agent skill-execution calls driven by LLM prompt injection — can supply dangerous shell commands, reverse shells, or argument/stdin injection metacharacters that then execute inside the sandbox
os.path.join() is being called with a decoded path component (likely parsed from an external/network payload) and the joined result is then opened for writing without containment validation. os.path.join() does not normalize '..' segments, and an absolute right-hand operand silently replaces the base directory, so an attacker-controlled filepath can escape t
Using `htmlspecialchars()` with the `ENT_NOQUOTES` flag skips encoding of single and double quotes. If the resulting string is embedded inside HTML attributes, attackers can break out of the target attribute context and inject malicious scripts. Prefer using `ENT_QUOTES` or robust contextual output encoding.
Treating the return value of `libinjection` functions as a simple boolean (or comparing with 0) fails to properly handle libinjection v4 parser errors. Negative error codes evaluate to true, falsely indicating an attack and potentially causing out-of-bounds reads on uninitialized fingerprint arrays. Use `injection_result_t` and check against explicitly defin
Access-control function enforces master-key-only restrictions via a hardcoded class-name blocklist (indexOf check) but is missing a guard for internal `_Join:*` relation tables. Any client holding only the application key can read, write, or delete rows in any `_Join:*` table directly via the REST or GraphQL API, enabling role escalation and Class-Level Perm
A Stata do-file is dispatched to subprocess execution without first validating its content for Stata shell-escape directives. Lines beginning with '!' or 'shell ' are interpreted by Stata as OS commands and will be executed on the host (CVE-2026-31040). Read the do-file content and reject occurrences of the tokens "\n!" and "\nshell " (or implement a stricte
Calling pickle.loads() on bytes obtained from a multiprocessing/queue Queue is unsafe. Any process or thread able to write to the queue can inject a malicious pickle payload whose __reduce__ executes arbitrary code in the consumer process. Replace pickle with a safe serializer (e.g., JSON, MessagePack with strict schemas) or authenticate the payload (HMAC) b
Using `.expect()` or `.unwrap()` on the result of a checked arithmetic operation (e.g., `checked_add`, `checked_sub`) causes a runtime panic on overflow/underflow. When processing untrusted input, this leads to Denial of Service (DoS) due to reachable assertions. Handle the error gracefully using `.ok_or(...)?` or a `match` statement.
The application only checks if an ID field is empty before falling back to generating a new UUID. If this ID field is derived from user input and later used in a file path or shell execution, this weak validation allows directory traversal or injection. Ensure the ID is validated against a strict format (e.g., regex matching only alphanumeric characters and
Iterating over Parse logical operators ('$or', '$and', '$nor') and gating processing only on Array.isArray(where[op]) allows an attacker to supply an array-like object (e.g. { '0': {...}, length: 1 }). The Array.isArray branch is skipped while downstream code can still iterate the object, silently bypassing recursive guards (such as protectedFields enforceme
A SQL template literal performs PostgreSQL arithmetic of the form `COALESCE(...)::int + ${VAR}` where `VAR` is interpolated as a raw JavaScript template substitution rather than a pg-promise numbered bind placeholder (`$${...}`). If `VAR` originates from request input (e.g., a Parse `Increment` `amount`), an attacker can supply a string containing arbitrary
SQL injection: an identifier is interpolated directly into single-quoted SQL string literals inside a CONCAT('{"${...}":', ..., '}')::jsonb fragment used for building a Postgres Increment UPDATE on a JSON sub-key. A user-controlled sub-key containing a single quote can break out of the SQL string literal and inject arbitrary SQL (CVE-2026-31871). Escape sing
SQL field sanitizer extracts only the token after the first '(' and checks it against a keyword/function blacklist. Nested parentheses (a subquery placed in a later argument, or wrapped inside an allowed SQL function) bypass this check and enable SQL injection (CVE-2026-31877). Iterate over every '(' in the field expression and validate each inner token, e.g
jsPDF is vulnerable to arbitrary PDF object injection. The `createAnnotation` method incorrectly concatenates user input into the `/DS` (default style) PDF string property without escaping. An attacker can break out of the parentheses to inject malicious PDF metadata, including `/AA` for JavaScript execution.
SVG elements are rendered recursively without a depth or reference limit, risking a Denial of Service through resource exhaustion.
A regex used to validate a Python package requirement / version specifier is built with a negated character class such as `[^A-Z0-9._-]+.*`. Negated classes accept whitespace and the `@` sign, allowing PEP 508 direct URL references like `pkg @ https://attacker.example.com/evil.tar.gz` to pass validation. If the captured value is later forwarded to `pip insta
The application directly assigns user-controlled input to `session_id()`. This can allow an attacker to force a known session ID on a user, resulting in a session fixation vulnerability. If the victim authenticates using this session, the attacker may hijack their account. Rely on native PHP session management and ensure `session_regenerate_id()` is called u
Using `str_replace` or `str_ireplace` with an empty string to sanitize input based on a blocklist is unsafe. Attackers can bypass this by nesting blocklisted words (e.g., 'SELSELECTECT') or using mixed casing. Use a robust sanitization library or parameterized queries instead.
A loop reads from a pointer before performing bounds checking or checking remaining capacity, leading to potential out-of-bounds reads. Furthermore, using postfix decrement (`term-- < 0`) inside the loop causes off-by-one capacity failures, potentially leading to a one-byte buffer overflow (OOB write). Check limits before pointer dereference using a prefix d
A codec decodes an item length but fails to validate it against the allocated output buffer size before decoding the items into memory. This can lead to a heap or stack buffer overflow when an attacker supplies a byte array length larger than the buffer bounds.
The mpileup reference cache struct uses only 2 slots (char *ref[2] / int ref_id[2] / hts_pos_t ref_len[2]), but the pileup pipeline with `-a` can require 3 concurrent live references (current contig, previous contig still being flushed for -a, and a look-ahead loaded by bam_mplp64_auto). With only 2 slots, mplp_get_ref() evicts and free()s a reference buffer
The return value of `cram_decode_compression_header()` is used without being checked for NULL. A malformed CRAM file may cause this function to return NULL, leading to a NULL pointer dereference when passed to other functions. Ensure the return value is checked before use.
Potential OS command injection: a template literal builds a shell command using `cd "${...}"` (or `Set-Location -Path "${...}"`) followed by additional `${...}` interpolations. If any interpolated value is attacker-controlled (e.g. taken from a request body, WebSocket payload, or query parameter), shell metacharacters in the value will break out of the quote
This conditional whitelists Docker network values that start with `container:` as an accepted mode and short-circuits network setup or validation. The `container:<id>` form is a Docker namespace-join directive: it attaches the new container to an existing container's network namespace, exposing services bound to that container's loopback and bypassing sandbo
A missing MAC checksum validation was detected for FIPS fastpath input. The 8-byte signature is explicitly skipped using `in_uint8s` instead of being read and verified. This allows a man-in-the-middle to manipulate the ciphertext undetected. Ensure the signature is read and validated with `xrdp_sec_fips_check_sig` against the decrypted payload.
A string is decoded into a dynamically allocated buffer that is restricted to the exact size of the input string length, but a null byte is unconditionally written at the end. This leads to an off-by-one heap buffer overflow if the input does not shrink during decoding. Ensure that the buffer allocation explicitly reserves space for the null terminator (e.g.
The handler passed to h2c.NewHandler does not include authentication middleware: the auth middleware is wrapped around the result of h2c.NewHandler instead of around its input. When a client performs an HTTP/2 cleartext (h2c) upgrade, the h2c handler hijacks the TCP connection and dispatches all subsequent HTTP/2 requests through the inner handler captured a
Passing dynamically constructed commands to an intermediate shell ("sh -c" or similar) introduces the risk of command injection. If variables or stdin are not strictly controlled, attackers may execute arbitrary commands by breaking out of the intended shell statement. Use `exec.Command` directly without a shell wrapper and pass arguments natively (e.g., aft
Validation mechanisms enforcing safe patterns (e.g., checking invalid characters via regex) should avoid raising generic `ValueError`s. Generic exceptions are easily wrapped, intercepted, or swallowed by validation libraries (such as Pydantic) or broad try-except blocks. This can cause security bypasses to go silently undetected and hide failures in regressi
Iteration over Parse logical operators ('$or', '$and', '$nor') guards recursion with only Array.isArray, which allows an attacker-supplied array-like plain object (e.g. {"0": {...}, "length": 1}) to bypass the check. Downstream query / matching / protected-field code may still iterate the value via numeric/length-based access. Add an explicit pre-check that
Constructing shell commands by concatenating executable paths and arguments with a space without proper context-aware shell escaping can lead to command injection. Likewise, using a shell metacharacter blocklist regex that misses newlines (\\n) and carriage returns (\\r) allows attackers to supply multiline inputs and bypass validation.
A self-management controller fetches a user by an ID parameter from the request without adequate authorization checks. This creates an Insecure Direct Object Reference (IDOR) vulnerability. Use `Auth::user()` to reliably fetch the authenticated user, or apply strict authorization policies before honoring the supplied ID.
The JavaScript `Function` constructor compiles and executes its last argument as a function body in the global scope, equivalent to `eval`. Passing a non-literal code body (variable, parameter, or interpolated string) is a code-injection sink (CWE-94). If any caller can influence the body, this yields arbitrary code execution; on Node.js, `require` is reacha
OS command injection: a subprocess call is invoked with shell=True and a command string built from an f-string that interpolates a runtime value. Any shell metacharacters in the interpolated value (e.g. $(...), ;, |, `) will be parsed by /bin/sh, allowing arbitrary command execution. Use an argument list (shell=False) and/or shlex.quote on each interpolated
The authentication tag for AES-GCM decryption is extracted using `substr` but its length is not validated. If an attacker provides a short payload, `substr` may return a truncated tag which `openssl_decrypt` accepts, allowing brute-force attacks to recover the GHASH key and forge ciphertexts. Verify the tag length using `strlen` before passing it to `openssl
A git shell command is being assembled by concatenating a variable into a string that contains literal git CLI subcommand fragments (e.g. `clone --branch`, `archive --format tgz --output`). When the resulting string is executed via `sh -c` (as clouddriver's GitJobExecutor does for USER_PASS / USER_TOKEN / TOKEN accounts), shell metacharacters in the variable
Using strict greater-than (>) instead of greater-than-or-equal (>=) against a collection length or count can allow an index exactly equal to the length to bypass validation, potentially leading to out-of-bounds accesses and panics.
The application or middleware is configured to allow CORS with wildcard origins (`["*"]`) combined with `allow_credentials=True`. Starlette's CORSMiddleware natively resolves this by reflecting the underlying incoming Origin header into the response, circumventing strict web standards and enabling malicious sites to forge cross-origin interactions using the
Use of Spring's StandardEvaluationContext for SpEL evaluation grants the expression full JVM reach (T(java.lang.Runtime), new ProcessBuilder(...), reflection, etc.). When the SpEL string can come from user-controlled input (e.g., pipeline definitions, request bodies, configuration), this enables remote code execution (CVE-2026-32613, CWE-94 / CWE-917). Use a
The application constructs email content using `$_SERVER['HTTP_HOST']` or `$_SERVER['SERVER_NAME']` without validation. Attackers can manipulate the HTTP Host header to inject malicious domains into email links (such as verification or password reset URLs). If a user clicks the forged link, their verification token or credentials could be leaked to the attac
Possible prototype pollution (CWE-1321): assigning into a target object using a key obtained from another object's keys (Object.keys(...) or for..in) without first ensuring the property is an own property of the target. If the key is an inheritable name (e.g. `__proto__`, `constructor`, `prototype`, `toString`), the bracket-notation write traverses the proto
Lookup of locally saved credentials or URI construction using an untrusted mDNS server name. An attacker can spoof the Zeroconf broadcast to extract saved credentials.
Missing middleware to reject dangerous encoded characters before creating HTTP Server.
During nested structure parsing, the code determines whether to instantiate an array or object purely by looking ahead at the next key using `Number.isNaN` or `isNaN`. This logic allows an attacker to mix array-index and object-property keys on the same path, tricking the parser into instantiating an array and subsequently injecting arbitrary properties on i
Constructing a `pathlib.Path` using user-controlled DICOM attributes such as `ReferencedFileID` without validating that the path remains within the bounds of an expected root directory allows Path Traversal. An attacker can craft a DICOMDIR to access or modify files outside the designated root. Enforce boundary validation using checks like `is_relative_to()`
SQL statement is constructed using str.format() and passed to a DB-API execute() method. Externally derived values interpolated into the SQL template can break out of quoted literals and inject arbitrary SQL (CWE-89, CVE-2026-32714 in scitokens KeyCache). Use DB-API parameterized queries with `?` placeholders and pass values as a separate sequence argument,
Validation of path boundaries using string `startswith` is prone to authorization bypasses. Paths should be compared using path-aware mechanisms to ensure that directory boundaries match precisely. For instance, checking if `/johnathan` starts with `/john` returns True, potentially bypassing directory restrictions. Enforce exact match or a trailing slash bef
Wrapping `child_process.exec` with `promisify` obscures the risk of command injection because `exec` evaluates arguments inside a shell. If untrusted input is passed to the wrapper, arbitrary commands can be executed. Migrate to `execFile` instead, which avoids the shell environment by default.
Evaluating AST node properties using truthiness checks (e.g., `if (node.text)`) rather than nullish checks (`!= null`) can allow an empty string (`""`) to bypass safety mechanisms. Execution then falsely falls through to evaluate unsafe downstream properties (like `raw` or `html`) on the same node, leading to XSS or logic bypass. Update property checks to us
Appending an unsanitized AST node value directly into a query or builder can lead to SQL injection. If the node value can be a string, it must be properly escaped (e.g., using a string literal sanitizer or identifier sanitizer) to prevent injected characters from breaking out of SQL contexts.
Call to model.FullTextSearchBlock() inside a gin.Context handler without an `if method == 2 && !model.IsAdminRoleContext(c)` admin gate. When the `method` parameter is 2, FullTextSearchBlock forwards the user-supplied query string to searchBySQL → db.Query(), executing arbitrary SQL against the SQLite database. Without an admin role check, any authenticated
This NetworkPolicy egress rule uses a NamespaceSelector with `kubernetes.io/metadata.name` and operator `NotIn` to target every namespace except the pod's own. NetworkPolicy egress rules are permissive (they declare what is allowed), so this construct does not deny inter-namespace traffic — it explicitly allows egress to every other namespace in the cluster,
Kubernetes NetworkPolicy Egress rule uses a NamespaceSelector with the "NotIn" operator on the "kubernetes.io/metadata.name" label. Because NetworkPolicy uses additive whitelisting, this rule does not deny egress to "other" namespaces — it explicitly *allows* egress to every namespace whose name is not listed, granting unrestricted cross-namespace egress and
Validate archive extraction paths properly. Using strings.HasPrefix to check against Zip Slip path traversal without a trailing path separator is vulnerable. Sibling directories with the same prefix can bypass the validation. Append os.PathSeparator to the directory prefix.
Validation of `tarfile` members via `getmembers()` before calling `extractall()` or `extract()` lacks checks for symbolic or hard links (`issym()` or `islnk()`). Path traversal checks on entry names are insufficient because attackers can first extract a symlink and then route subsequent extracted files through it to arbitrarily escape the destination directo
Ignoring the error returned by URL parsing functions (like `url.Parse` or `url.ParseRequestURI`) using the blank identifier `_` can lead to nil pointer dereferences. If the dynamically generated input is invalid, the resulting URL object is nil. Dereferencing it will cause a panic (Denial of Service). Ensure that the error is explicitly checked and handled.
A WebSocket connection is stored in a session pool using an ID taken directly from a URL parameter without segregating based on the ID's role or value. If specific IDs (like "auth") signify an unauthenticated context, storing them alongside authenticated user sessions may lead to unauthorized data exposure when broadcasting sensitive events. Implement a sepa
A decompression match offset is improperly clamped using `min()` or `saturating_sub()` instead of properly returning an out-of-bounds error. If an invalid offset is clamped (e.g., to 0 or output length), it can cause the decompressor to copy uninitialized memory to the output, leading to information disclosure. Use explicit bounds checks or `overflowing_sub(
A buffer is parsed iteratively using sequential `memcpy` operations and pointer increments without any preceding bounds check. A malicious input controlling the loop condition or structural data lengths could induce an out-of-bounds read, risking data disclosure or denial of service crashes. Validate the pointer against the buffer end limit before attempting
Missing NULL check on the result of `strchr` or `strrchr` before using it in string/memory operations. This can lead to a NULL pointer dereference if the character is not found.
URL path template parameter is substituted using str() without urllib.parse.quote() encoding. Unencoded slashes and dot-dot sequences let urllib.parse.urljoin() interpret attacker-supplied values as path traversal segments, enabling authenticated SSRF. Wrap every path parameter value with urllib.parse.quote(str(value), safe='') before substitution into the U
Memory allocated for a string buffer is leaked because it is not freed before returning the result of a Python C API object creation function. These functions do not take ownership of the passed C string. To fix this, store the returned `PyObject*` in a temporary variable, free the buffer, and then return the temporary variable.
Unrestricted 'indent' parameter is multiplied by a nesting depth variable without bounds or sign checking. This can cause an integer overflow leading to a buffer overflow, or an underflow leading to an infinite loop. Ensure 'indent' is explicitly checked (e.g., `indent > 0`) before multiplication.
The route POST /api/lute/html2BlockDOM is registered without model.CheckAdminRole and model.CheckReadonly middleware. The handler resolves file:// URIs in pasted HTML and copies the referenced local files into {DataDir}/assets/, so it must be restricted to admins. With only model.CheckAuth, a publish-service visitor can stage arbitrary readable files (e.g. /
Direct string formatting of SQL queries can lead to SQL Injection. Use parameterized query mechanisms provided by the database API instead.
Unauthenticated FastAPI route forwards a client-supplied `data` (FlowDataRequest) value into `start_flow_build(..., data=...)`. Custom-component `code` fields inside attacker-controlled flow data are compiled and `exec()`'d without sandboxing during graph build, leading to unauthenticated remote code execution (CVE-2026-33017). Public-flow endpoints must har
Using a reactive state (`computed` or `ref`) directly as the URL parameter for `useWebSocket` can cause unintended in-flight connection teardowns and credential leakage upon reactivity changes. `@vueuse/core`'s `useWebSocket` automatically disconnects and reconnects when the URL changes. If the URL contains session tokens or API keys, reactivity updates can
A user-controlled string is concatenated with a path prefix and joined to a base directory using pathlib without validation. A value containing '..' segments resolves outside the base directory, enabling arbitrary file read/write/delete (CWE-22 / Path Traversal, CVE-2026-33054). Mitigation: (1) validate the input against an allowlist regex such as r'^[A-Za-z
A tar parser checks if the base header size is zero before applying the PAX extended header size override. This causes an interpretation conflict (parser differential) with tools that unconditionally respect the PAX size override, which can be manipulated to conceal malicious entries. The PAX size, if present, should unconditionally override the base size.
Untrusted HTTP request data flows into a Python code-execution sink (exec/eval/runpy/importlib/__import__/compile or a custom execute_module helper). A web endpoint that evaluates request-supplied Python source — even after base64 decoding or writing to disk first — yields unauthenticated Remote Code Execution. Require authentication, drop the endpoint, or n
A pointer is incremented and subsequently dereferenced without properly validating it against the buffer's maximum limit beforehand. Dereferencing prior to boundary verification leads to an out-of-bounds read vulnerability when processing malformed, truncated payloads. Verify that pointers are strictly within valid bounds before reading from them.
A function builds a filesystem path (or path-like string later passed to open()/os.system()) by f-string interpolating a host/IP/server-style parameter without first validating it (e.g. via an `is_ip_or_dns`-style check that reassigns the parameter, or a pydantic IPvAnyAddress/DomainName typed parameter). Attacker controlled traversal sequences (e.g. `..`) i
Untrusted input from Flask request parameters or JSON/Form payloads is used in file operations or internal APIs without validating against path traversal sequences (e.g., '..'). This can lead to arbitrary file reads or writes.
User-controlled filter value is concatenated directly into a SQL WHERE clause fragment (IN/LIKE/BETWEEN) without escaping or validation. This is the same root-cause pattern as CVE-2026-33082 (DataEase): the only containment is a literal single quote, so a `'` in the input breaks out of the literal and enables SQL injection. Route the value through a sanitize
The ORDER BY direction value is assigned to setOrderDirection without whitelist validation. The DataEase Order2SQLObj path renders orderDirection into the SQL ORDER BY clause via a StringTemplate (`<order.orderDirection>`), so an unconstrained string value enables SQL injection (CVE-2026-33083). Restrict the value to a fixed whitelist such as value.equalsIgn
Order direction is being assigned from an unvalidated value before being embedded into a SQL ORDER BY clause. User-controlled sort/orderDirection strings must be restricted to a fixed whitelist (e.g. `value.equalsIgnoreCase("asc") ? "asc" : "desc"`). Without this, attackers can inject arbitrary SQL through the sort parameter (CVE-2026-33084).
A table/view identifier (parameter of createView / createTableSql) is interpolated into a DDL SQL string (via "+" concatenation or String.replace("TABLE_NAME", ...)) without calling validateSqlInjectionRisk() first. An authenticated attacker can inject arbitrary SQL by crafting a malicious table name that breaks out of identifier quoting (CVE-2026-33121).
A method-parameter identifier (table/view name) is substituted into a DDL SQL template (CREATE TABLE / CREATE VIEW) via String.replace(), without any whitelist/sanitizer check. Database identifiers cannot be parameterized through PreparedStatement, so an attacker who controls $NAME can break out of identifier quoting and inject arbitrary SQL (CVE-2026-33122)
`getPageAndDescendants()` is called with a share object's `pageId` in what appears to be a publicly shared (unauthenticated) search context. This method returns ALL descendant pages, including those protected by page-level access restrictions, because no authorization filter is applied on the unauthenticated code path. Restricted page titles, content snippet
A memory resource is destructed or freed, but its corresponding pointer is subsequently assigned to another variable or lifecycle state field without first being set to NULL. This maintains a dangling pointer reference, leading to a reliable Use-After-Free (UAF) vulnerability if that component state is used or accessed later.
Missing upper bound check on a resource count (attachments) parsed from an untrusted string. This allows attackers to specify artificially high values, causing denial of service by forcing the application to buffer unbounded amounts of data.
Unsafe template evaluation detected. Using an unsandboxed Jinja2 `Environment` or passing a raw `str.format` as a delegate allows an attacker to evaluate strings without attribute-access constraints. This can lead to Server-Side Template Injection (SSTI) or Remote Code Execution (RCE) via arbitrary attribute traversal (e.g., `__class__`). Consider using `jin
HTML content originating from a getter is directly assigned to an HTML setter without sanitization. This pattern typically indicates missing Cross-Site Scripting (XSS) protections when migrating untrusted data between data transfer objects. Ensure the input is sanitized using a dedicated HTML sanitization library before assignment.
Missing size limit validation for requested HTTP byte ranges can lead to memory exhaustion and Denial of Service (DoS). An attacker can request an unbounded range (e.g., `bytes=0-`) which gets fully loaded into memory. Validate the total aggregated size of the byte ranges before processing them.
Modifying security settings directly on a ValidationEngine instance (e.g., using setSecurityChecks) applies these settings globally because the engine is often cached. This forces relaxed security settings onto per-request validators, bypassing required request-specific security boundaries. Use InstanceValidatorParameters to supply request-specific configura
A URL or path joining function returns an endpoint directly if it evaluates to a valid absolute URL, unconditionally overriding the base URL. If this endpoint originates from user input, this bypasses routing restrictions and can cause Server-Side Request Forgery (SSRF) and credential leakage. To remediate this, ensure the base URL is intended to be bypassed
Subtracting directly from an unwrapped and/or cast value can cause an integer underflow if the value is zero. `Option` types typically validate presence, not numerical bounds. Use `.saturating_sub()`, `.checked_sub()`, or explicitly check that the value is strictly greater than the subtrahend.
Client-supplied MIME type ($FILE.mimetype) from a multipart upload is stored or returned without server-side derivation from the file name or extension. An attacker can spoof the Content-Type header in the multipart request to inject arbitrary MIME types (e.g., text/html), which the server stores and later uses as the HTTP response Content-Type header, causi
Authorization is bypassed when a Celery AsyncResult task is in PENDING state or its result is an Exception. Setting the associated resource object to None in this branch causes all downstream permission checks to be skipped entirely (they exist only in the else branch), allowing any authenticated user to retrieve task data for restricted resources they canno
Directly assigning a password variable or field to a JWT-designated struct field is dangerous. JWT fields are often assumed to be non-confidential identity tokens and are frequently serialized and exposed in monitoring endpoints or logs. This can lead to plaintext credential leakage (e.g., CVE-2026-33216 in NATS). Only assign validated identity tokens to JWT
A String wrapper instance is used directly as an Array index without numeric coercion. Array property access for non-numeric string keys traverses the prototype chain, so an attacker-controlled value such as "__proto__" resolves to Array.prototype, leaking a live reference that enables prototype pollution (CWE-1321). Coerce the value with `+value` or validat
Insufficient lexical boundary check allows directory traversal via symbolic links. Checking paths using only `os.path.isabs` and substring checks for `..` fails to prevent symlink-based boundary escapes. Use `Path.resolve()` to resolve links and enforce scoped sandbox constraints.
Missing scoped path resolution when joining strings for file access. Immediately opening a joined path without validating its final resolved location against the intended root directory can permit attackers to read arbitrary files via path traversal or malicious symbolic links. Ensure the resulting path is securely validated before being opened.
Using `1 << $SHIFT` to compute a loop bound is vulnerable to integer overflow. In Java, the integer literal `1` is a 32-bit signed integer. If `$SHIFT` evaluates to 31, the result is Integer.MIN_VALUE (a negative number). When used as a loop upper bound, this causes the loop to execute zero times, which can silently bypass critical logic (e.g., in BCrypt key
Data is explicitly HTML-escaped using a function like `$PKG.HTMLEscapeString` before being evaluated by the Goldmark Markdown parser. This causes correct HTML entities provided as input to be double-escaped in the output, leading to data degradation. Pass raw text to Goldmark instead and apply an HTML sanitizer to its output.
Use of `ApplicationObjectInputStream` for Java deserialization. This class is a plain `ObjectInputStream` subclass with no `resolveClass` override and no class allowlist, so any call to `readObject()` on it with attacker-influenced bytes enables arbitrary class instantiation and RCE via well-known Java deserialization gadget chains (CVE-2026-33439 — bypass o
Access rule matching is performed against an http.Request URL whose path has not been normalized via path.Clean. A request such as "/public/../admin/secrets" will have its raw path matched against rules, so a permissive wildcard rule (e.g. "/public/<.*>") may absorb the "../" segments and bypass the protected rule that governs the resolved path ("/admin/secr
Using an authorization token directly as the sole cache key without scoping it (e.g., to an introspection endpoint, audience, or tenant API URL) can lead to cache key confusion. An attacker could use a token validated for one endpoint to access a different endpoint if they share the cache. Scoping the cache key by incorporating the endpoint or configuration
A g_memcpy()/memcpy() from an xrdp stream's read pointer ($S->p) is performed BEFORE the remaining-length check on the stream. The xrdp stream API provides bounds-aware in_uint8a()/in_uint8s() macros that must be paired with an explicit `len < $SIZE` check performed BEFORE the copy. When the check is performed AFTER the copy (as in xrdp_caps_process_codecs f
An array is allocated using a length directly read from a stream or payload without bounded validation. An attacker can supply an artificially large variable length, triggering an excessive memory allocation that exhausts JVM memory (OutOfMemoryError) and leads to Denial of Service (DoS). Always check that the requested size does not exceed the remaining ava
Double-escaping a string with rfc1738_escape or reusing its return value as its own input leads to a Use-After-Free. The rfc1738_escape function manages a static internal buffer that can be dynamically reallocated. Passing the returned pointer back into rfc1738_escape can cause the function to read from the buffer after it has been freed during reallocation.
An interface definition manages OAuth callbacks without requesting explicit context parameters. If instances of this interface are maintained as singletons, storing verification data internally leads to concurrent state assignment and critical race conditions.
The EndpointSecurity event array monitors file creation or modification (e.g., AUTH_CREATE or AUTH_COPYFILE) but lacks subscriptions for ES_EVENT_TYPE_AUTH_EXCHANGEDATA or ES_EVENT_TYPE_AUTH_CLONE. This pattern is associated with an incomplete file monitoring scope, allowing attackers to bypass the authorization boundary via exchangedata or clonefile system
Integer overflow vulnerability in 2D rectangle bounds checks. When checking if a 2D rectangle is out of bounds, addition of variables (e.g., x + width) can overflow if 32-bit integers are used, wrapping around to a small value and bypassing the bounds check. This can lead to out-of-bounds memory accesses. Use 64-bit integer types (e.g. uint64_t) for bounds c
A verification-code verify-style function retrieves a stored OTP and immediately returns a constant-time equality comparison without incrementing an attempt counter or invalidating the code on repeated failures. With small code keyspaces (e.g. 6-digit OTPs) and a multi-minute TTL, this allows brute-force account takeover when the external rate limiter is abs
Channel/sender ACL check is fail-open: when the configured allow list is empty or missing, the function returns True, granting access to every sender. A remote attacker can deliver messages (e.g. via an unauthenticated email/IMAP poll, webhook, or chat platform) and have them processed as trusted owner input, enabling indirect prompt injection and tool abuse
A filesystem path component is built by interpolating $E->getSourceId() into a string literal without wrapping the value in basename(). If the underlying sourceId attribute is attacker-controllable (as in CVE-2026-33656, where the EspoCRM formula engine's record\update bypassed the readOnly entityAcl on Attachment.sourceId), the resulting path can contain ".
Trusting the `Host` header for security decisions is insecure because attackers can spoof it. Do not rely on `$request->getUri()->getHost()` to bypass authentication or signature checks.
Asset path resolved by model.GetAssetAbsPath is served (via http.ServeFile, serveThumbnail, or serveSVG) without enforcing the publish-service access policy. Non-admin callers in publish mode can read assets that belong to publish-ignored or password-protected documents. Gate non-admin contexts with model.IsAdminRoleContext and verify with model.CheckAbsPath
HTML escaping strings before converting them to Markdown can lead to double-escaped entities. Send the raw string to the Markdown converter instead, and sanitize the resulting HTML if necessary.
The `ReadAll` function for `LinkSharing` lacks authorization logic to restrict link-share authenticated users. This allows an attacker with a read-only link share to list all shares and extract secret hashes for write and admin link shares, escalating their privileges. Check the `web.Auth` parameter with `a.(*LinkSharing)` or delegate to `share.CanRead()` to
A method receives an ObjectInput/ObjectInputStream and invokes readObject() on it without configuring an ObjectInputFilter / class allowlist. When the stream comes from an untrusted source (e.g., a custom RMI endpoint, JMX call, network socket), this allows arbitrary class instantiation during deserialization and enables gadget chain remote code execution (C
Creating a file in a shared temporary directory with a predictable name and without `os.O_EXCL` allows local attackers to mount a symlink attack. If an attacker pre-creates a symlink at the predictable path, opening or creating the file will follow the symlink and overwrite the target file. Use `os.CreateTemp` to safely create temporary files, or provide `os
Cache key serialization for a protobuf Struct must prefix the number of fields (e.g. via strconv.Itoa(len(keys))) and sanitize Unicode control characters in string values. Without a length prefix, a single-key value containing the literal field delimiter (e.g. ",'b:'y") serializes identically to a structurally different two-key Struct, producing the same cac
The application checks an input conditionally but then performs an HTTP request using an independent HTTP client (httpx). This creates a Time-of-Check to Time-of-Use (TOCTOU) vulnerability known as DNS Rebinding. If the check resolves DNS, the IP might change before the HTTP client connects. Secure the HTTP client inherently by enforcing IP checks directly a
JWT validation via lcobucci/jwt does not include a `SignedWith` constraint. Only time-based or other non-cryptographic constraints are passed to `validator()->validate()` / `validator()->assert()`, so the token's cryptographic signature is never verified. An attacker can forge or tamper with the JWT payload (e.g. impersonate any user via a `user_uuid` claim)
curl_cffi defaults to indiscriminate HTTP redirect following. An attacker can exploit this by causing an external server to redirect requests down to sensitive internal or private IP ranges (SSRF). Set `allow_redirects="safe"` or `allow_redirects=CurlFollow.SAFE` to reject internal redirects, or disable redirects entirely via `allow_redirects=False`. Upgrade
A custom GraphQL view processes batched operations by iterating over a list without first checking its length, which can lead to Uncontrolled Resource Consumption (CWE-400).
A Fastify path-normalization option (ignoreDuplicateSlashes, ignoreTrailingSlash, or useSemicolonDelimiter) is read from a nested sub-configuration object without a nullish-coalescing (??) fallback to the parent/top-level configuration. In @fastify/middie, this causes the middleware path-matching engine to apply different URL normalization than Fastify's rou
Bundled zlib appears to be a pre-1.3.2 version (ZLIB_VERNUM < 0x1320 or ZLIB_VERSION string matches a pre-1.3.2 release such as "1.3.1.2-audit"). Versions prior to zlib 1.3.2 lack the 7ASecurity audit hardening fixes (CVE-2026-3381 / CVE-2026-27171): missing negative-length checks in crc32_combine, uninitialized-memory disclosure in inflateCopy/deflateCopy,
stb_image JPEG decoder lacks integer ratio validation for plane subsampling factors. This logic oversight leads to memory corruption/out-of-bounds write since resamplers cannot handle fractional ratios.
Subtracting an expression from a buffer size to calculate the remaining length without a prior bounds check can cause an integer underflow. This bypasses bounds checks and leads to out-of-bounds accesses.
Unconditionally clearing the 'oldNs' pointer before freeing a document with 'xmlFreeDoc' leads to a memory leak when parsing XML chunks if the context document is NULL. The namespace objects become orphaned and are not released. To fix this, ensure 'oldNs' is only cleared when a valid parent document exists.
Unconditionally assigning NULL to a document's oldNs pointer before freeing it with xmlFreeDoc results in a memory leak if the parser was running without an associated document object. Guard the assignment with a check to ensure the document context is valid.
The password reset / account recovery handler awaits an artificial delay only on the "user not found" / "no email" branches and returns early, while the success path (email sent) returns without an equivalent delay. This timing differential is observable by an unauthenticated attacker and enables username/email enumeration (CWE-208 / CWE-204). Pad all branch
Authentication enforcement for an admin or non-public endpoint is gated on a global "loginRequired"/"loginEnabled"-style configuration flag. When the flag is false the 401/403 branch is skipped entirely, allowing unauthenticated access to the sensitive endpoint. Make the admin/non-public auth check unconditional (drop the config-flag conjunction). See CVE-20
A BigInteger `modInverse` implementation (typically originating from the jsbn library) was found to be lacking a check for a zero instance (`this`). If executed with a zero value, the Extended Euclidean Algorithm enters an unreachable exit condition resulting in an infinite loop and Denial of Service (DoS).
This tree destruction function recursively frees nodes without maintaining a depth counter. Deeply nested data structures can cause stack exhaustion leading to Denial of Service.
Handlebars precompiler concatenates user-controllable options (`opts.handlebarPath`, `opts.commonjs`, `opts.namespace`) directly into generated JavaScript source code without escaping, and emits the result via `SourceNode.add(...)`. CVE-2026-33937: an attacker who controls these options (or, more broadly, who can supply a fake AST whose literal `value` field
Accepting an input object and returning it based merely on a shallow `type` check (like 'Program' or 'AST') bypasses structural validation. If the object originates from untrusted sources, attackers can inject manipulated AST structures or type-spoofed payloads that escape the bounds of the parser. Recursively validate pre-parsed AST nodes before trusting an
Returning a pre-parsed AST node (e.g., 'Program') directly without structural validation can lead to arbitrary code execution if the input is attacker-controlled. A crafted object can bypass compilation guards and inject arbitrary code. Ensure that dynamically provided ASTs are validated against type confusion and unexpected literals before processing.
Call to PHP unserialize() with allowed_classes => true (or without a restrictive allowed_classes option) permits instantiation of arbitrary classes loaded by the application. If the serialized input is not fully under developer control (e.g., comes from a cache, file, database, HTTP input, or any storage backend an attacker could tamper with), this leads to
Building a destination file path via filepath.Join with a map/range key (or other externally influenced string) and then writing it through os.WriteFile is vulnerable to path traversal (CWE-22). If the joined component contains "../" sequences, filepath.Join will collapse them and the write will escape the intended directory. Confine the write to the parent
Checking for emptiness (`.length > 0`) on sanitizer configurations like `allowedTags` or `allowedAttributes` is a security risk. By ignoring explicitly restricted empty policies (`[]` or `{}`), this verification often causes a fallback to permissive default sanitizer settings, meaning typical XSS payloads will not be stripped. Validate options using structur
A state object's dimensions (width/height) are updated before a memory allocation loop that could fail and exit. If an allocation fails, the function returns early and leaves the context dimensions inflated for a smaller buffer. This inconsistency can lead to out-of-bounds memory accesses. Update object dimensional properties only after validating that memor
Using `RegExp.prototype.test` against a regex containing `__proto__`, `constructor`, or `prototype` as a prototype-pollution guard is bypassable. `RegExp.prototype.test` is a writable prototype method; an attacker that can override it (via another gadget in the same realm) can force the guard to return `false` and re-enable `Object.prototype` pollution throu
The deprecated GitHub Actions workflow commands `set-env` and `add-path` are handled without checking the `ACTIONS_ALLOW_UNSECURE_COMMANDS` opt-in environment variable. Real GitHub Actions disabled these commands in October 2020 (CVE-2020-15228) because untrusted data echoed to a step's stdout can inject them and arbitrarily mutate environment variables or P
A value is interpolated into a Ruby string that builds a Gemfile gem-source option (branch:/ref:/tag:). Generated Gemfiles are evaluated as Ruby by Bundler, so any attacker-controlled content in the interpolated value can break out of the string literal and execute arbitrary Ruby code at bundle composition time (see CVE-2026-34060 in ruby-lsp, where the ruby
Using `panic!` inside libp2p `ConnectionHandler` negotiation events (`FullyNegotiatedInbound`, `FullyNegotiatedOutbound`) exposes the application to remote Denial of Service (DoS) attacks. An attacker can intentionally negotiate duplicate streams or unexpected states to trigger the panic and crash the node. Handle invalid states gracefully by returning an er
flatpak_run_app() is defined without GArray *bind_fds / GArray *ro_bind_fds parameters. Without them, the Flatpak portal must forward sandbox-expose paths as raw path strings to bubblewrap --bind, which follows symlinks at mount time. A sandboxed app can plant a symlink inside its writable instance directory pointing to any host path and supply it as a sandb
A payment channel voucher amount is checked using `<` against a maximum of spent and settled funds. This may allow an attacker to submit a voucher exactly equal to the settled amount, bypassing the requirement to commit new funds. Establish a dedicated check that ensures the voucher is strictly greater than the settled funds, rather than using a loose ternar
Authorization/validation check combines multiple inequality (`!==`) comparisons with logical AND (`&&`) before throwing an error. By De Morgan's law this requires ALL fields to mismatch to reject the request, so a single matching field (e.g. workspaceId in the same workspace) bypasses the entire check. For ownership / scoping checks the conditions should be
Authorization guard combines multiple '!==' inequality checks with '&&' (AND) before throwing an exception. Because '&&' requires ALL conditions to be true simultaneously, an attacker who satisfies even one check can bypass the guard entirely. Replace '&&' with '||' so that any single mismatch triggers rejection and unauthorized access is prevented. (CVE-202
A web client or mock implementation is querying a cookie container using the current page's URL (e.g., origin URL from `location.href`) instead of the request's target URL. When handling requests, this will inadvertently attach the parent origin's cookies to the external request, leaking sensitive session data to third parties.
A plugin name is used to construct a file path without preceding validation, which may allow path traversal to load arbitrary dynamic libraries.
The SDK's warning message improperly asks for a 32 'character' secret rather than 'bytes'. Because strlen() calculates byte length, this creates a mismatch between developer guidance and byte-based enforcement.
This GitHub Actions step interpolates an attacker-controlled `${{ github.event.* }}` (or `${{ github.head_ref }}`) expression directly inside a `run:` shell script. GitHub Actions expands `${{ }}` template expressions before invoking the shell, so attacker-controlled content (e.g., issue/PR/comment/review bodies, commit messages, branch refs) becomes part of
A shared memory segment is created with overly permissive access rights (e.g., 0777, 0666). This allows local users to read or modify the shared memory segment, potentially leading to information disclosure, denial of service, or code execution. Use strict permissions such as 0600.
Unsanitized 'html' parameter is passed to 'separateProps' without deletion, which can allow an SSRF via inline HTML injection during headless rendering.
The regex token `php*` is being used inside a denylist alternation, but in PCRE `*` is a quantifier on the preceding character, so `php*` matches 'ph', 'php', 'phpp', ... and does NOT match '.php4', '.php7', or '.phps'. This is an incomplete list of disallowed inputs (CWE-184): attackers can upload/rename files with PHP-executable extensions like .php4 that
LuaRuntime is configured with attribute access control (attribute_filter or attribute_handlers) but register_builtins=False is not set. Python builtins accessible as python.builtins.* inside Lua — including getattr, setattr, eval, and exec — bypass the attribute filter entirely by invoking CPython natively, skipping Lupa's proxy metamethods. This allows sand
Detected identical generic escaping applied to both key and value of map entries. In contexts like RFC 5424 syslog layouts, parameter names (keys) have strict character restrictions and length limits that require distinctive sanitization. Using value-escaping for keys can result in log injection, CRLF injection, and malformed log data.
This class appears to implement a cache using a dictionary without an associated size limit or eviction policy. Unbounded growth of a dictionary handling user-controlled or dynamically generated keys can lead to memory exhaustion and Denial of Service (DoS). Ensure that the cache enforces a maximum size and evicts older entries (e.g., using `collections.Orde
A user-controlled path parameter from an HTTP request is passed directly to `joinpath()` or the `/` operator without checking if it is an absolute path. In Python's `pathlib`, joining an absolute path (or a Windows UNC path like `\\attacker\share`) to a base path discards the base directory prefix. On Windows, this can force the host to initiate an SMB conne
An unbounded string accumulation from an asynchronous stream was detected. Continuously appending data from `readline()` without line length limits and total count limits can lead to out-of-memory (OOM) situations and Denial of Service (DoS) attacks. Specify a size limit on the `readline()` call and enforce a bounding length for the list.
Bounds checking against the expected uncompressed capacity rather than the actual decompressed payload length may lead to out-of-bounds reads into uninitialized memory.
Manually concatenating strings derived from the HTTP request path (e.g. `req.URL.Path`) into filesystem paths can allow an attacker to write or read arbitrary files on the local system. Ensure all paths derived from user input are appropriately bounded to a base directory (e.g. by using `filepath.Clean` and comparing prefixes, or `filepath.Base` for only bas
The application spawns an unbounded OS thread for each incoming network message within a loop. An attacker can send a rapid succession of messages to exhaust system threads and memory, leading to a Denial of Service (DoS). Use a bounded thread pool like `ThreadPoolExecutor` or an admission semaphore to limit concurrent tasks.
Unescaped interpolation in a regular expression was detected. When interpolating user-controlled data or configurations into a regular expression for a strip-prefix or match operation, it must be escaped to prevent logic bypass, information disclosure, or Denial of Service (ReDoS). If the interpolation contains regex metacharacters, the substitution may sile
Unescaped string interpolation in a regular expression used for prefix matching or stripping. If the interpolated string contains regular expression metacharacters, it may not match as intended or could lead to logic bypasses (e.g., directory disclosure). Use `Regexp.escape()` or `Regexp.quote()` to safely interpolate literal strings into regular expressions
Unconditional extraction of a SAML assertion element via array indexing (e.g., `assertion[0]`) without ensuring exactly one assertion is present. This weak validation pattern enables SAML Assertion Wrapping (XML Signature Wrapping) vulnerabilities. An attacker may inject an unsigned forged assertion alongside a legitimately signed assertion to bypass authent
An npm publish step sets NODE_AUTH_TOKEN from a long-lived static repository secret. Long-lived tokens can be stolen, leaked, or misused by anyone who can push a matching git tag to publish malicious packages as part of a supply chain attack (CVE-2026-34841). Replace static token authentication with OIDC: grant 'id-token: write' to the workflow's permissions
A command string parameter is parsed with shlex.split() and the first token (parts[0]) is returned/used as an OS executable without being validated against an allowlist. If the input is attacker-influenced (e.g. CLI flag, config value, prompt, template), this is OS command injection: any binary/path can be chosen and the rest of the tokens become argv (CWE-7
A tool class performs file operations within a static method. In AI agent frameworks, static methods lack instance context (such as workspace containment or user permissions), which may lead to unauthorized file operations and sandbox escapes if the input paths are attacker-controlled. Consider converting this to an instance method and explicitly enforcing w
A @staticmethod in this class performs a destructive filesystem operation (os.remove, os.unlink, shutil.move, shutil.rmtree, or os.rename) but cannot invoke any instance-level access-control method because it has no 'self' reference. Any instance-level authorization policy—such as a workspace read/write access check—is silently bypassed. Convert the method t
Initializing a TryEntitySet (which uses direct array indexing based on the element's index value) with a capacity equal to the `.len()` of a sparse or filtered map may result in an insufficient capacity. `len()` represents the number of elements, but `TryEntitySet::with_capacity` expects a maximum possible index length. If the map doesn't contain all contigu
This rule is a placeholder. The underlying vulnerability is a TOCTOU bug via yielding GC during JIT translation of passive data models. It is highly specific to Wasmtime's internal compilation phase and Wasm concurrency model, lacking a generalized framework representation.
Wasmtime tracked passive data bounds insecurely via a side-table (`dropped_data`) rather than securely maintaining exact lengths internally in `vmctx`. This state tracking approach is vulnerable to desynchronization and stale state access during module drops and instance pool re-use.
The mutation 'restoreTenant' is absent from this middleware configuration map while 'restore' is present. In Go, a missing map key returns the zero-value (nil slice), causing the middleware dispatcher to skip all authentication, IP-whitelisting, and audit-logging for that mutation — the root cause of CVE-2026-34976 (CVSS 10.0). An unauthenticated remote atta
Building a "bash -c" or "sh -c" argv list with a dynamically constructed command string is vulnerable to OS command injection (CWE-78) when any part of the string originates from caller-controlled or user-controlled data. Even with shlex.quote, mixing user data into a shell-interpreted script is fragile. Prefer invoking the target program directly with separ
An uploaded file is moved into a public_path() (web-accessible) directory inside a handler that does not perform Laravel validation ($request->validate([...]) or Validator::make(...)). When the stored filename's extension is taken from the client (e.g. getClientOriginalExtension() / getClientOriginalName()), an authenticated attacker can upload an executable
ForwardAuth-style request builder calls utils.CopyHeaders to bulk-copy every incoming request header into the forwarded auth request and then only selectively rebuilds a fixed subset of X-Forwarded-* headers (For / Method / Proto / Port / Host / Uri). Other X-Forwarded-* headers such as X-Forwarded-Prefix are not stripped, so when the trust-forward flag is f
Unrestricted pickle deserialization detected. `pickle.loads()` / `pickle.load()` and `shelve.open()` (which internally uses pickle) will execute arbitrary code via `__reduce__` gadgets when given attacker-controlled bytes. If the input originates from a network-reachable store (Redis, memcached, shelve/DBM file, message queue, HTTP body, file uploaded by use
Use of PHP's create_function() compiles its second argument via internal eval(). When any value that flows into the body string originates from request data (cookies, query parameters, headers, or config values overrideable by the client), this becomes a code-injection / RCE primitive (CWE-94). Replace create_function() with an anonymous closure (function(..
The `default` branch of this validation `switch` copies a raw input array entry to a "validated" array without sanitization (same key on both sides). Other branches typically apply a sanitizer such as `InputUtils::LegacyFilterInput`, so attacker-controlled validation types (e.g., the `custom`/`value` parameters in CVE-2026-35184) bypass validation. When the
Using a libcall to access Wasm passive data segments can be unsafe as it fails to synchronize with Wasm JIT execution and dynamic bounds updates (e.g. `data.drop`). A concurrent yield (such as a GC pause) can invalidate bounds leading to out-of-bounds memory access. The compilation strategy should emit inline bounds checks reading from the dynamic segment le
Using Flink's `RawFormatSerializationSchema` or `RawFormatDeserializationSchema` without specifying a line delimiter can lead to record injection. If downstream consumers rely on delimiter-based parsing, an attacker supplying data containing delimiter bytes can break record boundaries and spoof arbitrary records. Configure an explicit line delimiter string t
Verification logic handles missing authentication/provenance data by logging a warning but failing to abort the execution. This allows attackers to bypass signature or provenance verification by simply omitting the material. Ensure the application fails closed by returning an error or halting execution instead.
Cloning objects with `Object.assign({}, ...)` can lead to local prototype pollution if an input argument contains a malicious `__proto__` property (such as from parsed JSON). `Object.assign` invokes the `__proto__` setter on the new empty target object, altering its prototype chain. When this cloned object is subsequently merged, iterated via `for...in`, or
Overly broad, optional, or overlapping regex groups such as `(.*)?$` can cause catastrophic backtracking (ReDoS) leading to DoS. Use more specific character classes instead.
A filesystem write path is derived from `req.URL.Path` and reaches `os.Create` / `os.OpenFile` / `os.WriteFile` / `ioutil.WriteFile` without being passed through a sanitizer that URL-decodes, cleans, and verifies the resolved absolute path is contained within the intended root directory. An attacker can supply traversal segments such as `..` or URL-encoded `
An HTTP request URL path (`req.URL.Path`) is used to construct a filesystem path that is passed to a file-system API (create, open, write, mkdir, stat, or remove) without verifying that the resolved path stays within an intended root directory. Because Go decodes percent-encoded segments (e.g. `%2e%2e`) into `req.URL.Path`, naive concatenation, splitting, or
URL scheme validation throws a generic Error instead of a project-specific error class (such as ActionableError). In highly specific framework environments, generic exceptions might not be properly handled, routed, or surfaced to the client, which can cause security validation failures to be silently suppressed or incorrectly processed.
A request authorization check verifies primary user, role, or administrative presence but fails to subsequently inspect and validate OAuth constraints (such as scope, audience, or origin/transport) when an OAuth token is present. This allows users or tokens with inappropriate scopes or mismatched audiences to bypass intended logical barriers. OAuth propertie
Endpoint authenticates request but misses OAuth scope validation.
regexp2.Compile result is used without assigning a MatchTimeout. The github.com/dlclark/regexp2 engine supports backtracking and defaults MatchTimeout to math.MaxInt64 (no timeout). When the pattern source is attacker-controlled (e.g. parsed from a request header or form field), a crafted regex with nested quantifiers can cause exponential backtracking and h
The hardcoded list of admin-only configuration options is missing security-critical settings such as 'storage_folder'.
A custom file parser extracts and returns a filename without verifying that it doesn't contain absolute paths or directory separators. This can lead to path traversal or arbitrary file overwrite vulnerabilities if the returned filename is used in file extraction operations. Ensure you validate that the extracted filename exactly matches its basename (e.g., u
Path-traversal guard `if strings.Contains(..., "..")` writes an error response but is missing an early `return`. Execution falls through to subsequent filesystem operations even when a traversal sequence is detected, defeating the check (see CVE-2026-35471). Add an explicit `return` inside the guard or use a sanitizer helper that validates the resolved path
The `handle_start` method of a GraphQL WebSocket handler processes subscription messages without first checking if the connection has been initialized and acknowledged. This allows attackers to bypass authentication implemented in the `connection_init` hook (e.g., `on_ws_connect`) by sending a `start` message directly. Ensure that a property like `self.conne
A GraphQL WebSocket handler processes a subscription start message without validating whether the connection state has been initialized or enforcing a limit on the number of concurrently active subscriptions (tasks). This can lead to authentication bypass or a denial of service (DoS) via unbounded task creation. Add connection state checks and a maximum subs
The application retrieves a user via a generated sharing link's identifier but assigns it to the context without validating if the associated user still has appropriate active permissions. This can lead to access bypasses where revoked or suspended users' shares remain fully functional. Ensure the user's permissions are explicitly validated immediately after
A file operation is performed without validating workspace access permissions. This relies entirely on stateless path validation which lacks workspace containment context, enabling potential path traversal or arbitrary file modifications outside the sandbox.
Legacy 2-argument canformat::Serve() invocation on the externally reachable canlog TCP server attack surface, or unbounded use of the attacker-controlled `build_can_frame.length` field inside the GVRET binary parser. In the BUILD_CAN_FRAME path, the 1-byte length is used directly as a memcpy/Pop size into the fixed 8-byte CAN_frame_t::data and the ~16-byte s
Write/mutating REST controller method '$METHOD' uses only the read-only 'view' authorization gate. Write methods (store, create, update, destroy) must authorize with a write-level permission (e.g., 'update', 'create', 'delete') rather than 'view'. Using 'view' allows users with read-only access to perform unauthorized write operations such as file uploads or
A JWT token parsed with `jwt.Parse` or `jwt.ParseWithClaims` is accessed by checking if it is non-nil without also verifying the token's validity (`token.Valid`) or checking the returned error. Invalid tokens (e.g., forged signatures) may still evaluate as non-nil, leading to authentication bypass. Always check `token.Valid` or ensure the parsing error is ha
A SQLite JSON path is built by concatenating a field-name parameter to a '$' / '$.' prefix without escaping single quotes or backslashes. The resulting path is typically interpolated into single-quoted SQL string literals (e.g., json_extract(document, '$.field'), json_each, json_type, json_array_length). An attacker-controlled field name containing a single
FileTools methods lack instance-level context to check and enforce workspace boundary access constraints due to static implementation.
Rack::Session::Cookie#unpacked_cookie_data falls back to an unauthenticated coder (e.g. Base64::Marshal) when configured encryptors fail to decrypt the cookie. Because encryptor failures are rescued and ignored, an attacker can forge a session cookie that fails authenticated decryption but is still parsed by the fallback coder, leading to authentication bypa
Controller method reassigns a model's `user_id` (ownership column) and persists the change with `->save()` without calling `Gate::authorize(...)`, `$this->authorize(...)`, `Gate::allows(...)`, or `$this->authorizeForUser(...)` anywhere in the method body. Combined with Laravel route-model binding, this lets any authenticated user take ownership of arbitrary
Bypassing a filesystem access check using a hardcoded environment or role string (e.g., `consumer === 'server'`) can allow arbitrary file reads if the check evaluates user-controlled paths. Use explicit configuration flags to determine if checks should be bypassed rather than relying on broad environment labels.
A dynamically constructed route path is joined and returned directly without validation against the base output directory. This missing boundary check can lead to Path Traversal vulnerabilities if the dynamic input contains directory traversal sequences. Ensure that generated paths are validated using a check before being returned or used.
The return value of strtol is used in arithmetic operations without validating for negative values. This can lead to integer overflow or memory issues when the resulting value is passed to functions.
JDBC parameter denylist contains MySQL-specific entries such as "autoDeserialize" but is missing critical PostgreSQL JDBC driver parameters ("socketFactory", "socketFactoryArg"). An attacker can bypass this denylist by supplying a jdbc:postgresql: URL with socketFactory pointing to an arbitrary Java class (e.g., ClassPathXmlApplicationContext) to achieve una
Unbounded memcpy of an ASN.1 SpcIndirectDataContent digest into a buffer. This copies data trusting the `messageDigest->digest->length` field, which is controlled by the attacker. If the destination array has a fixed boundary (like EVP_MAX_MD_SIZE), this will cause a buffer overflow. Verify the length fits the destination buffer before moving memory.
The Traefik HTTP entrypoint handler chain wires `denyFragment` (and `normalizePath`) but does not install `denyEncodedCharacters` in the same chain. Without this middleware, suspicious percent-encoded characters in the URL path (e.g. %0A, %0D, %2F, %5C, %00, %25, %3B) reach downstream middleware and authentication subrequests, where they can be used to forge
A directory containment verification is conditionally bypassed based on an inequality condition. This logic error can allow path traversal or local file inclusion (LFI) because outer path boundaries are discarded for specific cases. Ensure containment invariants are enforced unconditionally on all file lookup operations.
Array.splice() is called inside a backward-decrement while loop but the enclosing block only returns conditionally (inside a nested if) after removal. When the condition is false the loop continues iterating over the now-shorter array with stale index bounds, causing state corruption that can crash the process or corrupt shared state under concurrent access
A globals mapping is being constructed with '__builtins__' aliased to the unrestricted real __builtins__. When this mapping is passed to exec()/eval() for untrusted code, it provides NO sandboxing: the executed code can call exec/eval/compile/__import__/open directly, and can also escape via frame-traversal (e.__traceback__.tb_frame.f_back.f_builtins["exec"]
Agent tools exposing file operations via static methods lack instance-level context necessary for proper sandboxing (e.g., workspace bounds). This can allow an attacker to exploit agent prompts to perform arbitrary file reads/writes outside intended boundaries. Refactor tools to use instance methods and explicitly enforce workspace access controls.
Magic login link containing an authentication token is returned to the caller after being delivered by email. If the caller exposes this return value through an HTTP response, an unauthenticated attacker who knows a target email can retrieve the login token directly (CVE-2026-39912). Return only a boolean success indicator instead of the link.
A topic/manifest entry obtained from a remote source is appended to the enabled list without verifying that its `name` field is free of control characters. Newlines or other control characters in `name` can break out of the intended APT sources.list line and inject arbitrary `deb`/`deb-src` entries into /etc/apt/sources.list.d (CVE-2026-39958). Validate the
User-controlled input from a PHP request superglobal flows into an LDAP filter passed to ldap_search/ldap_list/ldap_read without being escaped via ldap_escape(..., LDAP_ESCAPE_FILTER). An attacker who can influence the source value (e.g., a reverse-proxy-supplied header surfaced through $_SERVER) can inject LDAP filter metacharacters such as *, (, ), \ to ch
Removing empty elements from a nested array using `.filter(x => x.length > 0)` will eliminate intermediate empty elements, shifting the indices of subsequent items. If this multi-dimensional array relies on strict index positions to map logic (such as mapping positional output ports in graph/workflow execution engines), this truncation misroutes execution fl
WebSocket route handler decorated with `@$ROUTER.websocket(...)` does not invoke `validate_auth(...)` before accepting the connection. Unlike other authenticated WebSocket endpoints in marimo, this handler skips authentication, potentially allowing unauthenticated attackers to use privileged functionality (e.g. obtaining a PTY shell via /terminal/ws). Call `
The `os.popen()` function executes commands through the shell. Passing dynamically built strings (via concatenation or formatting) can lead to OS command injection if the input contains shell metacharacters. Instead, use `subprocess.run()` with a list of arguments and `shell=False`, or standard library equivalents like `os.listdir()`.
Checking dynamically extracted fields (e.g., API responses) against constant allowlists, blocklists, or markers without normalizing case can allow alternate casings to bypass validation logic. Attackers or upstream APIs returning 'invalid' instead of 'INVALID' can silence errors. Always normalize string inputs using `.upcase` or `.downcase` before membership
When an HTTP stream handler accumulates payload size and checks it against a `content-length` limit parsed with `Number()`, `parseInt()`, or `parseFloat()`, it can fail open. For chunked requests, missing headers cause these parsers to return `NaN`. Because numeric inequalities evaluate to false against `NaN` (e.g., `size > NaN`), an attacker can circumvent
A function handling file operations delegates path validation to a static class method instead of an instance-bound method. This can bypass workspace and instance-level sandbox constraints, leading to path traversal or authorization bypass. Convert the method to use `self` and validate bounds against the instance's designated workspace.
File operations in static methods lack instance-level workspace bounds. Ensure file system operations that act on user or agent input enforce sandbox constraints via instance properties.
A `@staticmethod` on a file-tooling class performs a destructive filesystem operation (os.remove / os.unlink / shutil.move / shutil.rmtree / shutil.copy / shutil.copy2) without invoking a workspace authorization guard such as `self._require_workspace_access(write=True)` first. When such a method is exposed as an agent tool (e.g., PraisonAI FileTools loaded b
Detected SQL injection via direct string interpolation (such as f-strings) in a database `execute` call. Untrusted input should be parameterized. If interpolating identifiers like table names, use a validation step (e.g. strict regex matching) before interpolation.
A potentially hardcoded or static seed is used for MurmurHash3 initialization. This makes the hash function predictable and vulnerable to hash collision Denial of Service (DoS) attacks. An attacker can precompute keys that hash to the same bucket, degrading performance to O(n²). Randomize the hash seed using a cryptographically secure pseudo-random number ge
State-changing FileServer handler performs a filesystem-mutating operation (file create/open-for-write, remove, remove-all, mkdir, or multipart body read) without first calling fs.applyCustomAuth(...) to enforce the per-folder .goshs ACL/basic-auth policy. The read paths (doDir/doFile) gate access through findSpecialFile/findEffectiveACL + applyCustomAuth, b
`extractall()` is called on an archive object without first validating member entries against path traversal (Zip Slip). Python's `zipfile` module does not sanitize `..` or absolute path entries, so a crafted archive can write files outside the destination directory. Before calling `extractall`, iterate `namelist()`/`infolist()`, resolve each entry with `os.
Route $PATH is registered with model.CheckAuth but without model.CheckAdminRole, allowing any authenticated user—including publish-service RoleReader tokens—to invoke a privileged attribute-view operation (layout changes, group configuration, batch block replacement, or unconditional file deletion). Add model.CheckAdminRole (and model.CheckReadonly for write
File mutation operation performs path-traversal validation (_validate_path) but does not enforce workspace containment via _require_workspace_access(write=True) before invoking a destructive filesystem operation (shutil.move / shutil.copy2 / os.remove / os.unlink / open(..., 'w')). Path-traversal checks alone allow any absolute host path that does not contai
A destructive file-system method decorated with @require_approval performs a write/copy/move/delete/download operation but does not call self._require_workspace_access(write=True) before the operation. In PraisonAI versions prior to 4.5.139 / praisonaiagents 1.5.140 (CVE-2026-40289), FileTools.write_file / copy_file / move_file / delete_file / download_file
A SQL identifier (e.g., a table-name attribute) is being constructed by f-string interpolation of a constructor/method parameter inside a SQLite-backed conversation store, without any allowlist validation of the prefix. SQL identifiers cannot be safely parameterized via placeholder binding, so the only safe mitigation is strict allowlist validation of the pr
A filesystem path is built in a single `filepath.Join` rooted at the user data directory (`util.DataDir`) and concatenated with a user-controllable string parameter (`$ID + $EXT`), then passed to a deletion primitive (`filelock.RemoveWithoutFatal`, `filelock.Remove`, `os.Remove`, `os.RemoveAll`) without verifying that the resolved path stays inside the inten
Mermaid SVG output from `$MERMAID.render()` is inserted into `innerHTML` without DOMPurify sanitization. Mermaid diagrams rendered with securityLevel "loose" allow attacker-controlled HTML/JavaScript to survive into the SVG output (via inline event handlers such as onerror/onload, <script> elements, or javascript: URLs in href attributes). The regex-only app
Recursive descent parser entry-point method in Utf8GraphQLParser is missing the IncreaseDepth() / DecreaseDepth() recursion-depth guard. An attacker can submit a GraphQL document with deeply nested selection sets, list values, object values, or list/non-null type references that exhausts the managed stack and raises a StackOverflowException, which is uncatch
Skipped rule generation. The vulnerability entails the omission of signed HTTP trailer parsing and validation, requiring the implementation of new protocol state handling which cannot be intuitively detected by behavior static analysis. Structural fallback applied.
A credential-like field (e.g., password, token, code) destructured from `req.body` via a TypeScript type assertion (`as <Type>`) is passed directly into a Mongoose equality query. TypeScript type assertions are erased at runtime and do not validate input, so an attacker can submit a JSON object such as `{"$ne": ""}` for a field expected to be a string/number
Detected an under-specified Thymeleaf expression-opener recognizer that checks only '$', '*', '#', '@', '~' but does NOT also check the preprocessing opener '_' (for "__...__") nor the literal-substitution opener '|' (for "|...|"). This is the CVE-2026-40477 (Thymeleaf <= 3.1.3.RELEASE) SSTI-bypass shape: SpringRequestUtils.containsExpression() fails to flag
Branching on a raw parsed-header field `bits_per_pixel` to cast a pixel/scanline buffer to a wider integer type (uint16_t*/uint32_t*) is unsafe when that buffer's size/stride was derived from an independently resolved pixel format. If the header value disagrees with the resolved bits-per-pixel, the byte-swap loop will read/write past the allocated buffer (he
Bytes-per-pixel is computed from raw header fields ($STATE->channels * $STATE->depth) instead of from the resolved pixel format (e.g. sail_bits_per_pixel(image->pixel_format)). When the row/scan-line buffer is allocated based on the resolved pixel_format, this raw-header-derived stride can exceed the allocated bytes-per-pixel, causing heap buffer overflows o
An RLE raw-packet decode loop writes `count` pixels (decoded from a marker byte as `(marker & 0x7F) + 1`, up to 128) into a heap output buffer without clamping `count` against the remaining buffer capacity (e.g. `pixels_num - i`). The loop advances the output pointer by `pixel_size` per iteration, which can write past the end of the destination buffer (CWE-7
An HTML tag denylist array contains 'script' and 'iframe' but omits 'style'. This allows attackers to inject malicious CSS, which can be leveraged for CSRF token exfiltration and other CSS injection attacks. Ensure 'style' is included in the array of stripped tags.
Authentication or access token derived from `config('app.key')` using MD5 (e.g. `md5(config('app.key') . 'suffix')`). MD5 is cryptographically weak and the construction is an unkeyed hash (not a true HMAC), producing a static, deterministic token that can be brute-forced or leaked via query strings, server logs, browser history and proxy logs. Use `hash_hmac
Authentication check fails open when the configured api_key is empty or unset. Returning True (or otherwise granting access) when the configured secret is missing allows unauthenticated callers to invoke privileged routes. Convert this into a hard failure (e.g., raise HTTPException(status_code=503, ...)) so the service refuses requests until an operator expl
Mass assignment vulnerability: a partially-filtered request payload obtained via $request->except([...]) (typically used to "drop the password before saving") is forwarded to an Eloquent model's fill() method without a positive field-name allowlist. Although the developer excluded one or two sensitive keys (e.g. out_password / in_password), an authenticated
Path-resolution helper fails to enforce its sandbox boundary. The function either (a) short-circuits and returns a caller-supplied absolute path verbatim, or (b) joins a base directory with a caller-controlled filename and returns the result without resolving with `os.path.realpath` and verifying containment (e.g. via `os.path.commonpath`, `startswith`, or `
The pointer returned by dw_get_dname() is passed to dwc_lower_case() BEFORE it is checked for NULL. If dw_get_dname() fails (for example, when parsing a malformed CNAME referral with embedded NULL bytes in a label), it returns NULL and dwc_lower_case() will dereference a NULL pointer. The NULL check on the result must be performed BEFORE calling dwc_lower_ca
The authorization check evaluates permissions using the incorrect subject `:document` instead of `:collaborative_text`. In the `decidim-collaborative_texts` component, component-specific permission bounds explicitly match `:collaborative_text`. Using `:document` bypasses expected authorization checks, which can lead to a fail-closed DoS or privilege escalati
SFTP startup validation accepts an empty-username basic-auth string (e.g., "-b ':pass'"). Because the SFTP password handler is only attached when both username and password are non-empty, an empty username causes no SSH authentication handler to be installed, and the gliderlabs/ssh server then defaults to admitting all clients without credentials. Reject con
An index is incremented in a bound-checking loop but is then used to slice beyond the bounds without checking if the slice was exhausted. This can lead to a panic (out-of-bounds read). Ensure that you check if the loop reached the maximum string length before slicing with `[:i+1]`.
A List<String> field initialized via Arrays.asList() in a Lombok @Data-annotated class is missing @JsonIgnore. The @Data annotation auto-generates a public setter for this field. During Jackson JSON deserialization, an attacker can include this field in a crafted JSON payload to overwrite the server-side value, potentially bypassing security validation (e.g.
Validator/checker function ends with a permissive catch-all clause that returns `:ok` (or `{:ok, ...}`) for any unhandled input. When this function is used to vet user-controlled data that flows into a security-sensitive sink (such as a SQL query string built via string interpolation), the catch-all enables bypass of validation and may lead to SQL injection
A cross-namespace access vulnerability was discovered. A target namespace is retrieved from a user-supplied configuration and used to fetch a resource without validating it against the current context's bounded namespace limits. This lack of validation allows a namespaced policy to read arbitrary resources out of namespace bounds, resulting in a privilege es
An authentication denial branch in an OpenVPN plugin handler returns a success status code (OPENVPN_PLUGIN_FUNC_SUCCESS). OpenVPN only consults auth_control_file when the plugin returns FUNC_DEFERRED; returning FUNC_SUCCESS causes OpenVPN to immediately admit the client as fully authenticated regardless of any denial written to the file. This results in comp
The .install field parser converts a user-supplied destination filename string directly into an OpamFilename.Base via `Pp.of_module "rel-filename" (module OpamFilename.Base)` without validating for parent-directory references (`..`) or absolute paths. A malicious package can use destinations such as `../../a-file` to write files outside the opam switch direc
Missing dynamic bounds check for block length against window size in filter parser. This can allow attackers to supply a nonsensically large block length, causing an infinite loop. Ensure the block length is bounded by a reasonable fraction of the dynamic window size.
A custom HTTP stream reader is created from an HTTP request body but fails to clear or sanitize `req.Trailer`. Go's `net/http` server automatically populates this field with trailing headers upon reading a chunked request. If the application later trusts these unverified trailers (e.g., for metadata or chunk signatures), attackers can smuggle unsigned traili
prctl(PR_SET_DUMPABLE, 1, ...) is called unconditionally without a boolean guard. In privilege-separated (setuid) architectures where the calling process still holds a privileged IPC channel to a root parent, an attacker sharing the same UID can ptrace-attach to this now-dumpable process and inject arbitrary privileged operations through that channel. Add a
SQL query is built by interpolating request-derived values into a JavaScript template literal and passed to `.query()` with no parameter values array. Under node-postgres, a missing params argument dispatches via the simple query protocol, which neither parameterises values nor blocks stacked (semicolon-separated) statements — enabling SQL injection and, wit
Validate paths using `path.relative()` instead of `startsWith()`. Using `startsWith()` to check path prefixes without ensuring a trailing directory separator allows directory traversal bypasses via partial directory matches (e.g., `/var/uploads_malicious` bypasses a check for `/var/uploads`).
Zip Slip / Path Traversal: a destination path is built by concatenating a ZIP entry name (or a value derived from it via str_replace) with a base directory and is then used as the target of a file write without validating that the resolved path stays under the base directory. A crafted ZIP entry containing '../' or '..\\' segments can cause arbitrary file wr
The `Array` heap-value-type variant stores its `size` as a raw `u32`, discarding the element-type-aware semi-flattened slot count. When the inner element type is composite (a tuple/struct that occupies multiple Brillig slots per element), allocations sized from this raw count under-allocate the heap buffer and allow out-of-bounds writes when foreign-call/ora
Stripping leading forward slashes from a path computationally without normalizing backslashes can lead to path traversal bypasses on Windows. Because Windows file APIs treat backslashes as valid directory separators, attackers can supply paths like `\\..\\..\\` to skip forward-slash checks and break out of the intended base directory. Normalize backslashes (
Function parameter '$ISO' is used in sprintf() to construct a file path for require/include without path traversal validation. An attacker controlling '$ISO' can inject '../' sequences to include arbitrary files outside the intended directory, potentially achieving Remote Code Execution (CWE-98 / PHP Local File Inclusion). Add a traversal guard before constr
FileDir::makeCorrectDir() is called on a path built by concatenating a customer's documentroot with user-supplied data (DataDump export path), but without the second $fixed_homedir argument. Without that argument the symlink-escape validation in FileDir::makeCorrectDir() (lines 134-157) is skipped entirely, so a customer-owned symlink inside their home direc
The protobufjs `Type` constructor forwards the `name` argument to `Namespace.call(this, name, options)` without first stripping non-word characters. The stored name is later interpolated verbatim as a JavaScript identifier in source compiled by `new Function()` (util/codegen in decoder.js / encoder.js / verifier.js / converter.js), allowing an attacker who c
Dynamically constructing Envoy Lua filter scripts via string interpolation or templates allows Lua code injection. User-controlled values injected into the script source can execute arbitrary code within the proxy. Configure static Lua scripts and pass dynamic variables through Envoy's `FilterContext` or stream data instead.
An ImageMagick CLI command is built with sprintf() and interpolates a value into a shell-quoted argument (e.g., "xc:%s" or -background "%s") without using escapeshellarg(). If the interpolated value is influenced by user input, an attacker can break out of the double-quoted argument with a literal " followed by shell metacharacters (`;`, `|`, `&&`, `$()`, ba
Affirmative use of createRouteMatcher — `if ($MATCHER(req)) { await auth.protect(); }` — is the vulnerable shape for CVE-2026-41248. In @clerk/shared versions before 2.22.1 / 3.47.4 / 4.8.1 the matcher compared the raw pathname without URL normalization, so crafted requests (`/api/%61dmin/...`, `//api/admin/...`, `/api/foo/%2e%2e/admin/...`) skipped the matc
Extracting a file path by summarily replacing a prefix string using `.replace()` before using it in a file operation leaves the application vulnerable to Path Traversal/Local File Inclusion. Replace this arbitrary removal step with proper path-sanitization logic like `path.basename()` or a dedicated sanitizer function.
Extracting a filename from a URL path using `path.basename` and appending it to a local filesystem path without rigorous traversal validation (such as checking for Windows drive letters) can result in Path Traversal arbitrarily overwriting files. Furthermore, piping a network response to this file natively without size or timeout limits poses a Denial of Ser
A block render generator function calls the template renderer without a re-entrancy (cycle-detection) guard. When the same block tag is nested inside itself via layout inheritance, the stored render closure is retrieved from the register and re-invoked indefinitely, exhausting heap memory and crashing the process (CWE-674, CVE-2026-41311). Before calling the
Reading the default Kubernetes ServiceAccount token ('/var/run/secrets/kubernetes.io/serviceaccount/token') directly from the filesystem. If this token is routed to an external or untrusted server, an attacker can intercept it and gain full privileges in the cluster. It is recommended to request an audience-scoped projected ServiceAccount token for external
Potential DQL injection (CVE-2026-41327): a user-controlled upsert `cond` value is being transformed by `strings.Replace($X, "@if", "@filter", 1)` and concatenated into a DQL query without prior structural validation. The `strings.Replace` call is a cosmetic syntax rewrite, not a security boundary. An attacker can craft a `cond` that closes the `@filter(...)
A DQL predicate is being constructed by concatenating a language tag via `fmt.Sprintf("%v@%v", predicate, lang)` (or `%s@%s`), and the result is later interpolated into a DQL query template. Because `x.PredicateLang()` only splits the JSON mutation key on the last `@` and returns the suffix verbatim, the language tag is attacker-controlled and can contain DQ
A pj_str_t-style length field is decremented by 2 after only checking the first byte (typically to strip a pair of delimiters such as '<' '>') with no prior verification that slen >= 2. If the string is shorter than the assumed delimiter pair, slen underflows. Because pj_str_t.slen (pj_ssize_t, signed) is implicitly converted to the unsigned pj_size_t accept
Mozilla build configuration explicitly enables unverified updates via '--enable-unverified-updates'. This allows signature-absent update packages (MAR) to be applied without cryptographic validation, exposing users to arbitrary code execution if update channels are compromised.
A URL or webhook field in a SimpleSchema definition lacks custom SSRF validation. When storing configurable endpoint URLs, the schema must include a `custom` validation hook that parses the URL and explicitly blocks requests targeting private, loopback, or undocumented internal network ranges (e.g., 10.0.0.0/8, 127.0.0.1).
Use of the deprecated decode_tag_number_and_value() function detected. This helper accepts no apdu_size parameter and performs NO bounds checking on the input buffer. It unconditionally reads apdu[0] (and apdu[1] for the extended-tag form) which causes 1-7 byte out-of-bounds reads when the caller-supplied buffer is truncated (CVE-2026-41475). Use the bounds-
Dummy rule. Deskflow domain-specific logic flaw in custom IPC handling and custom command execution.
Method path from GetMethod() is written into a URL builder without first calling path.Clean(). Unsanitized path traversal sequences (../, %2F/..) allow bypassing access-control policies that normalize the path independently from the dispatch layer: the ACL evaluates the normalized form while the target application receives the raw traversal-bearing path (CVE
This HTTP handler intercepts only "/debug/pprof/cmdline" before delegating every other path to http.DefaultServeMux.ServeHTTP. Go's expvar package registers an unauthenticated "/debug/vars" handler on http.DefaultServeMux at package init time and publishes os.Args under the JSON key "cmdline". If expvar (or anything that imports it, e.g. a metrics package us
Data from JSON.parse() or an async/network response flows into exec() without sanitization. exec() passes its first argument to a shell interpreter (/bin/sh on Unix), so unsanitized remote values containing shell metacharacters (;, &&, $(), backticks) enable arbitrary command execution with the privileges of the calling process. Fix by switching to execFile(
User-supplied HTML content from a rich-text editor is stored in a model's 'content' property without HTML sanitization. When this field is later rendered with an unescaped directive (e.g., Laravel Blade's {!! !!}), it enables stored XSS: any injected script executes in every visitor's browser on page load. Apply an allowlist-based HTML sanitizer (e.g., HTMLP
Authentication function compares the supplied plaintext against a placeholder bcrypt hash when the user's stored password is empty (a CWE-208 timing-attack mitigation), but the success guard only checks `err == nil` without also requiring that the stored password is non-empty. An unauthenticated attacker who submits the plaintext that matches the placeholder
Non-constant-time comparison of secret/token field '$ATTR' using the == operator. Python's str.__eq__ short-circuits on the first mismatching byte, leaking timing information that allows an attacker to recover the secret byte-by-byte (CWE-208). Replace with secrets.compare_digest($OBJ.$ATTR, $TOKEN) or hmac.compare_digest($OBJ.$ATTR, $TOKEN), which run in co
Password callback FFI trampoline forwards the user closure's returned `usize` length to OpenSSL as `c_int` without checking that it does not exceed the buffer `size` parameter that OpenSSL passed in. A user closure that returns a value larger than `size` (e.g. mistaking the length of an external secret for the number of bytes written) causes OpenSSL 1.1.x /
Inverted bounds assertion before AES_unwrap_key: the guard `OUT.len() + 8 <= IN.len()` is reversed. AES key unwrap (RFC 3394) writes `IN.len() - 8` bytes into `OUT`, so the correct invariant is `OUT.len() + 8 >= IN.len()` (equivalently `OUT.len() >= IN.len() - 8`). The reversed comparison admits undersized output buffers and causes an out-of-bounds write fro
Call to `ffi::EVP_DigestFinal` (or the raw `EVP_DigestFinal` C symbol) is not preceded by a bounds check that ensures the output buffer length is at least `EVP_MD_CTX_size(ctx)` bytes. `EVP_DigestFinal` always writes exactly the configured digest size into the `out` buffer, ignoring its `len` argument as a capacity bound, so passing an undersized buffer caus
A str.replace()-based template interpolation returns the substituted value from a data object without path-segment safety validation. When the resulting string is used as a filesystem path and the substituted values originate from user input (e.g. HTTP language or namespace parameters), an attacker can inject path-traversal sequences such as '../../../../etc
A string value is embedded into a filter or query expression using String.format with naive single-quote wrapping ("'%s'") and no escaping of special characters. A value containing a single quote will terminate the string literal prematurely and allow injection of arbitrary filter/query syntax (e.g., Milvus filter injection, MariaDB SQL injection via metadat
Vendored copy of zlib at version older than 1.3.2 detected. Versions <= 1.3.1 contain multiple security defects identified by the 7ASecurity audit (CVE-2026-27171, CVE-2026-3381 / CVE-2026-4176 in Perl's Compress::Raw::Zlib): missing NULL/zero-length guard in compress2(), non-thread-safe custom once() pattern in crc32 table init, and size_t-overflow risk in
Call to securityStrategy.login() is not preceded by a login rate-limit check in the enclosing function. Authentication entry points must be throttled to prevent online brute-force / credential-stuffing attacks (CVE-2026-41893, CWE-307). The HTTP routes /login and /signalk/v1/auth/login are guarded by express-rate-limit, but WebSocket message handlers invokin
Extracting a dictionary value via `get()` and relying on its truthiness before applying validation can lead to bypasses. Explicit falsy values (e.g., `""` or `null`) sent by a user will evaluate to False, short-circuiting the negative validation block (like `if not is_valid(...)`). The falsy value then sidesteps validation but still remains part of the expli
FFI trampoline forwards a Rust closure's returned `usize` length directly to OpenSSL (cast to `c_uint`/`size_t`/`u32`) without first comparing it against the length of the `&mut [u8]` slice that was handed to the closure. A buggy or attacker-influenced closure can return a length larger than the slice, causing OpenSSL to read past the buffer and serialize ad
Detected first-character shortcut in a type-name deny-list check (isTypeBlockedForAllPurposes / isTypeBlockedForTypeReference). The conditional `if (c0 != 'c' && c0 != 'j' && c0 != 'o' && c0 != 's') return false;` (or the 'c'/'n'/'j'/'o' variant) short-circuits the actual deny-list lookup based on the assumption that every blocked package starts with one of
An overly strict path traversal check rejects operations when `realpath()` returns `false`. Because `realpath()` returns `false` for non-existent directories, this improperly blocks operations (like archive extraction) where the target directories are meant to be dynamically created, leading to a Denial of Service.
Simultaneously checking sequence number and message type (e.g. handshake type) to identify duplicate packets in a queue loop is unsafe. This pattern ignores duplicate sequence numbers that have mismatched types, leading to unstable packet sorting or Denial of Service (DoS) when invalid duplicated packets are improperly queued. Separate the conditions to chec
An authorization check (check_access) is gated behind a "not in <allowlist>" conditional. Resources whose identifier is in the allowlist bypass the authorization check entirely. This pattern was the root cause of CVE-2026-42031 in CKAN's datastore_search, where the WHITELISTED_RESOURCES shortcut allowed enumeration of private resources via _table_metadata an
Checking for integer overflow after a multiplication has occurred can lead to undefined behavior if the variables are signed. Modern compilers may optimize away these checks since signed integer overflow is undefined. To prevent this, verify that the operation will not overflow before performing it, using division (e.g., `if (X != 0 && Y > INT_MAX / X)`).
net.Listen is called with a port-only address produced by fmt.Sprintf(":%d", ...) or a similar colon-prefixed format string. Go resolves this to the wildcard address (0.0.0.0), binding the TCP listener on ALL network interfaces regardless of any configured host restriction. Replace with net.JoinHostPort(host, strconv.Itoa(port)) and supply an explicit host (
Using `eval()` with an empty dictionary for globals is an incomplete sandbox. Python implicitly injects `__builtins__` into the globals dictionary if it is not explicitly provided, allowing attackers to execute arbitrary system commands via built-in functions like `__import__`. To properly restrict `eval()`, pass a dictionary explicitly limiting or disabling
A Gin router group was created but no middleware was attached to it either during creation or via `$GROUP.Use(...)` before routes were applied. This can lead to missing authentication, authorization, or other critical middleware checks on the grouped endpoints. Ensure that authorization middleware is applied either by passing it as additional arguments to `.
A project-specific installation method is called without confirming user intent, potentially downloading and executing untrusted code.
When standard temporary directory validations fail, this code falls back to an alternative temporary directory without checking execution privileges. This may lead to local privilege escalation if the directory is accessible to lower privileged users and the application is running as SYSTEM.
An integer count decoded from untrusted external data is passed to Vec::with_capacity without bounding it against the remaining readable packet/buffer bytes. A crafted large count (e.g. u32::MAX ~4 billion) can trigger a multi-gigabyte heap allocation, crashing the process via OOM before any credential is verified (pre-auth DoS). Clamp the decoded count to t
AWS SNS webhook handler dispatches on req.body.Type without first verifying the SNS message signature (CWE-347). Unauthenticated callers can POST a forged SNS payload to trigger workflow automations, unsubscribe contacts, corrupt delivery metrics, or exhaust billing credits. Verify the RSA Signature field against a certificate fetched from a validated Signin
A pathlib.PurePosixPath() is being constructed from an unnormalized path string that is later passed to a Django/django-storages storage.open() call. Because PurePosixPath treats backslashes as literal filename characters, an attacker-supplied path containing "..\\..\\" can bypass parent-prefix validation (path.parent appears legitimate) while still being re
Using `mark_safe` with string interpolation (%, .format(), f-strings) allows user-controlled data to bypass Django's automatic HTML escaping, which can lead to Cross-Site Scripting (XSS). Use `django.utils.html.format_html` instead, which safely escapes its arguments.
Generating a SCRAM client final message without validating the PBKDF2 iteration count allows a malicious server to cause a client-side Denial of Service (DoS). Retrieve the iteration count using getIterationCount() and enforce a maximum limit before proceeding.
Resource action lookup uses only `get_actions`, omitting actions registered via custom controls (`get_actions_from_custom_controls`). Because two independent registration paths exist, this narrower lookup returns nil for custom-control-registered actions; the nil guard then redirects (marking `performed? == true`), causing the `verify_authorization` before-a
Generating a session or CSRF binding cookie proactively inside a global middleware can lead to security bypasses if attackers can obtain valid session bindings without authentic API login. Ensure cookie provisioning is restricted to explicit login routes.
Gin middleware function conditionally invokes middleware.AuthRequired() only on one branch and calls ctx.Next() on the other branch, allowing requests to proceed unauthenticated when the condition is false. This is a state- or time-window-dependent authentication bypass (e.g. "auth only after install" or "auth only after a timeout"); attackers can hit the ro
Evaluating `libinjection_xss` or `libinjection_sqli` as a simple boolean or `int` drops explicit fail-safe parser errors introduced in libinjection v4. This allows specifically crafted obfuscated payloads to induce a parser error that bypasses the WAF (fail open). Update to capture the result in an `injection_result_t` and handle both `LIBINJECTION_RESULT_TR
Incomplete authorization enforcement for workflowTemplateRef restriction mode: only HasPodSpecPatch() is validated, leaving hostNetwork, serviceAccountName, securityContext, tolerations, automountServiceAccountToken, volumes, and other security-sensitive WorkflowSpec fields unchecked before the spec merge. A user with workflow-create permission can inject th
Authentication bypass via alternate channel (CWE-288). An "X-Admin-Token" style HTTP header is read from the request and its raw value is used as an authenticated identity — either passed directly into a session/identity constructor or compared with `==` against a stored `adminToken` pointer to short-circuit RBAC checks. There is no cryptographic verificatio
code-server is started with '--auth none', completely disabling all authentication. Any user with network access to the bound port can open the VS Code IDE without credentials and execute arbitrary commands inside the container (CVE-2026-42302 / CWE-306). Replace '--auth none' with '--auth password' or '--auth cookie', and bind to 127.0.0.1 rather than 0.0.0
DNS decompression parses pointer lengths via offset tracking but lacks loop detection. This allows remote attackers to trigger an infinite loop using deeply chained or cyclic compression pointers, causing a Denial of Service (DoS). Ensure offset references are tracked in a set and reject duplicates.
A static struct pointer is initialized to NULL and populated via a separate initialization function, creating a per-translation-unit accessor/dispatch table. When table entries use per-translation-unit const struct instances as type or mode tokens compared by pointer identity, cross-shared-library comparisons silently return false, selecting the wrong conver
A custom tar archive extraction loop iterates over members to filter paths but fails to properly check for symlinks or hardlinks. Relying solely on path traversal checks does not prevent Symlink Escape attacks (a variant of Zip Slip), where an archive contains a symlink targeting outside the extraction directory and writes files through it. Ensure that `issy
Insecure manual JSON string escaping: using .replace(/(?<!\\)"/g, '\\"') to sanitize user-controlled values for JSON string interpolation is bypassable. The negative lookbehind treats a user-supplied backslash before a double-quote as an escape prefix, so that quote is left unescaped in the output. Because the backslash itself is never encoded to '\\', the J
HTTP request issued with a URL taken from a user-supplied object attribute (field name matching *url or *uri) without SSRF validation. An attacker who controls this value can supply an internal address (127.0.0.1, RFC-1918, 169.254.169.254 cloud metadata endpoint) to make the server issue arbitrary internal HTTP requests. Resolve the hostname and verify the
Aggressive empty element filtering on a position-dependent (sparse) sub-array shifts subsequent indices, corrupting mappings that rely on index position. Remove trailing empty structures carefully instead of indiscriminately filtering intermediate empty arrays.
This function checks only operation-level Security and returns with auth not required when that field is absent or empty, ignoring any API-level global security configuration. Any endpoint registered without an explicit Security block silently bypasses authentication (auth-bypass-by-omission). Add the huma.API as a parameter and fall back to api.OpenAPI().Se
A SQL injection vulnerability exists because the application uses Python's `str.format()` to dynamically evaluate unescaped variables directly into a SQL query string. This enables arbitrary SQL command execution, which can be leveraged for IDOR or Authentication Bypass. Use the database driver's built-in parameterization by passing variables as a tuple to t
A hardcoded blacklist is used when parsing `{usermeta:key}` template tags, without applying an extensible WordPress filter. This can lead to sensitive information disclosure if unauthorized users extract third-party sensitive usermeta keys that are not present in the core blacklist.
Moving an uploaded file to an unvalidated destination path can allow attackers to write arbitrary files (e.g., web shells) to the server via directory traversal sequences ('..') or absolute paths. Validate the destination path using 'basename()', 'realpath()', or strict string checks before moving the file.
Moving an uploaded file to an unvalidated path derived from a function parameter can lead to path traversal and arbitrary file write vulnerabilities. Adversaries might write or overwrite files on the server. Validate the target path to prevent directory traversal (`..`) or use `basename()` to secure the filename.
'$VAR.ID' is assigned by hashing its own current (uninitialized) value. If '$VAR' was freshly allocated with a zero-value struct literal, '$VAR.ID' is the empty string at this point, so every OAuth user receives the same derived identity — the hash of "" — enabling cross-account access and privilege confusion (CWE-287, CVE-2026-42560). Use the actual externa
A placeholder in a command string is replaced with an unquoted value and executed via an OS execution sink. If the substituted value is attacker-controlled, it can lead to OS Command Injection. Ensure values substituted into shell commands are properly sanitized using safe quoting mechanisms like `shlex.quote`.
Laravel `Route::group` registers the legacy `/importer` endpoints without authentication or admin-authorization middleware. The route group only applies the `web` middleware (session + CSRF), which does not verify identity, so a remote unauthenticated attacker can invoke `ImporterController` actions (`@config`, `@dbtest`, `@run`, `@complete`) and trigger the
A path returned by a `sanitizePath`-style helper (lexical-only cleaning that does not resolve symlinks) flows into a symlink-following stdlib filesystem call (os.WriteFile / os.MkdirAll / os.Symlink / os.Link / os.OpenFile / etc.). A pre-existing or attacker-planted symlink under the base directory can redirect the resulting kernel pathname resolution outsid
Path forwarded to a local filesystem adapter (getLocalPath / upload / download) without first passing through a PathNormalizer such as WhitespacePathNormalizer::normalizePath(). The local adapter ultimately delegates to PathPrefixer::prefixPath(), which is plain string concatenation, so '../' sequences in the supplied path will be resolved by the OS and allo
An HTTP request query parameter is assigned directly to options.plugins without validating that it is not a remote URL. Arelle's plugin manager loads `http(s)://` (and `+`/`-`/`~` prefixed) entries as remote Python modules to download and execute, which becomes an unauthenticated remote code execution vector when exposed over HTTP (CVE-2026-42796, CWE-306).
Apache Polaris IcebergCatalog location-change validation gate compares USER_SPECIFIED_WRITE_DATA_LOCATION_KEY but omits USER_SPECIFIED_WRITE_METADATA_LOCATION_KEY. A TableMetadata update that only changes write.metadata.path will pass through this gate without running validateLocationsForTableLike, validateNoLocationOverlap, or validateMetadataFileInTableDir
A Django REST Framework Create-style view (uses `CreateModelMixin`, `CreateAPIView`, or `ListCreateAPIView`) declares `permission_classes = [permissions.AllowAny]` while also defining a `serializer_class`, exposing a mutating/data-binding endpoint to anonymous callers. This is the unsafe pattern from CVE-2026-42864 (firefighter-incident `CreateJiraBotView`):
`os.environ.get()` is reading a security-sensitive variable (JWT/secret/key/token/password) but supplies a hardcoded string literal as a fallback default. If the environment variable is unset, the application will sign/verify/encrypt with the public, attacker-known fallback (CVE-2026-42869, GHSA-4gxj-hw3c-3x2x). Secrets must have no in-code default — fail cl
Heartbeat owner-downgrade logic computes shouldInspectPendingEvents (or ForceSenderIsOwnerFalse) without considering wake-triggered runs or untrusted pending events. CVE-2026-43566: webhook 'hook:wake' system events were excluded from the inspection set, allowing untrusted webhook payloads to be drained while senderIsOwner remained true. The patched code mus
Constructing file paths in a loop by joining a base directory with an unvalidated object property can lead to path traversal if the iterable collection originates from an untrusted source (e.g., an uploaded package or unverified manifest). Attackers can supply paths containing `../` sequences to read out-of-bounds files.
Validation bypass vulnerability. By checking the truthiness of a dictionary value retrieved via `.get()` before running it through a validation function, falsy values (like empty strings) can bypass the validation logic completely. If the dictionary containing these unvalidated falsy values is later processed, it could lead to security issues. Use explicit p
A sandbox or property-access evaluator restricts access to 'prototype' on functions but fails to restrict 'caller', 'callee', or 'arguments'. This omission allows sandboxed code to access restricted runtime call stack frames or host function properties like 'Function.caller', leading to sandbox escapes.
The 'authType' schema field lists 'profiles' as a valid authentication type but omits the constraint that 'authType' must be 'profiles' whenever a profile ID is referenced in the 'profile' field. When this schema object is serialized verbatim into an AI/LLM prompt, the model will generate configurations with an incorrect authType (e.g., 'password'), silently
JSON.parse() output is merged directly into an options object via Object.assign() without filtering security-sensitive keys. An attacker who controls the JSON input (e.g. via a URL query parameter, deep link, CLI argument, or crafted shortcut) can inject arbitrary keys that downstream code may use in privileged operations—such as spawning a process with an a
`form.instance.FIELD` always holds the pre-submission value of the bound instance because Django ModelForm.is_valid() never mutates the instance. When `form = SomeForm(data=request.POST, instance=obj)`, then `form.instance` IS `obj`, so `obj.FIELD != form.instance.FIELD` is a tautological comparison that is permanently False. Any email-verification, change-d
Property descriptor value is identified as the Function constructor by comparing `.name === 'Function'`. This check misses AsyncFunction, GeneratorFunction, and AsyncGeneratorFunction — all of which have different .name strings — allowing those constructors to cross a sandbox/proxy boundary unchecked. Replace with identity comparison against all cached dange
A host-realm Reflect write-mutation method (Reflect.set / Reflect.defineProperty / Reflect.deleteProperty / Reflect.preventExtensions) is assigned directly to a sandbox-accessible namespace without an intrinsic prototype guard. Sandbox code can traverse bridge-proxied prototype chains to obtain a reference to a live host intrinsic prototype (Object.prototype
`$ARR[$ARR.length] = $VAL` appends to an array via an ordinary index assignment, which walks `Array.prototype` before creating an own slot. In sandbox or cross-realm bridge code, an array literal `[]` allocated inside a closure shared with the untrusted realm inherits that realm's `Array.prototype`. An attacker can pre-install a numeric-index setter (e.g. `O
Appending to an array with `$ARR[$ARR.length] = $VAL` invokes [[Set]], which traverses the prototype chain. If Array.prototype[N] has an attacker-installed setter (e.g., from sandbox/cross-realm code), that setter receives the appended value — potentially including sensitive internal state — before the caller regains control. Use Reflect.defineProperty or Ob
`readt()` reads `$RQST->namelen` bytes (attacker-controlled length from the CNID wire-format request header) into the fixed-size `$RQST->name` buffer without first validating `$RQST->namelen <= MAXPATHLEN`. This is the heap-based buffer overflow pattern fixed in CVE-2026-44050. Add a guard `if ($RQST->namelen > MAXPATHLEN) { ...; return 0; }` before this rea
Subtracting an offset from a network-provided length without prior bounds checking can cause an integer underflow. If the length provided by an attacker is smaller than the offset, the result can wrap around to a large positive integer, resulting in out-of-bounds reads or writes.
The ASN.1 parser restricts Object Identifier (OID) lengths to an unsafe size (e.g. 4096 bytes). This is insufficient to prevent CPU exhaustion on malformed data. The limit should be strictly tightened to 128 bytes.
A signed/unsigned comparison vulnerability exists when validating the LZSS sliding window size. `(mask + 1)` is implicitly evaluated as a signed integer, which causes security checks against `dictionary_size` to fail if `mask + 1` becomes negative or has representation mismatches. Cast the signed operand to `unsigned int` to fix the issue.
Calling a blocking sleep function within a network `accept` or `handshake` error-handling block can block the entire multiplexer or event loop thread. An attacker can supply malformed requests that trigger this error path, causing a Denial of Service (DoS) for all connected clients. Remove the blocking sleep and manage retries or backoff asynchronously via e
A URL is passed to fetch() after only a scheme-prefix check (startsWith("http://") or startsWith("https://")). RFC-1918 addresses, loopback (127.0.0.1), link-local (169.254.x.x), and cloud metadata endpoints all satisfy a scheme-only guard, enabling Server-Side Request Forgery. Resolve the URL hostname to an IP address and validate it against a blocklist of
'$RESP.$FIELD' is accessed before '$RESP' is nil-checked. When the upstream call returns nil (for example on a 404 or transport error), this dereference causes a nil pointer dereference panic (CWE-476). Move the field access '$X = $RESP.$FIELD' to after the nil/error guard block so that it only executes when '$RESP' is confirmed non-nil.
$LOGGER.$FATAL(...) inside a goroutine calls os.Exit(1) after logging, which immediately terminates the entire process — even when the goroutine contains a defer/recover handler. This turns any transient error (e.g., an unreachable callback URI) into a process-level crash that cannot be caught by the caller. Replace with a non-fatal method such as Errorf or
An error handler extracts the uninitialized `Cause` field from a `ProblemDetails` struct while `Detail` was explicitly provided instead. This outputs an unset structure field, potentially disrupting downstream error handling. Access the initialized `Detail` field, or explicitly initialize `Cause`.
An initialization function with no configuration parameter assigns a randomly generated UUID (uuid.New().String()) directly to an NF instance ID field. A non-persistent, non-configurable NF instance ID breaks NRF registration continuity: because OAuth2Required defaults to false and is only set true after successful NRF registration, an ever-changing instance
Gin router group $GROUP applies routes via applyRoutes without a prior $GROUP.Use(...) authorization middleware registration. Every request to these endpoints is reachable without authentication or authorization. Register an auth middleware (e.g., OAuth bearer-token check) on $GROUP before calling applyRoutes.
A @staticmethod performs a destructive file operation (os.remove, os.unlink, shutil.move, or shutil.copy2). Static methods have no instance context, making it structurally impossible to call any workspace or permission guard before the operation. An attacker who controls the file path can operate outside any intended sandbox. Convert this to an instance meth
A URL validation check is performed before an HTTP request, but the original URL string is passed to the network client. If the validation performs an IP address check via DNS resolution, this pattern is susceptible to Time-of-Check to Time-of-Use (TOCTOU) DNS Rebinding attacks. To fix this, resolve the IP securely and pass the IP directly to the HTTP client
The parser passes an incorrect expected item count of 5 to SkipTheRest, instead of 3. This causes trailing extension fields to be ignored and bypasses underlying structural validation in MessagePackReader.
The HTTP context server is initialized using only static headers without dynamic OAuth token provisioning. This can bypass secure remote server authentication. Migrate to an implementation that provisions dynamic tokens (e.g., via a token provider).
Instantiating a remote ContextServer purely with static configuration headers omits programmatic OAuth authentication, which may allow interception or bypass.
A sighash FFI callback closure returns `None` on hash-type validation failure without overwriting the output buffer with random bytes. When the C/C++ FFI bridge does not treat `None` as a failure signal, the sighash buffer retains a stale digest from a prior computation. An attacker can prime the buffer with a valid digest (via a first script opcode), then t
Struct field "$FIELD" holds a JWT/HMAC signing secret that is loaded from the environment without a minimum-length validation constraint. A decoded secret shorter than 32 bytes makes HS256 tokens brute-forceable offline (RFC 7518 §3.2 mandates ≥256-bit keys for HS256). Add `validate:"gte=32"` (or higher) to the struct tag so the application rejects an unders
Use of XLSX.utils.sheet_to_html() on a worksheet originating from an uploaded/untrusted XLSX file produces HTML that embeds each cell's rich-text 'h' property verbatim. Because the SheetJS-generated markup is complex (colgroup, inline styles, embedded rich text), wrapping the result in DOMPurify.sanitize() is NOT a sufficient mitigation: mXSS bypasses are po
Method-style `$OBJ.hasOwnProperty($KEY)` is unsafe: if `$OBJ` inherits from `Object.prototype` or its `hasOwnProperty` property has been shadowed (prototype pollution or attacker-controlled keys like `__proto__`, `constructor`), the check returns the wrong value and lets prototype properties be treated as real own keys. This is the root cause of CVE-2026-446
An inline delimiter regex uses a bare `.+?` quantifier for the span body between `\$` delimiters. Because `.+?` matches any character—including `$` (the closing delimiter) and `\` (the escape prefix)—an input like `\$` closes the span prematurely: the `\` is captured as content and the following `$` is treated as the closing delimiter. Everything after this
Method '$METHOD' accepts ByteBuffer but declares 'throws IOException'. ByteBuffer operations never throw IOException; this incorrect checked-exception declaration forces callers to wrap deserialization of untrusted network data in catch(IOException) blocks, causing protocol parse errors to be misclassified as I/O failures and potentially swallowed silently.
An MCP tool handler passes a user-controlled string parameter to Python's eval()/exec(). Because eval/exec is invoked without an AST allowlist and with __builtins__ reachable, an attacker (directly or via prompt injection of the LLM client) can submit a payload such as `__import__('os').system(...)` to achieve remote code execution (CWE-94, CWE-1427). Replac
Using `requests.Session().send()` without disabling redirects (`allow_redirects=False`) can lead to Server-Side Request Forgery (SSRF). Attackers can bypass URL validation by pointing to a server that responds with a redirect to an internal or restricted URL. Disable redirects during the `send()` call and optionally handle them manually after validation.
Replacing only single quotes with underscores before passing user-controlled data to a command executor via a string substitution (like "%J") is insufficient. This leaves the application vulnerable to command injection via other shell metacharacters (e.g. semicolons, backticks). Use comprehensive shell escaping methods or avoid passing user data to shells en
Path traversal vulnerability (ZipSlip) in tar archive extraction. The code constructs file paths directly from `header.Name` without first validating if the resulting path is safely within the target directory. This can allow attackers to write files anywhere on the system (e.g., via `../../`).
Path traversal vulnerability (TarSlip/ZipSlip) when extracting archives. Extracting files from an archive (tar or zip) without validating the target path can lead to writing files outside the intended base directory. The standard library 'filepath.Join' evaluates '../' directory traversal sequences natively and does not guard against escaping the target dire
GitHub Actions job with 'id-token: write' (OIDC trusted publishing) uses a commit-message check as its only 'if' guard without restricting which event types may trigger publishing. Any push to the branch trigger satisfies this condition, allowing automated merges, Dependabot updates, or direct pushes to publish a package without a formal release event. Restr
Regex pattern for a delimited inline span uses '(?P<name>.+?)' as the group body without excluding the delimiter character or handling backslash escape sequences. The dot matches any character including the delimiter, so an escaped delimiter (e.g., '\$') in user-supplied content can prematurely close the span and release remaining input to the inline parser
This regex pattern for an inline delimited span uses `.+?` which does not atomically consume backslash-escape sequences. An attacker can craft input like `$\$<payload>` to split the escape sequence `\$` across the match boundary: the `\` is absorbed as math content while the `$` closes the span prematurely. Content that should be inside the sanitized span is
JWSObject.parse() is called and the payload is consumed without first calling .verify(verifier). Parsing a JWSObject only deserializes the token structure — the cryptographic signature is NOT checked until .verify() is explicitly called and its boolean result asserted. An attacker with a MITM position can substitute a crafted JWT (e.g., a forged OIDC discove
String parsing using `replace` assigning extracted keys to an object without checking for duplicate keys. This may allow parameter smuggling or injection if the parser receives duplicate keys (e.g., in HTTP headers). Validate that the key does not already exist before assignment.
Missing bounds check for rectangle width before parsing Tight Gradient filter
Direct string interpolation of user-controlled array keys or values from a request array without allowlist validation can lead to injection vulnerabilities like SQL Injection.
The code uses a generic payload injection method (`MakeRequestQuery`) without checking if the payload targets a JSON endpoint. This generates invalid JSON and fails scanning. Use `MakeJSONRequestQuery` for JSON endpoints.
Dynamically constructing a file path and opening it with `File::create` can lead to path traversal and symlink vulnerabilities if the input is unvalidated. `File::create` implicitly follows symbolic links. Validate path components to ensure they do not contain directory traversal characters (e.g., `../`), and prefer using `OpenOptions` with `custom_flags(lib
incrementalCacheHandler is hardcoded to None in Edge routes. This bypasses user-provided cache logic and related security validations.
FileResponse is returned from a `{...:path}`-parameterized route without a `headers=` argument forcing `Content-Disposition: attachment` and `X-Content-Type-Options: nosniff`. Starlette derives Content-Type from the on-disk file extension, so if any user-influenced file (e.g. a cached upload) has an HTML or SVG extension on disk, the browser will render it i
The HTML returned by excelToTable() is assigned to a variable without DOMPurify.sanitize(). When that variable is rendered via Svelte's {@html ...} directive, attacker-controlled spreadsheet markup (e.g., <img onerror=...>) executes JavaScript in the victim's origin (DOM XSS). Wrap result.html with DOMPurify.sanitize(...) before assignment, as in the CVE-202
Executing a DROP TABLE or SHOW CREATE TABLE query with a dynamic, unquoted template variable directly following the SQL keyword. This lacks specifying a database context or properly quoting the identifier, which can cause the operation to execute against an unintended default database (e.g., in a multi-tenant environment) or lead to unintentional injections.
A session is created unconditionally after a password verification, bypassing Multi-Factor Authentication if it is configured.
Svelte's {@html ...} directive renders raw HTML/SVG verbatim and bypasses Svelte's automatic escaping. In an SVG pan/zoom component the `svg` value typically originates from chat / message content that an authenticated user (or an AI prompted by such a user) can influence. Because SVG legally embeds <foreignObject>, inline event handlers, and <script>, passi
A file path retrieved from `fs.fallback` is yielded without executing an authorization or path boundary check (e.g., `isAllowed`). This omission bypassed the directory sandbox, leading to a path traversal vulnerability.
FastAPI route handler `$FN` declares `$PARAM` as a plain primitive-typed function parameter. Because the parameter is a `bool`/`Optional[bool]` and is not wrapped in `Body(...)`, `Header(...)`, `Cookie(...)`, or `Depends(...)`, FastAPI binds it to the HTTP query string. An external caller can therefore append `?$PARAM=true` to the request URL and flip an int
Iterating over the entire certificate chain (via `getPeerCertificates()`) to verify a hostname or Subject Alternative Name (SAN) is insecure. Only the leaf certificate (index 0) represents the actual peer server identity. Validating every certificate in the chain allows a Man-in-the-Middle (MITM) attacker to append a forged intermediate certificate containin
A fallback file path is generated and yielded without directory bounds checking. This logic may allow path traversal if the yielded file path is accessed by the application. Ensure the directory boundary is checked before yielding the filepath.
Template path fallback resolution yields a resolved path without enforcing root directory constraints. This bypasses directory containment checks and leads to Path Traversal/LFI.
Time-of-Check-Time-of-Use (TOCTOU) race condition detected during first user registration. Checking the active user count before insertion can allow multiple concurrent requests to evaluate as the "first user" and be granted administrative rights. Insert the newly registered user with a default standard role first, then evaluate the user count strictly post-
Filtering out all empty arrays from workflow connections incorrectly shifts subsequent connection indices. In multi-output nodes, this corrupts the mapping between array indices and output ports, potentially bypassing logical conditions or redirecting data. To maintain index stability, only strip trailing empty arrays (e.g., using a while loop with .pop()).
Extracting components from untrusted URL paths without validation and appending them to local paths allows path traversal. This can result in arbitrary directories being created or file contents being overwritten via Arbitrary File Write.
Starting a DHT lookup by selecting exactly the `d` (`disjointPaths`) closest peers from the routing table makes the network vulnerable to an eclipse attack (CVE-2026-45783). An attacker controlling the `d` closest nodes will compromise all disjoint lookup paths. Instead, fetch up to a larger threshold (e.g., `kBucketSize`) of closest peers and randomly parti
A protobuf parser skipped a length-delimited group by passing an unvalidated varint length to a `skip` function. An attacker can craft a payload with a negative length, causing the skip operation to throw an unhandled exception and leading to a Denial of Service (DoS). Validate that the length is non-negative before skipping bytes.
The application feeds the raw output of a Jinja template render back into a Jinja template loader or compilation step. This causes double-rendering (recursive template compilation), where untrusted user input encoded in the first template render is evaluated as executable code in the second, leading to Server-Side Template Injection (SSTI) and Remote Code Ex
Constructing an `/etc/init.d/` command with unsanitized parameters can lead to command injection or path traversal execution. Validate the parameter against an expected package name or strict allowlist before building the command.
The SQLFluff Databricks dialect is missing definitions for named parameter logic, causing excessive backtracking and Denials of Service (uncontrolled resource consumption) when parsing valid parameterized inputs.
A lexer or parser loop iterates based solely on a negated peek/match function without checking for the end of the input (EOF). If the peek function handles out-of-bounds by returning false, the negation will evaluate to true at EOF, resulting in an infinite loop (Denial of Service). Ensure buffer boundaries are explicitly checked in the loop condition (e.g.,
Directly reading client IP from `RemoteAddr` in Caddy middleware skips trusted proxy resolution. If the server is behind a reverse proxy, this evaluates the proxy's IP rather than the true client, bypassing IP-based access controls. Use `caddyhttp.GetVar(r.Context(), caddyhttp.ClientIPVarKey)` to retrieve the true client IP securely.
Recursive evaluation of templates detected. The output of a `.render()` call is being fed back into a Jinja template loader or parser. If the initial template interpolates untrusted data, this allows an attacker to inject template syntax that will be executed on the second pass, causing a Server-Side Template Injection (SSTI) vulnerability. Render templates
Checking property existence with the `in` operator can lead to prototype pollution when dealing with user-controlled keys. The `in` operator traverses the prototype chain and evaluates to true for internal properties like `__proto__` and `constructor`. If the property is then extracted and modified, it can pollute the global object prototype. Replace `in` wi
The query manager incorrectly initiates queries by selecting only 'd' disjoint paths closest peers instead of selecting 'k' (kBucketSize) closest peers and dividing them evenly into 'd' buckets. This violates the robustness of the S/Kademlia spec, requiring an attacker to generate far fewer malicious nodes to orchestrate an eclipse attack on the DHT. To fix
record_metric assembles a StatsD wire-protocol datagram by concatenating $metric and $suffix into "<prefix><metric>:<value><suffix>\n" without validating them against the StatsD protocol delimiters newline (\n), colon (:), and pipe (|). Untrusted metric names containing these characters can inject additional StatsD metrics into the same UDP packet, poisoning
Relying on the unvalidated `COMSPEC` environment variable to determine the command interpreter allows local attackers to execute arbitrary commands. Attackers can point `COMSPEC` to a malicious binary path before the application runs. Replace `process.env.COMSPEC` with a hardcoded absolute path such as `'C:\\Windows\\System32\\cmd.exe'`.
User-supplied environment variable keys are persisted (e.g. to a .env file) after being normalized only with strings.TrimSpace, without being validated against a strict POSIX env-name pattern such as `^[A-Za-z_][A-Za-z0-9_]*$`. A key containing a newline or `=` allows arbitrary additional `KEY=VALUE` lines to be injected into the destination file, which comb
Proxy apply traps in sandbox environment bridges may allow sandbox escapes if indirection primitives (e.g. `Function.prototype.call`) are not inspected. This allows malicious code to directly invoke prototype mutators on raw objects, bypassing `set` and `setPrototypeOf` protections.
Overriding `Symbol.for` with exact string matches (e.g., `=== 'nodejs.util.inspect.custom'`) against Node.js internal cross-realm symbols is an incomplete mitigation. Unhandled `nodejs.` symbols (such as streams or promisify hooks) can bypass the sandbox. Instead, block or isolate the entire `nodejs.` namespace using a prefix match.
Use of the Parse Server ClientSDK module (or an equivalent regex with two adjacent unbounded "+"-quantified character classes and no anchors, e.g. /([-a-zA-Z]+)([0-9\.]+)/) is susceptible to polynomial / catastrophic backtracking (ReDoS, CWE-1333). When the regex is applied to attacker-controlled input such as the X-Parse-Client-Version header or a _ClientVe
Filtering Node.js builtin modules by ignoring 'internal/' does not sufficiently block all internal modules. Undocumented underscored modules like `_http_client` and `_http_server` bypass this filter and expose low-level network primitives. To securely restrict builtins, ensure underscored modules are also excluded (e.g., `!s.startsWith('_')`).
Exact string matching against a denylist or allowlist of Node.js modules can be bypassed by using the `node:` URL scheme prefix or by requesting module subpaths (e.g., `module/subpath`). Ensure that module names are normalized by stripping the `node:` prefix and splitting on `/` to extract the core module name before checking the list.
A sandbox mechanism attempts to restrict properties on the WebAssembly object but fails to properly remove WebAssembly.promising and WebAssembly.Suspending. These JSPI functions return Promise objects that retain a direct (unproxied) prototype link to the host realm's Promise.prototype. Malicious sandbox code can abuse this unproxied chain to evaluate host g
Unsanitized variables interpolated into a command string and passed to a shell execution function (like os.system or subprocess methods with shell=True) bypass validation and lead to OS command injection. Structure the command as a list of independent arguments and pass it to subprocess.run(..., shell=False).
File operations exposed in tool classes as static methods cannot typically securely enforce instance-level workspace sandboxing, potentially allowing agents or LLMs to escape containment. Initialize the tools with explicit boundary contexts (like a workspace or tenant ID) and use bound instance methods for authorization checks.
AI agent tools (classes with Tool, Skill, or Agent in the name) are exposing file operations via static methods. This typically indicates a lack of per-agent workspace or sandbox containment, making the application vulnerable to path traversal and arbitrary file manipulation by the LLM. Implement these as instance methods and enforce instance-bound workspace
Agent tool classes exposing file operations as static methods bypass instance-level workspace isolation and permission checking. This architectural limitation prevents enforcing session-specific boundaries (like read-only sandboxes) and can lead to arbitrary file read/write vulnerabilities via LLM manipulation. Migrate these methods to instance methods that
An AI agent tool performing local file operations was defined as a `@staticmethod`. Because static methods have no access to instance state, they cannot enforce instance-specific directory sandboxing (such as a unique workspace container). This increases the risk of path traversal or sandbox bypass via prompt injection. Change the tool to an instance method
File manipulation within a static class method may bypass stateful sandbox authorization boundaries, such as workspace permission checks. Ensure file-modifying agent tools are instance methods that explicitly authorize the operation against a configured sandbox.
Path validation is invoked statically on the class instead of an instance, bypassing instance-level context such as workspace sandboxing constraints. This pattern can lead to path traversal or sandbox evasions when used in agent or user-driven systems. Convert file operations and path validations to instance methods to ensure they correctly incorporate and e
File operations within this class rely on a static path validation method rather than an instance-bound workspace isolation check. This can lead to directory traversal or arbitrary file manipulation. Migrate the method to an instance method taking `self` and ensure paths are resolved safely using an isolated workspace context.
An AI Agent tool or skill performs file operations within a `@staticmethod` or `@classmethod`. In multi-tenant or workspace-based platforms, stateless methods lack access to instance-level execution contexts (e.g., `self.workspace`). This architectural pattern prevents effective path sandboxing and authorization checks per tenant, potentially allowing path t
Performing file operations inside a static method prevents the use of instance-level context such as per-session workspace roots or permission configurations. In AI agent or multi-tenant environments, relying on a global environment context rather than restricted sandbox directories can enable path traversal attacks and sandbox escapes.
A file operation is performed within a static method in a Tool or Action class. In AI agent architectures, static methods lack instance context (such as session tokens or workspace boundaries). This pattern typically enables path traversal, arbitrary file creation, or data exfiltration because constraints are applied globally or bypassed entirely. Refactor t
A tool method performs file operations using an unconfined static context. In applications with user workspaces or sandboxing, static file operations bypass instance-bound checks (e.g., workspace permissions and boundaries). Refactor the method to an instance method and enforce workspace access limits.
A Livewire form containing a password input uses the `wire:submit` directive without the `.prevent` modifier. In older versions of Livewire, this omission causes the browser to perform a native HTML GET submission by default. This causes sensitive credentials (like user passwords) to leak directly into the URL query string, where they can be cached in browse
Extracting and restoring prefixed internal attributes without subsequent sanitization of the constructed element can lead to stored XSS.
Direct construction of an AstNode with an unvalidated attribute bypasses schema validation, leading to stored XSS when the node is serialized. Construct a DOM element safely and use Sanitize.parseAndSanitize(..., element.outerHTML) instead.
Potential timing side channel due to early break or use of non-constant-time comparison functions (memcmp, strcmp, etc.) during authentication. Use constant-time comparison functions and ensure evaluation does not exit early based on matching results.
Unvalidated properties extracted from function arguments flow into the `Function` constructor. When building dynamic code from user-controlled options (such as template variable names or imports), ensure the input is validated using a regex to forbid structural JavaScript characters (e.g., parentheses, braces, equals) to prevent arbitrary code execution.
Format string or concatenation used to construct an OS shell command opens the application to command injection. Provide parameters as a list array instead and disable shell=True.
laravel-mediable's MediaUploader is configured to prefer the client-supplied MIME type (preferClientMimeType() / 'prefer_client_mime_type' => true / legacy 'mime_type_source' => 'client'). selectMimeType() will then return the value of the attacker-controlled HTTP Content-Type header (Symfony UploadedFile::getClientMimeType()) for MIME and aggregate-type val
Deserializing the output of a dynamically retrieved method using `json.loads` can cause massive memory expansion (Out-Of-Memory crashes) if the method generates large strings, such as `to_json()` on mapped data structures like Pandas DataFrames. Instead of round-tripping through JSON strings locally, rely on APIs that return serializable objects directly.
Ingested vulnerability reports are grouped by scanner alone, leading to accidental dropping or improper resolution of findings that share a scanner but have different scan types (e.g., SBOM vs Dependency Scanning).
User-supplied relative URIs are built into LocatedUri objects without prior path traversal validation via `uri_safe_local()`. This leads to arbitrary file enumeration and reading.
Grouping vulnerabilities only by scanner without report_type can lead to erroneous vulnerability resolution when different report types share the same scanner.
Assigning an empty string to an element of `sys.path` (e.g., `sys.path[0] = ""`) instructs Python to include the current working directory (CWD) in its module resolution path. This can lead to local Search Path Hijacking (CWE-426) if the script is executed from an attacker-controlled directory, allowing malicious modules to be imported in place of legitimate
String interpolation was used to construct a shell command without sanitization. This allows attackers to inject malicious shell patterns or metacharacters through user-supplied variables, leading to OS Command Injection. Use argument passing via arrays or dedicated sanitization functions before interpolating variables.
Missing prefix validation of extracted zip file paths via QFileInfo. When extracting zip archives, directory traversal (Zip Slip) can occur if the path is not verified to remain within the intended base directory. Ensure the extracted path is constrained with a prefix check mechanism, such as `QFileInfo(fileInZip).absoluteFilePath().startsWith(canonicalDir)`
cloudspec.NewCloudSpec / NewCloudSpecV1 / NewCloudSpecV2 is being called with the legacy 6-argument signature (resources, getCloudSpec, watchCloudSpec, watchCloudSpecModelCredentialReference, watchCloudSpecCredentialContent, getAuthFunc). That signature does not propagate a names.ControllerTag or a facade.Authorizer into CloudSpecAPI, so the resulting CloudS
The result of TLSX_Find() is assigned to a variable, but the extensions pointer is then reassigned unconditionally — without checking whether TLSX_Find returned NULL. When the lookup fails, downstream mutators such as TLSX_Remove / TLSX_UseSNI will be invoked on the wrong list (e.g. the shared WOLFSSL_CTX extensions), enabling SNI/extension list pollution an
Eagerly instantiating devices within a pre-boot configuration builder causes host resources (like memory mappings and file descriptors) to be allocated prematurely. An attacker can exploit this via the configuration API by making repeated or oversized device requests, leading to Resource Exhaustion and Denial of Service prior to VM start. Instead of allocati
Plain JavaScript object literal (`{}`) used as a value in Pyodide's `jsglobals` option retains `Object.prototype` in its prototype chain. Sandboxed Python code can reach the exposed object via `import js`, traverse `.constructor.constructor` to obtain the host `Function` constructor, call `Function("return globalThis")()` to access the Node.js `globalThis`,
Aggregating vulnerability issues by a single property ('scanner') instead of a composite key can cause independent vulnerability lists (for example, different scan types) to inappropriately override or resolve each other.
The filename from a multipart upload (e.g. `formData.get("file").name`) flows into a filesystem write path without being normalized by `path.basename(...)` or guarded by a `startsWith(<allowed-dir>)` boundary check. An attacker who controls the upload can supply a filename containing "../" sequences; once concatenated with `path.join(process.cwd(), ...)` the
The authorization function unconditionally returns True when the requesting user's identity matches the target user's identity. If the application uses email for Single Sign-On (SSO) Identity Provider (IdP) auto-linking, unconditionally allowing users to change their own email address without separate verification can lead to account takeover. Ensure that ch
Inherited middlewares are re-registered in a child scope registration hook by spreading them through a path-prefixing `use()` wrapper (`$INSTANCE.use(...$MW)`). If `use()` concatenates the current scope prefix to string path arguments, this causes double-prefixing of middleware paths — for example, an auth middleware registered at `/admin` becomes registered
A buffer bounds check uses `$this->bufferSize() < $SIZE` without first guarding against negative values of `$SIZE`. If `$SIZE` is derived from untrusted wire data (e.g., a protobuf varint cast to (int)), integer overflow can produce a negative value that always passes the non-negative `bufferSize()` comparison. Subsequent use of a negative size with `substr(
`slice::from_raw_parts_mut` is called inside `Iterator::next()` with a struct field length (`self.$STALE_LEN`) that may no longer reflect the number of currently initialized elements. Once any element has been moved out of the backing buffer during iteration, the field value becomes stale — the resulting slice falsely asserts that every slot holds a valid, i
The system prompt lacks explicit instructions preventing URL generation and is vulnerable to prompt injection.
JWT payload is parsed by manually splitting the token on '.' and base64url-decoding the payload segment, then trusting the resulting claims without verifying the cryptographic signature. An attacker can forge a token whose payload contains arbitrary claims (e.g. `sub`, `aud`, `iss`, `exp`, custom role/admin claims) and the syntactic claim checks will pass be
Incomplete shell metacharacter denylist used to sanitize an r2/shell command string. The filter either (a) looks for the literal "$ (" (with a stray space) instead of "$(", so command-substitution payloads slip past, or (b) only neutralizes the first byte when it equals '!', allowing bypass via ';', '&', or newline followed by '!cmd' (e.g. "?V;!id"). Filtere
'unsafe.Slice' constructs a typed slice from a byte buffer ($DATA) populated by 'io.ReadAll' using an element count ($COUNT) that is never validated against the actual buffer length. When $COUNT is derived from externally-supplied file-format metadata (e.g., a GGUF tensor shape field), an attacker can craft input so the declared count far exceeds the real da
A validation check requires both objects to be non-null (`$A != null && $B != null`) before executing the error-handling block. If `$B` is null, the condition becomes false, bypassing the error block and failing open. This allows bypassing security checks such as session or token validation if the attacker omits the cookie or token. To fix this, handle the m
Both meaningful return values from GetUserFromContext (user record and org config) are discarded via blank identifiers. Without capturing the calling principal, no object-level authorization check is possible before using caller-supplied request parameters to access protected resources, enabling IDOR (CWE-639). Capture the user record, extract the principal,
A manual UTF-8 byte decoder determines byte lengths from the leading byte and directly accesses subsequent continuation bytes without checking if they exist within the string bounds. This can lead to out-of-bounds memory reads (and potential crashes or information disclosure) if the decoder receives a truncated multi-byte sequence, like a multi-byte starting
A string field or variable is concatenated into a URL/URI hostname without format validation. An attacker who can influence this value can inject extra domain labels, '@'-sign user-info, or URL-special characters, enabling SSRF or open-redirect attacks (e.g., hijacking an OAuth authorization flow). Validate the input against a strict allowlist regex (e.g., `
The return of wp_authenticate_application_password() is being validated only with a negative is_wp_error() assertion. wp_authenticate_application_password() returns NULL (not a WP_Error) when the application_password_is_api_request filter evaluates to false, which is the default outside the REST API bootstrap. A null return passes the is_wp_error() gate, so
Blacklist-based path sanitization using str_replace to remove traversal sequences ('..', './') is insufficient. A path routed through a symbolic link resolves outside the intended base directory without containing any blocked substring, bypassing this filter entirely. Replace with realpath() and verify that the resolved absolute path starts with the expected
HTML template literal interpolates a value between "..." (HTML-entity quote) markers without HTML-escaping the interpolated value itself. Encoding only the surrounding quote glyphs is insufficient: a value containing HTML metacharacters (e.g., `</pre><img src=x onerror=alert(1)><pre>`) will still break out of the surrounding HTML context once the r
Generating bytes with Perl's built-in rand() (e.g. `chr rand 256`) is insecure for any cryptographic purpose. Perl's rand() is a non-CSPRNG with a small, predictable internal state; bytes derived from it can be reproduced or brute-forced by an attacker. Use an OS CSPRNG such as Crypt::SysRandom::random_bytes(), Crypt::URandom, or Crypt::PRNG instead.
2-argument form of Perl open() detected. Perl parses leading mode characters (>, >>, <, +<) and pipe metacharacters (|) out of the filename, so an attacker-controlled path can be turned into a write, append, or command-pipe open. This is the CVE-2026-8704 (Crypt::DSA) pattern. Use the explicit 3-argument form instead, e.g. `open(my $fh, '<', $path) or die ..
Passing the raw `encoder` callback directly to `utils.maybeMap` over an array means `null`/`undefined` entries reach `utils.encode`, which dereferences `str.length` and throws `TypeError: Cannot read properties of null (reading 'length')`. Under `arrayFormat: 'comma'` + `encodeValuesOnly: true`, this aborts stringification before `skipNulls` or `strictNullHa
Trade order controller method accepts an orderId from the HTTP request, loads the TradeOrder by that attacker-supplied numeric id, and acts on it (initiate payment, debit balance, cancel, refund) without binding @SessionAttribute SysUser to verify that the authenticated caller actually owns the referenced order. Only the siteId is validated, so any authentic
Call to snmp_asn1_dec_raw passes the same expression as both the read-length (2nd argument) and the destination buffer maximum length (5th argument). snmp_asn1_dec_raw's internal bounds check is `if (len > buf_max_len) return ERR_MEM;` so identical arguments make the guard a no-op, allowing an attacker-controlled ASN.1 OCTET STRING length (e.g. msgAuthentica
Returning NextResponse.next() solely based on the presence of an HTTP header without validating its value can lead to authentication or authorization bypass. In middleware, this may allow malicious clients to bypass checks and spoof downstream identities. Verify the header value against a known secret or perform token validation before proceeding, and strip
Missing bounds check when requesting allocation or transfer of a resizable ArrayBuffer. An attacker can supply a new length that exceeds the buffer's maximum byte length, leading to a buffer that incorrectly reports a logical size greater than its physical backing. This results in out-of-bounds read and write primitives.
LDAP controls are parsed from a BER sequence without enforcing a maximum limit per operation. An attacker can supply numerous controls within a single message, causing excessive memory and CPU consumption. Apply an explicit limit check before allocating control boundaries.
