B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
cvefeed.io
RISK: Mittel (3.1)

CVE-2026-12975 - Apicurio/apicurio-registry: apicurio-registry: unhardened saxparser in content-type detection leads to blind xxe / ssrf / billion-laughs dos

CVE ID :CVE-2026-12975 Published : June 25, 2026, 9:12 p.m. | 1 hour, 58 minutes ago Description :A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution....

#Sicherheitslücke
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

CVE-2025-71340 - picklescan - Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcode

2026-06-25 Mittel

CVE-2025-71338 - Flowise - Arbitrary File Write to Remote Code Execution via document-store API

2026-06-25 Mittel

CVE-2025-71335 - Flowise - Session Invalidation Failure After Password Change

2026-06-25 Mittel

CVE-2025-71336 - Flowise - Unsandboxed Remote Code Execution via Custom MCP

2026-06-25 Mittel

CVE-2025-71334 - Flowise - Arbitrary File Access via Missing Chat Flow ID Validation

2026-06-25 Mittel

CVE-2025-71328 - Flowise - Unverified Password Change via Account Settings

2026-06-25 Mittel