Vulnerabilities
Vulnerable Software
Security Vulnerabilities
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible
CVSS Score
3.5
EPSS Score
0.004
Published
2026-07-10
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible
CVSS Score
3.5
EPSS Score
0.001
Published
2026-07-10
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data
CVSS Score
7.3
EPSS Score
0.002
Published
2026-07-10
In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible
CVSS Score
8.1
EPSS Score
0.003
Published
2026-07-10
In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible
CVSS Score
9.6
EPSS Score
0.004
Published
2026-07-10
In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration
CVSS Score
8.8
EPSS Score
0.003
Published
2026-07-10
In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks
CVSS Score
8.1
EPSS Score
0.002
Published
2026-07-10
n8n before 2.28.0 (and before 1.123.58 on the 1.x branch) contains a disk space exhaustion vulnerability in the data-table file upload endpoint. The per-request quota check does not account for files already written to the shared temporary directory, allowing an authenticated user to repeatedly upload files that accumulate on disk until the periodic cleanup runs, potentially exhausting available disk space on the host.
CVSS Score
5.3
EPSS Score
0.002
Published
2026-07-10
n8n before 1.123.24, 2.10.4, and 2.12.0 (across its 1.x and 2.x branches) contains cross-site scripting and open redirect vulnerabilities in the Form Node due to unsanitized HTML description fields and overly permissive iframe sandbox policies. Authenticated users with workflow creation permissions can inject malicious scripts or redirect parameters to perform stored XSS attacks or phishing redirects against end users.
CVSS Score
5.1
EPSS Score
0.002
Published
2026-07-10
ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory.
CVSS Score
6.3
EPSS Score
0.002
Published
2026-07-10


Contact Us

Shodan ® - All rights reserved