Overview
- elzahlan
- Categories Images
Description
Statistics
- 1 Post
Fediverse
🛡️ CVE-2026-2505: MEDIUM severity stored XSS in Categories Images plugin (≤3.3.1) lets Contributor+ users inject scripts via the 'class' attribute. Restrict access & watch for a patch. https://radar.offseq.com/threat/cve-2026-2505-cwe-79-improper-neutralization-of-in-ce86bd04 #OffSeq #WordPress #XSS #Vuln
Overview
Description
Statistics
- 1 Post
Fediverse
Does anyone know how to report errors to https://db.gcve.eu/? Just their info@ mail? I looked up CVE-2026-6042 and CVE-2026-40200 there because I was annoyed that the NVD database (which #Buildroot uses for automated vulnerability checks) still didn't have them correctly labeled with the CPE (so automated tools can't identify the package is vulnerable).
Result: CVE-2026-40200 is correctly labeled (good!), while CVE-2026-6042 is not (different vendor/product). Mistakes happen, an organization that's trying to run as serious vulnerability DB really needs to provide an obvious "report errors here" mail address (or other means, but really… mail). :neocat_glare: #CVE #GCVE
Overview
Description
Statistics
- 1 Post
Fediverse
Does anyone know how to report errors to https://db.gcve.eu/? Just their info@ mail? I looked up CVE-2026-6042 and CVE-2026-40200 there because I was annoyed that the NVD database (which #Buildroot uses for automated vulnerability checks) still didn't have them correctly labeled with the CPE (so automated tools can't identify the package is vulnerable).
Result: CVE-2026-40200 is correctly labeled (good!), while CVE-2026-6042 is not (different vendor/product). Mistakes happen, an organization that's trying to run as serious vulnerability DB really needs to provide an obvious "report errors here" mail address (or other means, but really… mail). :neocat_glare: #CVE #GCVE