CodeAnt Vulnerability Database

A comprehensive resource for monitoring high-profile vulnerabilities in application code and third party libraries for security teams and developers

CWE-79

HIGH RISK

HIGH

(7.6)

Stored Cross-Site Scripting (CWE-79) in DNN Persona Bar Module Friendly Names

Stored Cross-Site Scripting leading to admin session compromise and UI takeover

January 27, 2026

CWE-79

HIGH RISK

HIGH

(7.6)

Stored Cross-Site Scripting (CWE-79) in DNN PersonaBar Log Notes

Stored Cross-Site Scripting leading to privilege abuse in the admin UI

January 27, 2026

CWE-79

HIGH RISK

HIGH

(7.6)

Stored Cross-Site Scripting (CWE-79) in DNN Module Description / Persona Bar

Stored Cross-Site Scripting leading to account compromise and unauthorized actions

January 27, 2026

CWE-94;CWE-693;CWE-913

CRITICAL RISK

CRITICAL

(10.0)

Sandbox Escape via Unrestricted Async Function Construction (CWE-94) in SandboxJS

Remote Code Execution via Sandbox Bypass

January 27, 2026

CWE-284

HIGH RISK

HIGH

(8.8)

Broken Access Control (CWE-284) in OpenEMR Profile Edit Endpoint

Horizontal privilege escalation and potential account takeover

January 27, 2026

CWE-918

HIGH RISK

HIGH

(7.1)

Server-Side Request Forgery (CWE-918) in vLLM MediaConnector Host Validation

Unauthorized access to internal network resources via SSRF

January 27, 2026

CWE-79

HIGH RISK

HIGH

(8.8)

Stored Cross-Site Scripting (CWE-79) in Ghost Portal Member Flows

Account Takeover and Privilege Abuse via Stored XSS

January 27, 2026

CWE-22

CRITICAL RISK

CRITICAL

(9.8)

Zip Slip Path Traversal (CWE-22) in RAGFlow MinerU ZIP Extraction

Arbitrary File Overwrite leading to Remote Code Execution

January 27, 2026

CWE-502

HIGH RISK

HIGH

(7.8)

Unsafe Deserialization of Coverage Data (CWE-502) in PHPUnit PHPT Test Execution

Remote Code Execution in Local/CI Environments

January 27, 2026

CWE-94;CWE-502

HIGH RISK

HIGH

(8.8)

Unsafe Model Checkpoint Deserialization (CWE-502) in PyTorch weights_only Unpickler

Arbitrary Code Execution via Memory Corruption

January 27, 2026

Made with Love in San Francisco

355 Bryant St. San Francisco, CA 94107, USA

Ask AI for summary of CodeAnt

Made with Love in San Francisco

355 Bryant St. San Francisco, CA 94107, USA

Ask AI for summary of CodeAnt

Made with Love in San Francisco

355 Bryant St. San Francisco, CA 94107, USA

Ask AI for summary of CodeAnt

CodeAnt Vulnerability Database

SUBSCRIBE

SUBSCRIBE

SUBSCRIBE

HIGH RISK

HIGH

(7.6)

Stored Cross-Site Scripting (CWE-79) in DNN Persona Bar Module Friendly Names

HIGH RISK

HIGH

(7.6)

Stored Cross-Site Scripting (CWE-79) in DNN PersonaBar Log Notes

HIGH RISK

HIGH

(7.6)

Stored Cross-Site Scripting (CWE-79) in DNN Module Description / Persona Bar

CRITICAL RISK

CRITICAL

(10.0)

Sandbox Escape via Unrestricted Async Function Construction (CWE-94) in SandboxJS

HIGH RISK

HIGH

(8.8)

Broken Access Control (CWE-284) in OpenEMR Profile Edit Endpoint

HIGH RISK

HIGH

(7.1)

Server-Side Request Forgery (CWE-918) in vLLM MediaConnector Host Validation

HIGH RISK

HIGH

(8.8)

Stored Cross-Site Scripting (CWE-79) in Ghost Portal Member Flows

CRITICAL RISK

CRITICAL

(9.8)

Zip Slip Path Traversal (CWE-22) in RAGFlow MinerU ZIP Extraction

HIGH RISK

HIGH

(7.8)

Unsafe Deserialization of Coverage Data (CWE-502) in PHPUnit PHPT Test Execution

HIGH RISK

HIGH

(8.8)

Unsafe Model Checkpoint Deserialization (CWE-502) in PyTorch weights_only Unpickler

Load More

Load More

Product

Pricing

Company

Legal

Developers

Compare

Product

Pricing

Company

Legal

Developers

Compare

Product

Pricing

Company

Legal

Developers

Compare