Tags
Tags
2fa 1
a2a 1
access-control 4
account-takeover 3
act-runner 1
activemq 1
adc 1
address 1
admin-key 1
admission-control 1
advisory 1
agent-boundary 1
agent-tools 5
agent-workspace 1
agentic-ai 24
agenticmail 1
ai 5
ai-governance 1
ai-inference 1
ait-core 1
ajax 1
algorithmic-complexity 1
antlr4 1
anyquery 1
apache 2
apache-doris 1
applescript 1
arbitrary-file-access 1
arbitrary-file-deletion 1
arbitrary-file-write 1
arbitrary-write 7
arcane 1
archive-extraction 1
archivebox 1
argocd 1
argument-injection 4
artifacts 2
asgi 1
attack-surface 1
attestation 1
audit 12
auth 1
auth-bypass 8
auth-cache 2
authentication 17
authentication-bypass 4
authentik 1
authorization 40
authorization-bypass 3
authorization-cache 2
authz 1
authz-bypass 2
automation 1
availability 4
aws 2
aws-cdk 1
aws-mcp-server 1
axios 1
backdoor 1
backup 1
baileys 1
bailiwick 1
bandit 2
base-image 1
bash 1
bentoml 1
binary-integrity 1
bionemo 1
blockchain 3
bosh 1
bridge 2
browser 2
browser-agent 1
browser-mode 2
browser-plugin 1
browserstack 1
browserstack-runner 1
bruno 1
bsc 1
budibase 5
buffer 1
build-chain 1
build-integrity 2
bundling 1
byot 2
c 17
c-c 63
cache 1
cache-poisoning 1
callback 2
callback-spoofing 1
callbacks 1
cap-js 1
cardholder-data 1
cargo 2
cde 1
cdp 1
centraldogma 2
certificate-validation 4
cgi 1
change-management 1
checkout 1
ci 12
cilium 1
cis-controls 1
cisco 1
clash-verge 1
claude 1
clerk 1
cliprdr 1
cloud-foundry 1
cloud-metadata 1
cloudnativepg 1
cluster-takeover 1
code-execution 4
code-generation 1
code-injection 13
code-node 1
codegen 1
codeigniter4 1
codex 2
coding-agent 2
comet-backup 1
command-execution 2
command-injection 26
commands 2
compliance 7
composer 21
compression 2
confidential-computing 1
configuration 1
confused-deputy 1
consensus 1
constraint-bypass 1
container 2
container-escape 3
containers 1
context-boundary 2
contrast 1
control-plane 2
copilot 3
copilot-cli 1
cordova 1
cors 2
cpp 13
credential 1
credential-leak 2
credential-theft 4
critical 751
cross-chain 1
crypto 4
crypto-validation 3
csp 1
csp-sandbox-escape 1
cudy 1
cursor 3
cve 3205
cwe-601 1
dagster 1
data-ai 1
data-exfiltration 1
data-pipeline 1
database 1
database-admin 3
dataflow 1
dbgate 4
dbus 1
deadlock 1
defi 9
defusedxml 1
denial-of-service 6
deno 1
deny-list 1
dependabot 1
dependencies 5
deserialization 19
desktop 1
dev-server 1
dev-tools 1
developer-tools 2
devin 2
dex 1
diffusers 1
direct-message 1
django 2
dlp 5
dns 2
docker 4
docker-compose 1
docling 2
docling-core 1
document-ingestion 2
dolphinscheduler 1
dompurify 1
dos 22
dotnet 4
dtls 1
dulwich 1
dynamic-import 1
edge-device 1
education 4
egress 2
eip712 1
electron 1
elfinder 1
elixir 2
embedded 9
enterprise_blocker 495
enterprise-app 9
enterprise-gateway 3
envoy 2
erc4626 1
esbuild 1
escape-sequence 1
eu-ai-act 1
eval 2
evidence 1
excel-mcp-server 1
exiftool 1
expr-eval 1
expression-evaluation 1
false-positive 1
fast-uri 1
fastapi 1
fastify 1
ffmpeg 2
fido 1
figma 1
filament 1
file-deletion 2
file-permissions 1
file-read 3
file-upload 2
file-write 3
filebrowser 2
firmware 1
fix 2
flowise 4
formula 1
foundry 1
framelink 1
framework-mode 1
freerdp 1
front-running 1
frontend 2
froxlor 1
gateway 1
general 1988
geonode 1
gguf 2
gh 2
ghsa 32
gid 1
gin 1
git 8
gitea 2
github-actions 3
github-cli 2
github-copilot 1
gitlab 2
gitlab-mcp-server 1
gitops 1
gitpython 1
go 161
golang 7
gomod 2
gonic 3
goroutine 1
goshs 2
gotenberg 4
governance 1
grafana 1
grpc 2
grpc-js 2
gsuiteadmin 1
guardrail 2
hapi 1
hardcoded-secret 1
hardhat 1
header-parsing 1
headers 1
heap-overflow 2
heimdall 1
hex 2
high 2366
high_priority_sla 20
host-header 1
hostname-verification 1
html-sanitization 3
http-client 1
http2 1
human-oversight 1
hunt 2
iac 1
identity 1
identity-provider 1
identity-spoofing 1
idor 10
ikev2 1
imagemagick 1
inappbrowser 1
incident 1
incident-response 2
information-disclosure 1
injection 1
input-validation 1
inspector 1
integer-overflow 2
integrations 2
integrity 3
intelligence 1
intercom 1
invariants 3
inventory 1
ios 1
iot 9
ipc 1
ipv6 1
isms 1
iso-27001 1
issue-template 2
jackson 1
jackson-databind 1
janino 1
java 37
java-maven 68
javascript 8
javascript-npm 200
javascript-url 1
jdbc 1
jep-290 1
jinja2 1
jmx 1
jndi 1
jolokia 1
json 1
jupyter 4
jupyterlab 1
jwt 4
jxa 1
kafka 2
kafka-python 2
kata-containers 2
kev 7
key-constraint 1
key-rotation 1
kill-switch 1
klever-go 3
known_exploited 8
knownhosts 1
kubernetes 10
kyverno 1
langchain 1
langflow 1
laravel 4
latepoint 1
lemur 1
libavcodec 1
liberty 1
libp2p 2
libssh2 2
linux 10
litellm 1
livewire 2
llm 2
load-balancer 1
local-privilege-escalation 1
lockfile 2
log4j 1
logging 1
loki 1
long-lived-workers 1
low 1
low-code 1
lpe 1
lz4 1
malware 4
manifest-injection 1
manipulation 1
marimo 1
markdown 1
marked 1
marketplace 2
math-codegen 1
maven 31
mcp 26
mcp-remote 1
media 1
media-parser 1
media-plugin 1
medium 9
memory-corruption 21
memory-disclosure 2
memory-exhaustion 2
memory-safety 3
merge-driver 1
mermaid 1
message-authenticity 1
messagepack 1
meta-ads-mcp 1
metagpt 1
metro 1
mev 1
mfa 1
microsoft-365 1
middleware 2
mina 1
mirror 1
missing-authentication 1
mitigate 10
mitm 1
ml 1
model-loading 1
model-server 1
modular 1
monitor 1
monitoring 1
mtls 1
multi-ecosystem 1
multi-tenant 3
multisig 1
mybb 2
mysql 4
n8n 6
nebula-mesh 1
nemo 1
nestjs 1
netty 4
nextjs 3
nezha 3
nginx 1
nginx-ui 1
nhost 1
nil-pointer 1
nist 1
nist-ai 1
nodejs 16
noninteractive 2
notebook 1
npm 80
ntlm 1
ntp 1
nuget 10
nvidia 2
nvm 1
nx-console 1
oauth 4
oauth2 1
oci 2
ogc 1
oidc 2
olivetin 1
ollama 1
open-redirect 1
open-vsx 1
open-webui 2
openam 2
openapi 1
openclaw 3
openpilot 1
openssh 1
openssl 1
openzeppelin 1
operator 1
oracle 1
oracle-ebs 1
oracle-payments 1
owasp 4
p2p 2
packagekit 1
paperclip 2
parameter-smuggling 1
password-reset 1
patches 1
path-traversal 39
payments 2
pci 1
pci-dss 1
permissions 1
permit 1
phar 1
phi 1
phoenix 2
php 54
php-composer 180
phpspreadsheet 1
pickle 2
pii 5
pip 21
pki 1
plan documentation 1
platform 1
playlist 3
playwright 1
plugin 7
plugin-boundary 1
plugin-generation 1
pnpm 8
poisoning 1
policy 2
policy-bypass 2
policy-engine 1
polkit 6
postgresql 1
pr 3
praisonai 13
praisonai-platform 7
premmerce 1
privacy 1
private-key 1
privilege-escalation 16
progress-kemp 1
project-security 1
prompt-config 1
prompt-injection 1
protect-option 1
protobuf 1
protobufjs 2
protocol-relative-url 1
protocol-validation 1
prototype-pollution 7
provenance 1
proxy 6
pypi 4
python 56
python-pip 201
pyyaml 1
qsnapper 8
quarantine 1
quarkus 1
race-condition 2
radius 1
rag 1
rbac 7
rce 58
rdp 1
react 2
react-native 1
react-router 5
read-only 1
redirect 3
redis 1
redos 1
reentrancy 1
registry 1
release-upload 1
remediate 4
remediation 2934
remix 3
remote-access 1
remote-control 1
remote-desktop 1
replay 2
repository-boundary 1
request-smuggling 2
resolver 1
resource-exhaustion 2
resource-handler 1
rest-api 1
rest-datasource 1
restaurant-management 1
review 1
reviewer-workflow 1
rich-text-editor 4
risk-controls 1
rollup 1
rounding 1
router 1
rsc 3
ruby 2
rules 2
runbook 1
runtime 1
rust 11
rustdesk 2
saas 1
safeguards 1
saltcorn 1
saml 4
sandbox 7
sandbox-escape 1
sandboxjs 1
sanitize-html 1
sap-cap 1
sast 3
sca 5
scanning 1
scheduled 2
schema-loading 1
scp 1
scram 1
sd-wan 1
sde 5
secret-disclosure 1
secret-exposure 1
secret-rotation 2
secrets 10
secure-development 2
security-baseline 1
security-control-bypass 21
security-posture 2
seed-phrase 1
self-managed 1
sellable_to_agencies 1
sellable_to_devsecops 2
sellable_to_enterprise 1
sellable_to_fintech 2935
sellable_to_hosting 1
sellable_to_infrastructure 1
sellable_to_iot 3
sellable_to_it 1
sellable_to_media 1
sellable_to_msp 1
sellable_to_platform 1
sellable_to_saas 2
sellable_to_smb 5
sensitive-data 1
sentry 1
servlet 1
session 1
sftp 1
sglang 1
shell 2
shopper 4
signature 1
single-fetch 1
skill 2
skillctl 1
skills 1
slippage 1
slowloris 1
slsa 1
smart-contract 2
snapper 1
snipe-it 2
soap 1
soc-2 1
socks5 1
source-code 5
source-policy 1
source-stage 1
sourcecodester 4
sp-800-218 1
spel 2
spoofing 1
spring-framework 3
spring-integration 1
spring-security 3
spring-ws 2
sql-injection 26
sqli 1
ssdf 1
sse 1
ssh 10
ssh-agent 2
ssh-mcp 1
sso 2
ssrf 11
ssti 1
starlette 2
stata-mcp 1
state-corruption 1
stored-xss 4
stringable 1
submodules 1
supply-chain 19
svg 1
symfony 1
symlink 7
sysdump 1
tanstack 1
tar 1
task-runners 1
telemetry 1
template 1
template-cache 1
template-injection 2
tenant-boundary 5
tenant-isolation 5
terminal 1
test-runner 3
threat-model 1
timelock 1
tinymce 4
tls 7
tls-session-binding 1
toctou 1
token-leak 2
token-leakage 1
token-theft 2
tomcat 1
tool-boundary 1
tools 1
top-10 4
tornado 1
traefik 1
transaction-signing 1
triage 3
trivy 2
trust-remote-code 1
turbo-stream 1
twig 4
typescript 9
typo3 1
u2f 1
ui 1
uid 1
unauthenticated 1
undici 2
unity-catalog 1
unrestricted-upload 2
unsafe-reflection 1
unsafe-sinks 1
upgrade 1
uplift 10
upload 2
url 1
usebruno 1
validation 2
vault 1
virtiofsd 1
vitest 3
vllm 1
vm2 1
vpn 1
vscode 1
wallet 1
wasi 1
wasmtime 1
webapp 17
webauthn 1
webdav 1
webdriverio 1
webhook 3
websocket 4
weknora 1
whatsapp 1
windows 4
wireguard 1
wish 1
wizard 1
wms 1
wolfssl 6
wordpress 13
workflow 2
workflows 2
workspace 1
workspace-boundary 1
workspace-delete 1
workspace-takeover 1
wp-review-slider-pro 3
ws-security 1
x509 2
xml 4
xpath 1
xss 12
xxe 2
xz 1
yamcs 1
yaml 2
yaml-injection 1
zcash 1
zebra 1
zero_day_gold 737
zero_day_hunting 2854
zip-slip 1
zookeeper 1
zrok 1