Skip to main content
CVE-2021-40531 CRITICAL POC PATCH THREAT Act Now

Sketch before 75 allows library feeds to be used to bypass file quarantine. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apple RCE File Upload Sketch
NVD
CVSS 3.1
9.8
EPSS
32.8%
CVE-2021-3766 CRITICAL POC PATCH Act Now

objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Objection
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-40532 CRITICAL PATCH Act Now

Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Web K Alpha
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy