Security Vulnerabilities
Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript.
CVSS Score
4.8
EPSS Score
0.0
Published
2026-02-09
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-02-09
Crafted zones can lead to increased incoming network traffic.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-02-09
Crafted delegations or IP fragments can poison cached delegations in Recursor.
CVSS Score
8.2
EPSS Score
0.0
Published
2026-02-09
Crafted delegations or IP fragments can poison cached delegations in Recursor.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-09
In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible
CVSS Score
8.2
EPSS Score
0.0
Published
2026-02-09
In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible
CVSS Score
9.1
EPSS Score
0.0
Published
2026-02-09
Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not have access to.
Users are advised to upgrade to 3.1.7 or later, which resolves this issue
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-09
In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-09
Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access.
Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this issue.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-09