https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/https://research.jfrog.com/vulnerabilities/undefined-variable-usage-in-proxy-leads-to-remote-denial-of-service-xray-520917/https://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/https://research.jfrog.com/vulnerabilities/yamale-schema-code-injection-xray-182135/https://research.jfrog.com/vulnerabilities/snappy-java-integer-overflow-in-compress-leads-to-dos-xray-522075/https://research.jfrog.com/vulnerabilities/snappy-java-integer-overflow-in-shuffle-leads-to-dos-xray-522076/https://research.jfrog.com/vulnerabilities/wget-shorthand-urls-ssrf-jfsa-2024-001063927/https://research.jfrog.com/vulnerabilities/ua-cpp-ua-extensionobject-type-confusion-xray-75752/https://research.jfrog.com/vulnerabilities/ua-cpp-ua-int32-null-deref-xray-75753/https://research.jfrog.com/vulnerabilities/ua-cpp-uaunistring-1-byte-oob-xray-75754/https://research.jfrog.com/vulnerabilities/ua-cpp-unlimited-file-handles-dos-xray-75758/https://research.jfrog.com/vulnerabilities/vanna-prompt-injection-rce-jfsa-2024-001034449/https://research.jfrog.com/vulnerabilities/xss-in-nanohttpd-xray-141192/https://research.jfrog.com/vulnerabilities/ua-cpp-replaceargs-oob-write-xray-75751/https://research.jfrog.com/vulnerabilities/ua-cpp-uavariant-null-deref-xray-75756/https://research.jfrog.com/vulnerabilities/ua-cpp-uavariant-oob-read-xray-75757/https://research.jfrog.com/vulnerabilities/ua-net-standard-stack-dos-xray-229139/https://research.jfrog.com/vulnerabilities/ua-net-standard-stack-dos-xray-229142/https://research.jfrog.com/vulnerabilities/smolagents-local-python-sandbox-escape-jfsa-2025-001434277/https://research.jfrog.com/vulnerabilities/snappy-java-unchecked-chunk-length-dos-xray-522074/https://research.jfrog.com/vulnerabilities/txtai-arbitrary-file-write-jfsa-2025-001471363/https://research.jfrog.com/vulnerabilities/ua-cpp-uaunistring-infoleak-xray-75755/https://research.jfrog.com/vulnerabilities/uri-template-lite-redos-xray-211351/https://research.jfrog.com/vulnerabilities/vite-arbitrary-html-file-leak/https://research.jfrog.com/vulnerabilities/vite-arbitrary-private-file-leak/https://research.jfrog.com/vulnerabilities/nichestack-dns-client-does-not-set-sufficiently-random-source-ports-xray-194058/https://research.jfrog.com/vulnerabilities/react-native-cli-command-injection-jfsa-2025-001495618/https://research.jfrog.com/vulnerabilities/realtek-multiple-wi-fi-modules-rce-xray-194071/https://research.jfrog.com/vulnerabilities/sqlparse-stack-exhaustion-dos-jfsa-2024-001031292/https://research.jfrog.com/vulnerabilities/tensorflow-python-code-injection-xray-189178/https://research.jfrog.com/vulnerabilities/vector-admin-filter-bypass/https://research.jfrog.com/vulnerabilities/webfingerjs-blind-ssrf/https://research.jfrog.com/vulnerabilities/mage-ai-file-content-request-remote-arbitrary-file-leak-jfsa-2024-001039603/https://research.jfrog.com/vulnerabilities/mage-ai-git-content-request-remote-arbitrary-file-leak-jfsa-2024-001039604/https://research.jfrog.com/vulnerabilities/mage-ai-pipeline-interaction-request-remote-arbitrary-file-leak-jfsa-2024-001039605/https://research.jfrog.com/vulnerabilities/nichestack-tcp-isns-are-generated-in-a-predictable-manner-xray-194054/https://research.jfrog.com/vulnerabilities/python-utcp-untrusted-manual-command-execution-jfsa-2025-001648329/https://research.jfrog.com/vulnerabilities/qcmap-web-interface-null-pointer-dereference-xray-194064/https://research.jfrog.com/vulnerabilities/realtek-8710-wpa2-stack-overflow-xray-194060/https://research.jfrog.com/vulnerabilities/realtek-8710-wpa2-stack-overflow-xray-194061/https://research.jfrog.com/vulnerabilities/snowflake-connector-python-redos-xray-257185/https://research.jfrog.com/vulnerabilities/mcp-run-python-lack-of-isolation-mcp-takeover-jfsa-2026-001653030/https://research.jfrog.com/vulnerabilities/pjlib-pjsua-recorder-create-oob-r-xray-198027/https://research.jfrog.com/vulnerabilities/qnx-slinger-path-traversal-rce-xray-194072/https://research.jfrog.com/vulnerabilities/realtek-rtl8195-a-dos-xray-194066/https://research.jfrog.com/vulnerabilities/realtek-rtl8195-a-rce-xray-194067/https://research.jfrog.com/vulnerabilities/realtek-rtl8195-a-rce-xray-194068/https://research.jfrog.com/vulnerabilities/realtek-rtl8195-a-rce-xray-194069/https://research.jfrog.com/vulnerabilities/realtek-rtl8195-a-rce-xray-194070/https://research.jfrog.com/vulnerabilities/rust-cargo-symlink-arbitrary-file-overwrite/https://research.jfrog.com/vulnerabilities/semver-regex-redos-xray-211349/https://research.jfrog.com/vulnerabilities/tensorflow-serving-stacko-dos/https://research.jfrog.com/vulnerabilities/okio-gzip-source-unhandled-exception-dos-xray-589879/https://research.jfrog.com/vulnerabilities/peertube-activitypub-playlist-creation-blind-ssrf-dos/https://research.jfrog.com/vulnerabilities/pjlib-pjsua-call-dump-dos-xray-198028/https://research.jfrog.com/vulnerabilities/pjlib-pjsua-player-create-rce-xray-198024/https://research.jfrog.com/vulnerabilities/pjlib-pjsua-playlist-create-rce-xray-198026/https://research.jfrog.com/vulnerabilities/pjlib-pjsua-recorder-create-rce-xray-198025/https://research.jfrog.com/vulnerabilities/plexus-archiver-arbitrary-file-overwrite-xray-526292/https://research.jfrog.com/vulnerabilities/qcmap-cli-command-injection-xray-194065/https://research.jfrog.com/vulnerabilities/qcmap-web-interface-rce-xray-194063/https://research.jfrog.com/vulnerabilities/rust-cargo-zip-bomb-dos/https://research.jfrog.com/post/team-pcp-strikes-again-telnyx-popular-library-hit/https://research.jfrog.com/vulnerabilities/libmodbus-modbus-fc-write-multiple-coils-oob-r-xray-150047/https://research.jfrog.com/vulnerabilities/libmodbus-modbus-fc-write-multiple-registers-oob-r-xray-150046/https://research.jfrog.com/vulnerabilities/n8n-python-runner-sandbox-escape-jfsa-2026-001651077/https://research.jfrog.com/vulnerabilities/nichestack-dns-client-txid-weak-random-xray-194057/https://research.jfrog.com/vulnerabilities/oatpp-mcp-prompt-hijacking-jfsa-2025-001494691/https://research.jfrog.com/vulnerabilities/pengutronix-rauc-signature-bypass-xray-194062/https://research.jfrog.com/post/three-stages-deep-a-malicious-npm-package/https://research.jfrog.com/vulnerabilities/mage-ai-deleted-users-rce-jfsa-2024-001039602/https://research.jfrog.com/vulnerabilities/mage-ai-terminal-server-infoleak-jfsa-2024-001039574/https://research.jfrog.com/vulnerabilities/mcp-remote-command-injection-rce-jfsa-2025-001290844/https://research.jfrog.com/vulnerabilities/mcp-run-python-deno-ssrf-jfsa-2026-001653029/https://research.jfrog.com/vulnerabilities/miniupnpd-copyipv6-ifdifferent-null-pointer-dereference-xray-162485/https://research.jfrog.com/vulnerabilities/nichestack-dns-client-oob-r-xray-194047/https://research.jfrog.com/vulnerabilities/nichestack-dns-client-oob-r-xray-194048/https://research.jfrog.com/vulnerabilities/nichestack-icmp-payload-oob-r-xray-194052/https://research.jfrog.com/vulnerabilities/nichestack-icmp-payload-oob-r-xray-194053/https://research.jfrog.com/vulnerabilities/nichestack-tftp-filename-oob-r-xray-194059/https://research.jfrog.com/vulnerabilities/nodejs-fs-permissions-bypass-cve-2025-55130/https://research.jfrog.com/vulnerabilities/peertube-arbitrary-playlist-creation-activitypub/https://research.jfrog.com/vulnerabilities/peertube-arbitrary-playlist-creation-rest/https://research.jfrog.com/vulnerabilities/qemu-rce-xray-520621/https://research.jfrog.com/post/shai-hulud-the-second-coming-remediation-guidance/https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/https://research.jfrog.com/vulnerabilities/libxmljs-namespaces-type-confusion-rce-jfsa-2024-001034096/https://research.jfrog.com/vulnerabilities/libxmljs2-attrs-type-confusion-rce-jfsa-2024-001034097/https://research.jfrog.com/vulnerabilities/libxmljs2-namespaces-type-confusion-rce-jfsa-2024-001034098/https://research.jfrog.com/vulnerabilities/litmus-jwt-missing-entropy-elevation-jfsa-2025-001648159/https://research.jfrog.com/vulnerabilities/lollms-webui-exposed-endpoints-dos-jfsa-2024-001028815/https://research.jfrog.com/vulnerabilities/lollms-webui-exposed-endpoints-dos-jfsa-2024-001028816/https://research.jfrog.com/vulnerabilities/miniupnpd-addportmapping-null-pointer-dereference-xray-148211/https://research.jfrog.com/vulnerabilities/miniupnpd-getoutboundpinholetimeout-null-pointer-dereference-xray-148212/https://research.jfrog.com/vulnerabilities/miniupnpd-getoutboundpinholetimeout-null-pointer-dereference-xray-148213/https://research.jfrog.com/vulnerabilities/miniupnpd-upnp-event-prepare-infoleak-xray-148214/https://research.jfrog.com/vulnerabilities/mlflow-spark-udf-localpriv-jfsa-2024-000639017/https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/https://research.jfrog.com/vulnerabilities/netty-bzip2-decoder-dos-xray-186801/https://research.jfrog.com/vulnerabilities/netty-snappy-decoder-dos-xray-186810/https://research.jfrog.com/vulnerabilities/nichestack-http-server-dos-xray-194049/https://research.jfrog.com/vulnerabilities/nichestack-ip-length-dos-xray-194051/https://research.jfrog.com/vulnerabilities/nichestack-tcp-urg-dos-xray-194050/https://research.jfrog.com/vulnerabilities/nichestack-unknown-http-panic-xray-194055/https://research.jfrog.com/vulnerabilities/peertube-activitypub-crawl-dos/https://research.jfrog.com/vulnerabilities/peertube-archive-persistent-dos/https://research.jfrog.com/vulnerabilities/peertube-archive-resource-exhaustion/https://research.jfrog.com/vulnerabilities/peertube-hls-path-traversal/https://research.jfrog.com/vulnerabilities/picklescan-cve-2025-10155/https://research.jfrog.com/vulnerabilities/picklescan-cve-2025-10156/https://research.jfrog.com/vulnerabilities/picklescan-cve-2025-10157/https://research.jfrog.com/vulnerabilities/pymatgen-redos-xray-257184/https://research.jfrog.com/model-threats/zipslip/https://research.jfrog.com/vulnerabilities/integer-overflow-in-haproxy-leads-to-http-smuggling-xray-184496/https://research.jfrog.com/vulnerabilities/lollms-webui-sqli-dos-jfsa-2024-001028814/https://research.jfrog.com/vulnerabilities/markdown-link-extractor-redos-xray-211350/https://research.jfrog.com/vulnerabilities/mleap-path-traversal-rce-xray-532656/https://research.jfrog.com/vulnerabilities/nodejs-http-smuggling-xray-231662/https://research.jfrog.com/vulnerabilities/okhttp-client-brotli-dos/https://research.jfrog.com/post/shai-hulud-the-second-coming/https://research.jfrog.com/vulnerabilities/libtiff-buffer-overflow-dos-xray-259933/https://research.jfrog.com/vulnerabilities/libxpm-heap-overflow-rce-xray-532777/https://research.jfrog.com/vulnerabilities/libxpm-stack-exhaustion-dos-xray-532775/https://research.jfrog.com/vulnerabilities/lollms-webui-dos-jfsa-2024-001028813/https://research.jfrog.com/vulnerabilities/minissdpd-updatedevice-uaf-xray-161552/https://research.jfrog.com/vulnerabilities/n8n-expression-node-rce/https://research.jfrog.com/vulnerabilities/n8n-git-node-rce/https://research.jfrog.com/post/potential-rce-vulnerabilityin-openssl-cve-2025-15467/https://research.jfrog.com/vulnerabilities/keras-untrusted-model-arbitrary-file-write/https://research.jfrog.com/vulnerabilities/lemmynet-activitypub-federation-blind-ssrf/https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/https://research.jfrog.com/post/nx-supply-chain-attack-targets-ai-tool-users/https://research.jfrog.com/post/part-1-pull-request-target-exploitation/https://research.jfrog.com/post/part-2-pull-request-target-exploitation/https://research.jfrog.com/post/part-3-pull-request-target-exploitation/https://research.jfrog.com/post/solara-cipher-npm/https://research.jfrog.com/vulnerabilities/interniche-dns-client-heap-overflow-xray-194045/https://research.jfrog.com/vulnerabilities/interniche-http-server-heap-overflow-xray-194046/https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/https://research.jfrog.com/vulnerabilities/jetty-xml-parser-xxe-xray-523189/https://research.jfrog.com/vulnerabilities/flowise-js-injection-remote-code-exection-jfsa-2025-001379925/https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578/https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518/https://research.jfrog.com/vulnerabilities/jquery-validation-redos-xray-211348/https://research.jfrog.com/model-threats/tflow-lambda/https://research.jfrog.com/model-threats/tflow-malops/https://research.jfrog.com/vulnerabilities/goahead-timing-attack-auth-bypass-xray-194044/https://research.jfrog.com/vulnerabilities/h2-console-jndi-rce-xray-193805/https://research.jfrog.com/post/lofygang-returns-a-dual-payload-npm-package/https://research.jfrog.com/post/react2shell/https://research.jfrog.com/vulnerabilities/chaos-mesh-debugging-server-denial-of-service-jfsa-2025-001449533/https://research.jfrog.com/vulnerabilities/dspy-sandbox-escape-arbitrary-file-read-jfsa-2025-001495652/https://research.jfrog.com/vulnerabilities/guardrails-rail-xxe-jfsa-2024-001035519/https://research.jfrog.com/post/langflow-latest-version-was-not-fixed/https://research.jfrog.com/post/malicious-ai-models-hit-pypi/https://research.jfrog.com/post/new-crypto-stealer-npm/https://research.jfrog.com/post/omnicogg-malicious-skill/https://research.jfrog.com/vulnerabilities/chaos-mesh-command-injection-clean-tcs-jfsa-2025-001449534/https://research.jfrog.com/vulnerabilities/codex-cli-symlink-arbitrary-file-overwrite-jfsa-2025-001378631/https://research.jfrog.com/vulnerabilities/hawk-redos-xray-209780/https://research.jfrog.com/vulnerabilities/javassist-lce/https://research.jfrog.com/post/npm-backdoored-packages/https://research.jfrog.com/vulnerabilities/chaos-mesh-command-injection-cleaniptables-jfsa-2025-001449536/https://research.jfrog.com/vulnerabilities/chaos-mesh-command-injection-killprocesses-jfsa-2025-001449535/https://research.jfrog.com/vulnerabilities/clickhouse-delta-divide-by-zero-dos-xray-199946/https://research.jfrog.com/vulnerabilities/clickhouse-doubledelta-divide-by-zero-dos-xray-199947/https://research.jfrog.com/vulnerabilities/clickhouse-gorilla-divide-by-zero-dos-xray-199948/https://research.jfrog.com/vulnerabilities/deeplake-kaggle-command-injection-jfsa-2024-001035320/https://research.jfrog.com/vulnerabilities/fedify-infinite-loop-blind-ssrf/https://research.jfrog.com/model-threats/pickle-getattr/https://research.jfrog.com/model-threats/pickle-malcode/https://research.jfrog.com/model-threats/pytorch-getattr/https://research.jfrog.com/model-threats/pytorch-malcode/https://research.jfrog.com/vulnerabilities/busybox-awk-next-input-file-uaf-xray-189476/https://research.jfrog.com/vulnerabilities/envoy-decompressor-dos-xray-227941/https://research.jfrog.com/vulnerabilities/eth-account-redos-xray-248681/https://research.jfrog.com/model-threats/onnx-backdoor/https://research.jfrog.com/post/litellm-compromised-teampcp/https://research.jfrog.com/vulnerabilities/apache-sharding-sphere-agent-deserialization-rce-xray-526292/https://research.jfrog.com/vulnerabilities/busybox-awk-getvar-i-uaf-xray-189475/https://research.jfrog.com/vulnerabilities/busybox-awk-getvar-s-uaf-xray-189479/https://research.jfrog.com/vulnerabilities/busybox-awk-handle-special-uaf-xray-189481/https://research.jfrog.com/vulnerabilities/busybox-awk-hash-init-uaf-xray-189478/https://research.jfrog.com/vulnerabilities/busybox-hush-null-pointer-dereference-xray-189794/https://research.jfrog.com/vulnerabilities/busybox-man-null-pointer-dereference-xray-189471/https://research.jfrog.com/vulnerabilities/civetweb-file-upload-rce-xray-188861/https://research.jfrog.com/vulnerabilities/clickhouse-lz4-oob-r-xray-199962/https://research.jfrog.com/vulnerabilities/clickhouse-lz4-oob-r-xray-199963/https://research.jfrog.com/model-threats/noautoload-suscode/https://research.jfrog.com/post/image-magick-cve-2025-53101/https://research.jfrog.com/vulnerabilities/apache-httpd-mod-sed-dos-xray-228464/https://research.jfrog.com/vulnerabilities/busybox-awk-clrvar-uaf-xray-189477/https://research.jfrog.com/vulnerabilities/busybox-awk-evaluate-uaf-xray-189480/https://research.jfrog.com/vulnerabilities/busybox-awk-evaluate-uaf-xray-189482/https://research.jfrog.com/vulnerabilities/busybox-awk-nvalloc-uaf-xray-189483/https://research.jfrog.com/vulnerabilities/busybox-hush-untrusted-free-xray-189474/https://research.jfrog.com/vulnerabilities/busybox-lzma-oob-r-xray-189472/https://research.jfrog.com/vulnerabilities/clickhouse-lz4-rce-xray-199960/https://research.jfrog.com/vulnerabilities/clickhouse-lz4-rce-xray-199961/https://research.jfrog.com/vulnerabilities/cursor-cli-untrusted-project-rce/https://research.jfrog.com/vulnerabilities/devcert-redos-xray-211352/https://research.jfrog.com/post/eslint-config-prettier-hijack-10-1-6-safe/https://research.jfrog.com/vulnerabilities/busybox-ash-dos-xray-189473/https://research.jfrog.com/vulnerabilities/cassandra-udf-rce-197962/https://research.jfrog.com/vulnerabilities/cleo-redos-xray-257186/https://research.jfrog.com/vulnerabilities/couchdb-session-hijacking-localpriv/https://research.jfrog.com/post/check-your-socks-a-deep-dive-into-soopsocks-pypi/https://research.jfrog.com/vulnerabilities/caret-xss-rce/https://research.jfrog.com/vulnerabilities/conduit-hyper-dos/https://research.jfrog.com/model-threats/keras-custom/https://research.jfrog.com/model-threats/keras-lambda/https://research.jfrog.com/vulnerabilities/anythingllm-path-traversal-dos/https://research.jfrog.com/post/achieving-remote-code-execution-on-n8n-via-sandbox-escape/https://research.jfrog.com/post/amazon-q-vs-code-extension-compromised-with-malicious-code/https://research.jfrog.com/vulnerabilities/archiver-zip-slip/https://research.jfrog.com/vulnerabilities/axum-core-dos/https://research.jfrog.com/post/crypto-packages-npm-deliver-heracles-malware/https://research.jfrog.com/post/ghostclaw-unmasked/https://research.jfrog.com/model-threats/h5-lambda/https://research.jfrog.com/post/duer-js-malicious-package/https://research.jfrog.com/model-threats/gguf-ssti/https://research.jfrog.com/post/big-red-npm-campaign/https://research.jfrog.com/post/canister-worm/https://research.jfrog.com/post/axios-compromise/https://research.jfrog.com/post/3-malicious-mcps-pypi-reverse-shell/https://research.jfrog.com/vulnerabilities/https://research.jfrog.com/post/https://research.jfrog.com/oss/https://research.jfrog.com/malicious-packages/https://research.jfrog.com/model-threats/https://research.jfrog.com/