CVE-2026-1120
published 2026-01-18CVE-2026-1120: A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/del_work.jsp of the component HTTP GET…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.45%
35.7th percentile
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/del_work.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apostrophecms | apostrophe | >= 0 < 4.29.0 | 4.29.0 |
| apple | swift-crypto | >= 4.0.0 < 4.3.1 | 4.3.1 |
| yonyou | ksoa | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.05.5MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
ghsa·2026-04-03
CVE-2026-28815 [HIGH] CWE-787 Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
### Summary
The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI memory-safety boundary issue when a shorter `Data` value is passed in, because the C code may read beyond the Swift buffer.
The issue is reachable through initialization of an `HPKE.Recipient`, which decapsulates the provided `encapsulatedKey` during construction. A malformed `encapsulatedKey` can therefore trigger undefined behavior instead of a safe length-validation error.
### Details
The `decapsulate` function of
GHSA
GHSA-rr7h-2vmq-r7qh: A vulnerability has been found in Yonyou KSOA 9
ghsa_unreviewed·2026-01-18
CVE-2026-1120 [MEDIUM] CWE-74 GHSA-rr7h-2vmq-r7qh: A vulnerability has been found in Yonyou KSOA 9
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/del_work.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-01-18
Published