GHSA-f43r-cc68-gpx4: External Control of File Name or Path in Langflow

GHSA-5993-7p27-66g5: Langflow vulnerable to Server-Side Request Forgery

GHSA-24v3-254g-jv85: Tuta Mail has DOM attribute and CSS injection in its Contact Viewer feature

GHSA-4hx9-48xh-5mxr: Keycloak LDAP User Federation provider enables admin-triggered untrusted Java deserialization

GHSA-5j53-63w8-8625: FastAPI Users Vulnerable to 1-click Account Takeover in Apps Using FastAPI SSO

All functions under `wrflib::byte_extract` are simply wrapper of unsafe pointer offset and lacks sufficient checks to it pointer and offset parameter.

`wrflib` is unmaintained.

**wrflib has a soundness issue and is unmaintained**

Low severity GitHub Reviewed Published Oct 3, 2025 to the GitHub Advisory Database • Updated Oct 3, 2025

Headline

GHSA-466c-pfvv-v83g: wrflib has a soundness issue and is unmaintained

ghsa: Latest News