GCVE - cpe:2.3:a:algernon_project:algernon:1.17.4:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:algernon_project:algernon:1.17.4:*:*:*:*:*:*:*

part: a version: 1.17.4 update: *

Vendor	Algernon Project (`59cd9e46-c0d8-5bc2-8dc1-2245b00b9a3f`)
Product	Algernon (`7cd65b0a-48fa-512c-b221-49b724db9f34`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/xyproto/algernon`	purl2cpe	2026-06-01 10:15:26.159387
`pkg:golang/github.com/xyproto/algernon`	purl2cpe	2026-06-01 10:15:26.159388

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-65754`	vulnerable	2026-06-08 07:39:20.968680	Details available Cross Site Scripting vulnerability in Algernon v1.17.4 allows attackers to execute arbitrary code via injecting a crafted payload into a filename. Published: 2025-12-10T00:00:00.000Z Updated: 2025-12-18T19:07:13.546Z Open on db.gcve.eu Reference links https://gist.github.com/Bnyt7/0faa90ff93c5d98093a0e29a1eb34d81 https://github.com/xyproto/algernon https://github.com/Bnyt7/CVE-2025-65754	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.