Renzo Machado

**Name of the Vulnerable Software and Affected Versions** Teedy version 1.11 **Description** The issue allows events to be executed in HTML tags that an attacker could manipulate, making it possible to execute malicious JavaScript in the webapp. **Recommendations** For Teedy version 1.11, consider disabling the text editor functionality until a patch is available to prevent the execution of malicious JavaScript. Restrict access to the text editor module to minimize the risk of exploitation. Avoid using the text editor to parse or execute HTML tags from untrusted sources.

**Name of the Vulnerable Software and Affected Versions** Lapce version 0.2.8 **Description** A race condition in Lapce allows an attacker to elevate privileges on the system. **Recommendations** For Lapce version 0.2.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.