This page collects WhisperX intelligence signals tagged #C#. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security vulnerability has been identified in the Pingen API client library, where a static field declaration inadvertently shares authentication tokens across all client instances. In a multi-tenant application, this flaw means a single access token obtained for one organization (e.g., Organisation X) is au...
A critical data enumeration vulnerability has been identified in the `MosaicController.SaveMosaic` method. The flaw, located at line 192 of `Controllers/MosaicController.cs`, returns a bare `Forbid()` response when an `UnauthorizedAccessException` is thrown. This response is issued regardless of whether the caller is a...
VirtualAssistant Core 项目的一个关键键盘服务模块被发现存在潜在的安全漏洞。在 `XDoToolKeyboardService.cs` 文件中,代码直接将 `pasteShortcut` 字符串变量插值到 `bash -c` 命令中,构成了一个典型的 Shell 注入攻击面。虽然当前该变量的值来自硬编码的快捷键(如 `ctrl+v` 或 `shift+insert`),但代码模式本身是危险的。任何未来的代码重构,一旦允许用户控制的数据流入此变量,将立即打开一个可利用的远程代码执行通道。 具体风险点位于 `src/VirtualAssistant.Core/Keyboard/XDoToolKeyboardServ...