Lucene search
K

203 matches found

CVE
CVE
added 2 days ago15 views

CVE-2026-49297

Apache Airflow Google provider contains a path traversal flaw in GCSToSFTPOperator and GCSTimeSpanFileTransformOperator: GCS object names from bucket listings are joined to a destination path without normalisation or containment checks. A user with write access to a source GCS bucket could create...

8.1CVSS6.1AI score0.00602EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/06/22 4:16 p.m.3 views

DEBIAN-CVE-2026-12479

A path traversal vulnerability exists in keras-team/keras version 3.14.0, specifically in the DiskIOStore.make method within the Keras 3 model saving and loading library. This vulnerability arises from the improper handling of user-provided layer names, which are used to construct directory paths...

6.1CVSS5.9AI score0.00263EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 3:2 p.m.5 views

MAL-2026-6209 Malicious code in @antoncarlos1/nodelamp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d930df8b6392b3bbfe3b591d90226374d31fb246e06018521f3f673a815b618a @antoncarlos1/[email protected] ships a single obfuscated index.js that runs a dropper on require. The top-level IIFE constructs a hardcoded IPv4 URL by...

5.9AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:1 a.m.6 views

CVE-2026-11958

Local privilege escalation by loading DLLs from a shared temporary directory in ANSSI’s DFIR-ORC, versions 10.2.7 and prior. An attacker with prior access to the system, can place a malicious DLL in C:\Windows\Temp and wait for the application to be executed. Because DFIR-ORC is extracted and...

7.3CVSS5.3AI score0.00102EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 10:18 p.m.6 views

Malicious code in package-uploader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69b86134d9cd019c2d8ad172eed54cd4a48839d69ed2c6af52b79ef5080da765 [email protected] ships an install-hook.js that runs automatically as the npm postinstall script package.json declares "postinstall": "node...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 5:4 a.m.36 views

CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration

Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the application starts...

5.3CVSS0.00094EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : python-requests (EulerOS-SA-2026-2226)

According to the versions of the python-requests packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility function uses a predictable filename...

5.5CVSS5.4AI score0.00182EPSS
Exploits0References2
OSV
OSV
added 2026/06/01 12:0 a.m.11 views

MAL-2026-5136 Malicious code in @redhat-cloud-services/frontend-components-notifications (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

5.9AI score
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/26 7:40 p.m.9 views

CVE-2026-44837

viewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file path with File.realpath, then checks whether the resolved path starts with the temp directory path...

7.5CVSS5.8AI score0.00412EPSS
Exploits1
Cvelist
Cvelist
added 2026/05/26 7:40 p.m.38 views

CVE-2026-44837 view_component: System Test Entry Point Path Check Allows Sibling Directory Escape

viewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file path with File.realpath, then checks whether the resolved path starts with the temp directory path...

5.9CVSS0.00412EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 7:40 p.m.13 views

CVE-2026-44837

viewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file path with File.realpath, then checks whether the resolved path starts with the temp directory path...

5.9CVSS5.8AI score0.00412EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/26 6:39 a.m.16 views

EUVD-2026-31797

The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before...

8.5CVSS5.8AI score0.00105EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

CODESYS Development System 安全漏洞

CODESYS Development System is a set of programming tools developed by the German company CODESYS, used in the fields of industrial controllers and automation technology. There is a security vulnerability in the CODESYS Development System. This vulnerability stems from the incorrect default...

8.5CVSS5.8AI score0.00105EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/24 3:12 p.m.20 views

Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring

Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 3.4.18 Vulnerability Details CVEID:CVE-2026-40972 DESCRIPTION: An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In...

9.8CVSS6.6AI score0.00312EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/24 3:8 p.m.21 views

Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring

Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 3.2.26 Vulnerability Details CVEID:CVE-2026-40972 DESCRIPTION: An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In...

9.8CVSS6.6AI score0.00344EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/05/16 3:26 p.m.11 views

EUVD-2021-34835

TextPattern CMS 4.9.0-dev contains a remote code execution vulnerability that allows authenticated attackers to upload arbitrary PHP files by exploiting the plugin upload functionality. Attackers can authenticate, retrieve a CSRF token from the plugin event page, and upload malicious PHP files to...

8.8CVSS6.5AI score0.00315EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.23 views

Golang 1.25.x < 1.25.10 / 1.26.x < 1.26.3 Multiple Vulnerabilities

The version of Golang running on the remote host is 1.25.x prior to 1.25.10, or 1.26.x prior to 1.26.3. It is, therefore, affected by multiple vulnerabilities, including: - The net package's LookupCNAME function could trigger a double-free crash when using the cgo DNS resolver with very long CNAM...

7.5CVSS6AI score0.00813EPSS
Exploits0References11
EUVD
EUVD
added 2026/05/14 12:32 p.m.10 views

EUVD-2026-30274

The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wpdbtempdir parameter, which controls where database backups are written. This makes it possible for...

7.5CVSS5.7AI score0.00488EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/08 10:54 a.m.8 views

CVE-2026-40973

A flaw was found in Spring Boot. A local attacker on the same host as the application may be able to take control of the ApplicationTemp directory due to predictable temporary directory handling. When the server.servlet.session.persistent setting is enabled and the attack persists across...

7CVSS6.1AI score0.00136EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39303

Name of the Vulnerable Software and Affected Versions view component versions 3.0.0 through 4.8.9 Description The system test entrypoint canonicalizes a user-controlled file path using File.realpath and verifies if the resolved path starts with the temporary directory path. This containment check...

5.9CVSS5.8AI score0.00412EPSS
Exploits1References5
Rows per page
Query Builder