20756 matches found
CVE-2026-30303
CVE-2026-30303 concerns Axon Code’s command auto-approval module, which is vulnerable to OS Command Injection. The root cause is the use of an incompatible Unix-style command parser (shell-quote) on Windows, coupled with improper handling of Windows CMD escape sequences (^). This mismatch allows ...
PT-2026-28396
Name of the Vulnerable Software and Affected Versions Axon Code affected versions not specified Description The command auto-approval module contains an OS Command Injection issue, bypassing its whitelist security mechanism. This is due to the use of an incompatible command parser the Unix-based...
Important: python-markdown
Issue Overview: Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes...
CVE-2026-30303
The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...
Security update for python-nltk (important)
openSUSE Security Update: Security update for python-nltk Announcement ID: openSUSE-SU-2026:0098-1 Rating: important References: 1260066 1260067 1260068 Cross-References: CVE-2026-33230 CVE-2026-33231 CVE-2026-33236 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes three...
Linux Distros Unpatched Vulnerability : CVE-2026-33532
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the importConfig process. An attacker can execute arbitrary code on the server by importing a crafted configuration file containing malicious paths. Details A Directory Traversal attack also known as path travers...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the importConfig process. An attacker can execute arbitrary code on the server by importing a crafted configuration file containing malicious paths. Details A Directory Traversal attack also known as path travers...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the importConfig process. An attacker can execute arbitrary code on the server by importing a crafted configuration file containing malicious paths. Details A Directory Traversal attack also known as path travers...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the File API. An attacker can access arbitrary files outside the intended directory by submitting crafted path input. Details A Directory Traversal attack also known as path traversal aims to access files and...
Exploit for CVE-2025-52913
CVE-2025-52913 - MiCollab Path Normalization Vulnerability...
DEBIAN-CVE-2026-33532
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
CVE-2026-33532
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
CVE-2026-33528
GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath =...
CVE-2026-33532
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
UBUNTU-CVE-2026-33532
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
CVE-2026-33532 yaml is vulnerable to Stack Overflow via deeply nested YAML collections
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
CVE-2026-33532 yaml is vulnerable to Stack Overflow via deeply nested YAML collections
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
CVE-2026-33532
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
CVE-2026-33532 yaml is vulnerable to Stack Overflow via deeply nested YAML collections
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...