CVE-2026-33064

CVE-2026-33064 (Free5GC UDM) affects Free5GC prior to 1.4.2. A crafted POST to /sdm-subscriptions with path traversal and a large JSON payload can trigger a nil pointer dereference in DataChangeNotificationProcedure (notifier.go), causing the UDM service to panic and crash. Impact is disruption o...

CVE-2026-33064 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

CVE-2026-33064 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

CVE-2026-33064 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

Directory Traversal

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Directory Traversal during the password verification of encrypted 7z archives with non-encrypted headers. An attacker can delete arbitrary files outside the...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Script View Templates. An attacker can access sensitive file contents outside of the intended directories by leveraging the Java scripting engine in template rendering. Note: This is only exploitable if the...

Directory Traversal

Overview org.springframework:spring-webflux is a Spring Framework module that contains support for reactive HTTP and WebSocket clients as well as for reactive server web applications including REST, HTML browser, and WebSocket style interactions. Affected versions of this package are vulnerable t...

Directory Traversal

Overview org.springframework:spring-webmvc is a package that provides Model-View-Controller MVC architecture and ready components that can be used to develop flexible and loosely coupled web applications. Affected versions of this package are vulnerable to Directory Traversal via the Script View...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the sanitizeArchivePath function. An attacker can overwrite arbitrary files, such as shell configuration files, SSH keys, kubeconfig, or crontabs, by supplying crafted archive entries that exploit improper path...

SUSE CVE-2026-31972

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. The mpileup command outputs DNA sequences that have been aligned against a known reference. On each output line it writes the reference position, optionally the reference DNA base at that position obtained fr...

CVE-2026-32758

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.2 and below are vulnerable to Path Traversal through the resourcePatchHandler http/resource.go. The destination path in resourcePatchHandler is...

PT-2026-26778

Name of the Vulnerable Software and Affected Versions Ory Oathkeeper affected versions not specified Description Ory Oathkeeper is susceptible to an authorization bypass due to a path traversal issue. An attacker can potentially bypass security checks by crafting URLs with path traversal sequence...

PT-2026-26635

Name of the Vulnerable Software and Affected Versions QHora versions prior to 2.6.3.009 Description An improper neutralization of escape, meta, or control sequences vulnerability exists in QHora. A local attacker with administrator privileges can exploit this issue to cause unexpected behavior...

PT-2026-26714

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the kbd open upload dir AJAX action. This is due to insufficient validation of the kbd path parameter, which is only sanitized with sanitize text field - a function...

QNAP Systems QHora 安全漏洞

QNAP Systems QHora is a router product of QNAP Systems, a company based in Taiwan, China. There is a security vulnerability in QNAP Systems QHora, which stems from improper handling of escape characters, meta-characters, or control sequences. This vulnerability may allow local attackers to obtain...

NLTK 路径遍历漏洞

NLTK is an open-source natural language toolkit developed by NLTK. It is used to support research and development in natural language processing. NLTK versions 3.9.3 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the downloader’s failure to validate the subd...

PT-2026-26689

Summary The Siyuan kernel exposes an unauthenticated file-serving endpoint under /appearance/filepath. Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server process. Authentication checks explicitly exclude this endpoint,...

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

Directory Traversal

Overview feast is a Python SDK for Feast Affected versions of this package are vulnerable to Directory Traversal via the /read-document endpoint. An attacker can access arbitrary files accessible to the server process by sending a crafted HTTP POST request. Details A Directory Traversal attack al...

Fixed in Apache Tomcat 9.0.116

Moderate: The fix forCVE-2025-66614 was incomplete CVE-2026-32990 The validation of SNI name and host name did not take account of possible differences in case allowing the strict SNI checks to be bypassed. This was fixed with commit 95f77782. This issue was reported to the Tomcat security team o...