CVE-2026-27606 Rollup 4 has Arbitrary File Write via Path Traversal

Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler specifically v4.x and present in current source is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker t...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the sanitizePath function in the static middleware sanitizer on Windows. An attacker can access arbitrary files on the server file system by crafting specially constructed requests that bypass path validation...

PT-2026-22055

Name of the Vulnerable Software and Affected Versions mcp-server-git versions prior to 2026.1.14 Description The Model Context Protocol Servers software contains an issue where the git add tool does not properly validate file paths provided in the files argument. This allows relative paths...

📄 Calibre 9.2.1 Path Traversal / Arbitrary File Write

Calibre versions 9.2.1 and below are vulnerable to a path traversal flaw in the PDB file parser, affecting both the 132-byte and 202-byte header variants of the PDB reader implementation. The vulnerability allows a specially crafted PDB file to embed directory traversal sequences such as ../ with...

PT-2026-22048

Name of the Vulnerable Software and Affected Versions Zed versions prior to 0.224.4 Description A Zip Slip Path Traversal issue exists in the extension archive extraction functionality. The extract zip function, located in crates/util/src/archive.rs, does not validate ZIP entry filenames for path...

📄 Ollama Model Registry Path Traversal / Remote Code Execution

Ollama versions prior to 0.1.34 are vulnerable to a path traversal attack via the model pull mechanism CVE-2024-37032. When pulling a model, the digest field in OCI manifests is not validated, allowing an attacker to inject path traversal sequences to write arbitrary files on the server. This...

Basic FTP 路径遍历漏洞

Basic FTP is a Node.js FTP client library developed by Patrick Juchli. Versions of Basic FTP prior to 5.2.0 contained a path traversal vulnerability. This vulnerability stemmed from a flaw in the downloadToDir method, allowing malicious FTP servers to send file name directories containing path...

PT-2026-21879

Name of the Vulnerable Software and Affected Versions ASUSTOR ADM versions 4.1.0 through 4.3.3.ROF1 ASUSTOR ADM versions 5.0.0 through 5.1.2.RE51 Description A path traversal issue exists in the FTP Backup feature of ASUSTOR ADM. The software does not adequately sanitize filenames received from a...

Fiber has an Arbitrary File Read in Static Middleware on Windows

Summary Description A Path Traversal CWE-22 vulnerability in Fiber allows a remote attacker to bypass the static middleware sanitizer and read arbitrary files on the server file system on Windows. This affects Fiber v3 through version 3.0.0. This has been patched in Fiber v3 version 3.1.0. Detail...

GHSA-M3C2-496V-CW3V Fiber has an Arbitrary File Read in Static Middleware on Windows

Summary Description A Path Traversal CWE-22 vulnerability in Fiber allows a remote attacker to bypass the static middleware sanitizer and read arbitrary files on the server file system on Windows. This affects Fiber v3 through version 3.0.0. This has been patched in Fiber v3 version 3.1.0. Detail...

Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the matchPatternWithEscapeSequence function when handling patterns containing percent-escape sequences. An attacker can gain unauthorized access to protected routes and sensitive endpoints by...

GHSA-G7PC-PC7G-H8JH Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypass

Summary Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An attacker can bypass path-based routing and any access controls attached to that rou...

Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypass

Summary Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An attacker can bypass path-based routing and any access controls attached to that rou...

GHSA-4894-XQV6-VRFQ MindsDB: Path Traversal in /api/files Leading to Remote Code Execution

Summary There is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. Details The vulnerability exists in the "Upload File" module, which corresponds to the API endpoint /api/files. The affected code is...

MindsDB: Path Traversal in /api/files Leading to Remote Code Execution

Summary There is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. Details The vulnerability exists in the "Upload File" module, which corresponds to the API endpoint /api/files. The affected code is...

CVE-2026-27587

A flaw was found in Caddy, an extensible server platform. The HTTP path request matcher, intended to be case-insensitive, incorrectly processes percent-escape sequences. This vulnerability allows a remote attacker to bypass path-based routing and associated access controls by manipulating the...

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58056, CVE-2025-58057, CVE-2025-67735)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58056, CVE-2025-58057, CVE-2025-67735. The vulnerabilities have been addressed. Vulnerabilit...

Directory Traversal

Overview MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library Affected versions of this package are vulnerable to Directory Traversal in the /api/files endpoint due to insufficient validation of the uploaded file path. An attacker can write arbitrary files to...

DEBIAN-CVE-2026-27587

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An...

CVE-2026-27587

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An...