ROOT-OS-UBUNTU-2204-CVE-2025-40068 CVE-2025-40068 in rootio-linux - Patched by Root

Root has patched CVE-2025-40068 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-40068 CVE-2025-40068 in rootio-linux - Patched by Root

Root has patched CVE-2025-40068 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

CVE-2026-40068

creationtimestamp| type| source ---|---|--- 2026-05-06 02:06:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml5mitenaf2e...

CVE-2026-40068 Claude Code arbitrary code execution via git worktree commondir trust dialog bypass

In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Co...

CVE-2026-40068

In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Co...

CVE-2026-40068 Claude Code arbitrary code execution via git worktree commondir trust dialog bypass

In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Co...

@netlify/agent-runner-cli (>=1.83.1 <=1.94.0-netlifydb.4), feishu-claude-bot (=0.1.0) +1 more potentially affected by CVE-2026-40068 via @anthropic-ai/claude-code (>=2.1.63 <=2.1.81)

@anthropic-ai/claude-code NPM version =2.1.63, =1.83.1, =1.2.2, =1.2.3 Source cves: CVE-2026-40068 Source advisory: OSV:GHSA-Q5HJ-MXQH-VV77...

@netlify/agent-runner-cli (>=1.83.1 <=1.94.0-netlifydb.4), feishu-claude-bot (=0.1.0) +1 more potentially affected by CVE-2026-40068 via @anthropic-ai/claude-code (>=2.1.63 <=2.1.81)

@anthropic-ai/claude-code NPM version =2.1.63, =1.83.1, =1.2.2, =1.2.3 Source cves: CVE-2026-40068 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-16301567...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-095 (ALASKERNEL-5.15-2025-095)

The version of kernel installed on the remote host is prior to 5.15.195-136.216. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-095 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Ad...

CVE-2025-40068 affecting package kernel for versions less than 6.6.112.1-2

CVE-2025-40068 affecting package kernel for versions less than 6.6.112.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2025-40068

creationtimestamp| type| source ---|---|--- 2025-10-28 15:02:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4b7biwqq52d 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen|...

CVE-2024-40068

creationtimestamp| type| source ---|---|--- 2025-04-16 20:14:30+00:00| seen| https://t.me/cvedetector/23139...

CVE-2024-40068

Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at idgenerator/admin/?page=templates/managetemplate&id=1...

CVE-2023-40068

creationtimestamp| type| source ---|---|--- 2023-08-21 12:40:53+00:00| seen| https://t.me/cibsecurity/68875 2023-08-22 15:14:26+00:00| published-proof-of-concept| https://t.me/hunter4good/248...

CVE-2023-40068

Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product with the administrative...

CVE-2023-40068

CVE-2023-40068 is a cross-site scripting vulnerability in Advanced Custom Fields (ACF) and ACF Pro versions 6.1.0–6.1.7. An attacker with administrative privileges (authenticated) can trigger the browser to execute arbitrary scripts on the logged-in user’s session, enabling potential cookie/crede...

WordPress Advanced Custom Fields Plugin 6.1-6.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Custom Fields Type Plugin Vulnerable versions 6.1-6.1.7 Fixed in 6.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40068 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ad8c9dc6f2b9 Credits Satoo Nakano...

CVE-2022-40068

The CVE-2022-40068 entry concerns Tenda AC21, specifically version 16.03.08.15, where a buffer overflow exists in the /bin/httpd binary via the formSetQosBand function. The root cause is unbounded input handling in formSetQosBand, enabling a potentially crafted payload to trigger a buffer overflo...

TP-Link M7350 triggerPort OS Command Injection Vulnerability (CNVD-2019-40068)

The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. A serviceName OS command injection vulnerability exists in TP-Link M7350 1.0.16 and earlier versions. An attacker can exploit this vulnerability to execute illegal OS commands...

HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow

Exploit for windows platform in category remote exploits $Id: hpnnmsnmpvieweractapp.rb 12098 2011-03-23 15:47:20Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informati...