CVE-2026-42574

creationtimestamp| type| source ---|---|--- 2026-05-09 21:01:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlh5df7z5j2z 2026-05-09 21:36:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlh7bzrtb22k 2026-05-10 04:30:29+00:00| seen|...

CVE-2026-42574 apko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build root

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before version 1.2.5, a crafted .apk could install a TypeSymlink tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same o...

CVE-2026-42574 apko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build root

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before version 1.2.5, a crafted .apk could install a TypeSymlink tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same o...

CVE-2026-42574 vulnerabilities

Vulnerabilities for packages: dagdotdev...

MiracleLinux 8 : gcc-toolset-11-annobin-9.85-1.el8.1, gcc-toolset-11-binutils-2.36.1-1.el8.1, gcc-toolset-11-gcc-11.2.1-1.2.el8 (AXSA:2021-2882:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2882:01 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced ...

MiracleLinux 8 : gcc-8.5.0-4.el8 (AXSA:2022-2957:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2957:01 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced ...

MiracleLinux 7 : binutils-2.27-44.base.el7.1 (AXSA:2021-2508:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2508:04 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced ...

MiracleLinux 8 : binutils-2.30-108.el8.1 (AXSA:2022-2955:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2955:01 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced ...

MiracleLinux 8 : annobin-9.72-1.el8.2 (AXSA:2022-2958:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2958:01 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced ...

MiracleLinux 8 : gcc-toolset-10-binutils-2.35-8.el8.6 (AXSA:2021-2879:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2879:01 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced ...

CVE-2024-42574

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php...

Linux Distros Unpatched Vulnerability : CVE-2021-42574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control...

CVE-2024-42574

creationtimestamp| type| source ---|---|--- 2024-08-20 16:17:32+00:00| seen| https://t.me/cvedetector/3624...

CVE-2024-42574

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php...

CVE-2024-42574

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php...

CVE-2024-42574

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php...

RHEL 7 : gcc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks...

NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Vulnerability (NS-SA-2024-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has binutils packages installed that are affected by a vulnerability: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via contro...

GitLab 0.0 < 14.2.6 / 14.3 < 14.3.4 / 14.4 < 14.4.1 (CVE-2021-42574)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft sourc...

CVE-2023-42574

creationtimestamp| type| source ---|---|--- 2023-12-24 10:41:59+00:00| seen| https://t.me/ctinow/158988...