CLEANSTART-2026-AQ65185 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32285, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39882, CVE-2026-42499, CVE-2026-42501, CVE-2026-44740, CVE-2026-45022, CVE-2026-4660, ghsa-389r-gv7p-r3rp, ghsa-3xc5-wrhm-f963, ghsa-6g7g-w4f8-9c9x, ghsa-78h2-9frx-2jm8, ghsa-92mm-2pjq-r785, ghsa-9h8m-3fm2-qjrq, ghsa-fw7p-63qq-7hpr, ghsa-q9hv-hpm4-hj6x, ghsa-w8rr-5gcm-pp58, ghsa-xmrv-pmrh-hhx2 applied in versions: 0.93.13-r1, 0.96.1-r0, 0.96.1-r1, 0.96.1-r2, 0.96.1-r3, 0.96.1-r4, 0.96.1-r5, 0.96.1-r6

Multiple security vulnerabilities affect the terragrunt-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Security Bulletin: Go-getter may allow to arbitrary filesystem reads through git operations

Summary HashiCorp’s go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. This vulnerability, CVE-2026-4660, is fixed in go-getter v1.8.6. This vulnerability does not affect the go-getter/v2 branch and...

CVE-2026-4660 vulnerabilities

Vulnerabilities for packages: kots, chainctl, packer-fips, tfsec, trivy, trivy-operator-fips, grype, trivy-fips, cloudbeat, steampipe, grype-db, syft-fips, terragrunt-fips, kubescape, terragrunt, grype-fips, cloudbeat-fips, snyk-cli, syft, k9s, zarf, opentofu-fips, tflint-fips, conftest,...

UBUNTU-CVE-2026-4660

HashiCorp’s go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. This vulnerability, CVE-2026-4660, is fixed in go-getter v1.8.6. This vulnerability does not affect the go-getter/v2 branch and package...

Linux Distros Unpatched Vulnerability : CVE-2026-4660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp's go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. Th...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.3 Vulnerability Details CVEID:CVE-2013-4660 DESCRIPTION: The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute...

CVE-2010-4660

Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes...

CVE-2013-4660

The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute arbitrary code via a crafted string that triggers an eval operation...

CVE-2005-4660

Race condition in IPCop aka IPCop Firewall before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted, then executing ipcoprscfg to restore from...

CVE-2025-4660

creationtimestamp| type| source ---|---|--- 2025-05-13 17:55:38+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114501808160728674 2025-05-13 18:15:25+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp33axfghk32 2025-05-13...

CVE-2025-4660

CVE-2025-4660 affects Forescout SecureConnector Windows agent. The issue arises from improper access controls on a named pipe (the FS SC UNINSTALL PIPE), which is accessible to Everyone and does not restrict remote connections, enabling network-based redirects of the SecureConnector agent to a ro...

CVE-2024-4660

creationtimestamp| type| source ---|---|--- 2024-09-12 19:48:10+00:00| seen| https://t.me/cvedetector/5504...

CVE-2024-4660 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...

CVE-2024-4660

Removed by vendor...

CVE-2024-4660 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...

GitLab 11.2 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-4660)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was...

CVE-2023-4660

creationtimestamp| type| source ---|---|--- 2023-11-02 14:24:42+00:00| exploited| https://t.me/truesecator/5041...

CVE-2019-4660

CVE-2019-4660 is an AngularJS client-side template injection vulnerability affecting IBM InfoSphere Information Analyzer and Information Server on Cloud. The issue allows injection of AngularJS template syntax in an internal page request, which can be interpreted by Angular and lead to cross-site...

USN-4660-2: Linux kernel regression

USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. Original advisory details: It was discovered that a race condition existe...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel regression (USN-4660-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4660-2 advisory. USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with...