404 matches found
CVE-2026-55830
RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Prior to 8.3, checkfunctionargumentnames rejected protected guard hook names for regular, variadic, and keyword-only arguments but omitted...
CVE-2026-55830
RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Prior to 8.3, checkfunctionargumentnames rejected protected guard hook names for regular, variadic, and keyword-only arguments but omitted...
CVE-2026-55830
Vulnerability summary (CVE-2026-55830) : In RestrictedPython, prior to version 8.3, check_function_argument_names() failed to reject protected guard hook names for positional-only arguments, enabling a local parameter to shadow special names such as getattr , getitem , write , or print . This cou...
CVE-2026-14156
Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
PT-2026-54297
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the StorageAccessAPI allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. The...
CVE-2026-55189
RustFS (distributed object storage in Rust) contains a vulnerability from 1.0.0-alpha.1 through 1.0.0-beta.9 where enabling the FTP frontend lets FTP read and probe handlers bypass the IAM authorization function, allowing authenticated users to read objects and probe buckets regardless of IAM pol...
USN-8422-1 mistral vulnerability
Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral did not properly enforce access policies on some API endpoints. An attacker could possibly execute arbitrary code on a Mistral worker and possibly extract sensitive data including service credentials from it...
[SECURITY] [DSA 6333-1] mistral security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6333-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 09, 2026 https://www.debian.org/security/faq -...
PT-2026-45373
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Broker versions prior to 5.19.7 Apache ActiveMQ Broker versions 6.0.0 through 6.2.5 Apache ActiveMQ All versions prior to 5.19.7 Apache ActiveMQ All versions 6.0.0 through 6.2.5 Apache ActiveMQ versions prior to 5.19.7 Apache...
EUVD-2026-29971
When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40067
When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40067 BIG-IP APM Vulnerability
When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40067
BIG-IP APM CVE-2026-40067 affects BIG-IP APM with vulnerable 21.x releases (e.g., 21.0.0 exposed). The issue occurs when an access policy is configured on a virtual server, allowing undisclosed traffic to trigger a denial-of-service by terminating the apmd process. The F5 advisory classifies this...
Palo Alto Networks Prisma Browser 代码问题漏洞
Palo Alto Networks Prisma Browser is an enterprise-level security browser developed by Palo Alto Networks. There is a code vulnerability in Palo Alto Networks Prisma Browser, which stems from a race condition issue. This vulnerability may allow non-administrative users with local access to bypass...
PT-2026-40645
Name of the Vulnerable Software and Affected Versions BIG-IP APM affected versions not specified Description Undisclosed traffic can cause the apmd process to terminate when a BIG-IP APM access policy is configured on a virtual server. Recommendations At the moment, there is no information about ...
MAL-2026-3523 Malicious code in @uipath/access-policy-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware febad4aef386c313b1c7878c4e8815c1cf931e738346cd4e7e6f53d439198d26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @uipath/access-policy-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware febad4aef386c313b1c7878c4e8815c1cf931e738346cd4e7e6f53d439198d26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @uipath/access-policy-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87fb4a7ca8257b97a21e311c9322a63b2691136e87c6a8ce12cc648890849f76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3522 Malicious code in @uipath/access-policy-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87fb4a7ca8257b97a21e311c9322a63b2691136e87c6a8ce12cc648890849f76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2026-39273
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description The '/responses' endpoint in the OpenAI router allows any authenticated user to forward requests to upstream LLM providers without enforcing per-model access control. While the generate chat...