Lucene search
+L

45298 matches found

Cvelist
Cvelist
added yesterday9 views

CVE-2026-15415 Path traversal and arbitrary file write in the workflow linters of aws-healthomics-mcp-server

AWS HealthOmics is a HIPAA-eligible service that fully manages the compute, storage, and workflow engine infrastructure required to run bioinformatics analyses at scale for clinical diagnostics, drug discovery, and agricultural research. Improper limitation of a pathname to a restricted directory...

6.8CVSS
Exploits0References3
Github Security Blog
Github Security Blog
added yesterday4 views

mcp-memory-keeper: Arbitrary local file read in context_import via unvalidated filePath

Impact contextimport passed the caller-supplied filePath directly to fs.readFileSync with no path confinement. A malicious MCP client — or an LLM agent that is prompt-injected into calling the tool — could point filePath at any file readable by the server process, outside any session or export...

5.5AI score
Exploits0References6Affected Software1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-7667 Path Traversal Vulnerability in API Request Component Content-Disposition Header Processing

IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to create a malicious flow pointing to an attacker-controlled URL that returns a specially crafted Content-Disposition header e.g., filename="../../../target/path" , enabling arbitrary file write operations with...

8.8CVSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-45288

IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to create a malicious flow pointing to an attacker-controlled URL that returns a specially crafted Content-Disposition header e.g., filename="../../../target/path" , enabling arbitrary file write operations with...

8.8CVSS5.4AI score
Exploits0References1
CVE
CVE
added yesterday17 views

CVE-2026-7872

Summary: The vulnerability CVE-2026-7872 affects Langflow OSS 1.0.0–1.10.0, via a path traversal flaw in the File component’s tar archive extraction. An authenticated attacker can craft a tar with symbolic links, bypassing validation and causing extraction to create links outside the intended dir...

7.5CVSS5.5AI score
Exploits0References1
CVE
CVE
added yesterday30 views

CVE-2026-8859

Langflow OSS (versions 1.0.0–1.10.0) contains a path traversal vulnerability in the APIRequest component when the Save to File feature is enabled. Filenames parsed from HTTP Content-Disposition headers are not sanitized, allowing an attacker-controlled server to craft paths (e.g., ../) and writ...

9.9CVSS5.5AI score
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-8859 Path Traversal in APIRequest Component via Content-Disposition Header

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input validation in the APIRequest component. A path traversal vulnerability exists when the "Save to File" feature is enabled, where filenames extracted from HT...

9.9CVSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-45269

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input validation in the APIRequest component. A path traversal vulnerability exists when the "Save to File" feature is enabled, where filenames extracted from HT...

9.9CVSS5.5AI score
Exploits0References1
Cvelist
Cvelist
added yesterday12 views

CVE-2026-15343 Path traversal vulnerability in GitHub Enterprise Server allowed writing files to arbitrary repository paths, including GitHub Actions workflow files, via unchecked Dependabot dependency-file paths

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker who had code execution inside the Dependabot updater container to write files to arbitrary repository paths, including GitHub Actions workflow files under .github/workflows/ as the path validation d...

8.6CVSS
Exploits0References5
CVE
CVE
added yesterday9 views

CVE-2026-15343

GitHub Enterprise Server (Dependabot updater container) contains a path traversal vulnerability that lets an attacker with code execution inside that container write to arbitrary repository paths, including .github/workflows/. The flaw arises because path validation did not properly enforce the e...

8.6CVSS6.3AI score
Exploits0References5
CVE
CVE
added yesterday13 views

CVE-2026-15379

CVE-2026-15379 : The Altiris WMI provider exposes the AltirisAgent_Stream class, allowing any local standard user to read files accessible to the SYSTEM context, bypassing filesystem ACLs. The provider uses LocalSystem context for WMI queries without re-impersonating the caller, enabling read acc...

5.1CVSS5.3AI score0.00111EPSS
Exploits0References1
NVD
NVD
added yesterday8 views

CVE-2026-13352

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 4.16.18 via the allowedmimetypes function. This is due to the unconditional...

8.8CVSS0.00575EPSS
Exploits0References8
Nuclei
Nuclei
added yesterday20 views

Flowise 1.4.3 - Arbitrary File Read

Flowise 1.4.3 contains a path traversal caused by lack of sanitization of 'fileName' parameter in /api/v1/openai-assistants-file endpoint in index.ts, letting attackers read arbitrary files, exploit requires attacker to send crafted request. id: CVE-2024-36420 info: name: Flowise 1.4.3 - Arbitrar...

7.5CVSS7.4AI score0.01776EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday21 views

WP Responsive Images <= 1.0 - Arbitrary File Read

WP Responsive Images plugin for WordPress = 1.0 contains a path traversal caused by improper sanitization of the 'src' parameter, letting unauthenticated attackers read arbitrary files on the server. id: CVE-2026-1557 info: name: WP Responsive Images = 1.0 - Arbitrary File Read author: Shivam...

7.5CVSS5.4AI score0.01722EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday55 views

Pichome 2.1.0 - Arbitrary File Read

A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed t...

6.9CVSS5.8AI score0.0161EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday38 views

Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File Read

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...

8.6CVSS8.3AI score0.03145EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday103 views

Gradio < 2.5.0 - Arbitrary File Read

Files on the host computer can be accessed from the Gradio interface id: CVE-2021-43831 info: name: Gradio 2.5.0 - Arbitrary File Read author: isacaya severity: high description: | Files on the host computer can be accessed from the Gradio interface impact: | An attacker would be able to view the...

7.7CVSS7.3AI score0.03794EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday57 views

TinaCMS - Path Traversal

TinaCMS CLI 2.1.8 contains a file system read vulnerability caused by disabled Vite server.fs.strict setting, letting unauthenticated attackers read arbitrary files on the host system, exploit requires access to the dev server. id: CVE-2026-29066 info: name: TinaCMS - Path Traversal author:...

6.2CVSS5.4AI score0.01025EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday37 views

Avid NEXIS Agent - Arbitrary File Read

Avid NEXIS E-series, F-series, PRO+, and System Director Appliance SDA+ before 2025.5.1 contain an unauthenticated arbitrary file read caused by improper validation of the filename parameter, letting unauthenticated attackers read sensitive files, exploit requires no authentication. id:...

8.7CVSS8.6AI score0.01083EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday72 views

WooCommerce Designer Pro <= 1.9.28 - Arbitrary File Read

WooCommerce Designer Pro theme for WordPress = 1.9.28 contains an arbitrary file read vulnerability caused by improper input validation, letting unauthenticated attackers read arbitrary files including sensitive configuration files, exploit requires no authentication. id: CVE-2025-10897 info: nam...

8.6CVSS5.3AI score0.01844EPSS
Exploits0References2
Rows per page
Query Builder