Arbitrary File Write via Archive Extraction (Zip Slip)

Overview Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the extractarchivetodir function. An attacker can overwrite arbitrary files or gain elevated privileges by supplying a crafted tar.gz file containing malicious paths during...

PT-2026-28806

Name of the Vulnerable Software and Affected Versions Gigabyte Control Center affected versions not specified Description Gigabyte Control Center developed by GIGABYTE contains a flaw that allows unauthenticated remote attackers to write arbitrary files to any location on the underlying operating...

GIGABYTE Control Center 安全漏洞

GIGABYTE Control Center is an open-source hardware management and system tuning tool developed by GIGABYTE of Taiwan, China. GIGABYTE Control Center contains a security vulnerability. This vulnerability arises from the possibility of arbitrary file writing when the pairing function is enabled,...

ANT-2026-9VJ9JJXQ · junrar · Path Traversal

path-traversal medium GHSA-j273-m5qq-6825 Severity Claude high · Security research firm - · Maintainer medium Discovered by Claude Mythos Preview REPORT The report below was sent to the maintainer and sealed at approval. ANT-2026-9VJ9JJXQ: Arbitrary file write due to backslash path traversal...

CVE-2026-33645

Fireshare facilitates self-hosted media and link sharing. In version 1.5.1, an authenticated path traversal vulnerability in Fireshare’s chunked upload endpoint allows an attacker to write arbitrary files outside the intended upload directory. The checkSum multipart field is used directly in...

Exploit for XML Injection (aka Blind XPath Injection) in Fonttools

CVE-2025-66034 — fontTools varLib Arbitrary File Write → RCE...

SUSE CVE-2026-32749

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outsi...

SUSE CVE-2026-33529

Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Prior to version 3.3.2, an authenticated path traversal vulnerability in the configuration import endpoint allows an authenticated user to write arbitrary files outside the config directory, which can lead to RCE by creating a...

CVE-2026-33989 @mobilenext/mobile-mcp alllows arbitrary file write via Path Traversal in mobile screen capture tools

Mobile Next is an MCP server for mobile development and automation. Prior to version 0.0.49, the @mobilenext/mobile-mcp server contains a Path Traversal vulnerability in the mobilesavescreenshot and mobilestartscreenrecording tools. The saveTo and output parameters were passed directly to...

CVE-2026-33989 @mobilenext/mobile-mcp alllows arbitrary file write via Path Traversal in mobile screen capture tools

Mobile Next is an MCP server for mobile development and automation. Prior to version 0.0.49, the @mobilenext/mobile-mcp server contains a Path Traversal vulnerability in the mobilesavescreenshot and mobilestartscreenrecording tools. The saveTo and output parameters were passed directly to...

CVE-2026-33989

CVE-2026-33989 affects the @mobilenext/mobile-mcp server. Before v0.0.49, the tools mobile_save_screenshot and mobile_start_screen_recording pass saveTo/output directly to filesystem operations without path validation, enabling an attacker to perform path traversal and write files outside the int...

EUVD-2026-16882

@mobilenext/mobile-mcp alllows arbitrary file write via Path Traversal in mobile screen capture tools...

Directory Traversal

Overview @mobilenext/mobile-mcp is a Mobile MCP Affected versions of this package are vulnerable to Directory Traversal via the saveTo and output parameters in the mobilesavescreenshot and mobilestartscreenrecording tools. An attacker can overwrite arbitrary files on the host system by supplying...

GHSA-3P2M-H2V6-G9MX @mobilenext/mobile-mcp alllows arbitrary file write via Path Traversal in mobile screen capture tools

Summary The @mobilenext/mobile-mcp server contains a Path Traversal vulnerability in the mobilesavescreenshot and mobilestartscreenrecording tools. The saveTo and output parameters were passed directly to filesystem operations without validation, allowing an attacker to write files outside the...

@mobilenext/mobile-mcp alllows arbitrary file write via Path Traversal in mobile screen capture tools

Summary The @mobilenext/mobile-mcp server contains a Path Traversal vulnerability in the mobilesavescreenshot and mobilestartscreenrecording tools. The saveTo and output parameters were passed directly to filesystem operations without validation, allowing an attacker to write files outside the...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the systemd.credential process. An attacker can overwrite arbitrary files on the host system by crafting credential names that traverse directories. This can lead to privilege escalation or denial of service by...

GHSA-Q4Q8-7F2J-9H9F Incus has an abitrary file write through its systemd-creds options

Summary Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. An attacker can use the name of a systemd credential to escape that directory and overwrite arbitrary files on the host system. This can in turn be us...

Incus has an abitrary file write through its systemd-creds options

Summary Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. An attacker can use the name of a systemd credential to escape that directory and overwrite arbitrary files on the host system. This can in turn be us...

GHSA-83XR-5XXR-MH92 Incus vulnerable to arbitrary file read and write through pongo templates

Summary Instance template files can be used to cause arbitrary read or writes as root on the host server. Details Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to template files inside of the instance. This particular implementatio...

Incus vulnerable to arbitrary file read and write through pongo templates

Summary Instance template files can be used to cause arbitrary read or writes as root on the host server. Details Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to template files inside of the instance. This particular implementatio...