CVE-2026-6555 ProSolution WP Client <= 2.0.0 - Unauthenticated Arbitrary File Upload via 'files'

The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension and MIME type validation, while all files are processed and...

CVE-2026-6555

The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension and MIME type validation, while all files are processed and...

PT-2026-42070

Name of the Vulnerable Software and Affected Versions ProSolution WP Client versions prior to 2.0.1 Description The ProSolution WP Client plugin for WordPress allows unauthenticated attackers to upload malicious PHP files, potentially leading to remote code execution. This occurs due to an array...

PT-2026-42229

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

Frappe 路径遍历漏洞

Frappe is a web development framework based on Python and Mariadb, with integrated front-end pages, developed by the Indian company Frappe. Versions of Frappe prior to 15.105.0 and 16.15.0 have a path traversal vulnerability. This vulnerability arises from the possibility that path traversal may...

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync prior to 3.4.3 contained security vulnerabilities. These vulnerabilities stemmed from race conditions in the handling of daemon process files, where checks on...

RabbitMQ AWS infrastructure Plugin 安全漏洞

The RabbitMQ AWS Infrastructure Plugin is an open-source project by amazon-mq, designed for integrating RabbitMQ with AWS infrastructure. Versions of the RabbitMQ AWS Infrastructure Plugin prior to version 0.2.1 contained security vulnerabilities. These vulnerabilities stemmed from debugging code...

PT-2026-42259

Name of the Vulnerable Software and Affected Versions Frappe versions prior to 15.105.0 Frappe versions prior to 16.15.0 Description Frappe is a full-stack web application framework. A path traversal issue allows unauthenticated arbitrary file read on internet-facing surfaces, such as ERPNext. Ov...

Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel

🩸 CVE-2026-31635 – DirtyDecrypt Linux Kernel Local Priv...

CVE-2026-29963

HSC MailInspector 5.3.3-7 has a Path Traversal vulnerability due to improper validation of user-supplied input in the /tap/dw.php endpoint. The text parameter is used to construct file paths without adequate normalization or restriction to a safe base directory. A remote attacker can exploit this...

CVE-2026-8073

The CVE concerns the Kirki – Freeform Page Builder, Website Builder & Customizer WordPress plugin. Affected versions: all up to 6.0.6. Root cause: insufficient file path validation and missing capability check in the downloadZIP function. Impact: unauthenticated attackers can read and delete arbi...

CVE-2026-30117

scalar/astro v0.1.13 was discovered to contain an arbitrary file upload vulnerability in the the scalarurl query parameter of the Scalar Proxy endpoint. This vulnerability allows attackers to execute arbitrary code via uploading a crafted SVG file...

Directory Traversal

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Directory Traversal via the ExecuteWorkflow node's localFile source option. An attacker can enumerate arbitrary files on the server host and in some instances can achieve arbitrary code execution by...

Mailpit: Path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs

Summary The mailpit dump --http sub-command downloads every message from a remote Mailpit instance and writes each one as .eml inside the user-supplied output directory. The message ID field is taken verbatim from the JSON response of the remote server and concatenated into the output path with...

GHSA-QX5X-85P8-VG4J Mailpit: Path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs

Summary The mailpit dump --http sub-command downloads every message from a remote Mailpit instance and writes each one as .eml inside the user-supplied output directory. The message ID field is taken verbatim from the JSON response of the remote server and concatenated into the output path with...

CVE-2026-34883

An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...

HAXcms createSite SSRF Enables Arbitrary File Read

Summary An authenticated Server-Side Request Forgery SSRF vulnerability in HAXcms allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and internal network access. Details The createSite endpoint in HAXcms...

node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

A flaw was found in node-tar, a Node.js module for handling TAR archives. This vulnerability allows a remote attacker to bypass path traversal protections by crafting a malicious TAR archive. The security check for hardlink entries uses different path resolution logic than the actual hardlink...

node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

A flaw was found in node-tar, a library for Node.js. This race condition vulnerability occurs due to incomplete handling of Unicode path collisions within the path-reservations system on case-insensitive filesystems, such as macOS APFS. A remote attacker can exploit this by providing a specially...

node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

A flaw was found in the node-tar library. This vulnerability allows an attacker to craft malicious archives that, when extracted, can bypass intended security restrictions. This leads to arbitrary file overwrite and symlink poisoning, potentially allowing unauthorized modification of files on the...