Lucene search
K

44536 matches found

Github Security Blog
Github Security Blog
added 2026/05/07 7:32 p.m.11 views

FacturaScripts Vulnerable to Remote Code Execution (RCE) via Zip Slip in Plugin Upload Mechanism

Summary A Critical vulnerability exists in the Plugins::add function. The system fails to properly validate the file paths within uploaded ZIP archives. This allows an attacker to perform a Zip Slip attack, leading to Arbitrary File Write and Remote Code Execution RCE by overwriting sensitive .ph...

7.2CVSS5.8AI score0.00522EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/05/07 7:21 p.m.6 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal. Go Vulnerability Report: The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the...

8.7CVSS6.3AI score0.0017EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 7:21 p.m.11 views

GO-2026-4979 Invoking "go tool pack" does not sanitize output paths in cmd/go

The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem...

5.9CVSS5.9AI score0.0017EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 7:18 p.m.9 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in keras-3.13.1-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in keras-3.13.1-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-1669 DESCRIPTION: Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a...

7.5CVSS5.8AI score0.00298EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/07 6:22 p.m.8 views

CVE-2026-44243 GitPython: Path traversal in GitPython reference APIs allows arbitrary file write and delete outside the repository

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repository’s .git directory...

8.8CVSS5.7AI score0.00419EPSS
Exploits1References2
OSV
OSV
added 2026/05/07 3:21 p.m.8 views

USN-8256-1 opam vulnerability

Andrew Nesbitt discovered that opam did not properly validate file destination paths in package install files. An attacker could use this issue to bypass sandbox protections and write files to arbitrary locations, possibly leading to arbitrary code execution...

7.3CVSS6.5AI score0.0018EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/07 3:21 p.m.13 views

USN-8256-1: opam vulnerability

Andrew Nesbitt discovered that opam did not properly validate file destination paths in package install files. An attacker could use this issue to bypass sandbox protections and write files to arbitrary locations, possibly leading to arbitrary code execution...

7.3CVSS6.5AI score0.0018EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/07 2:59 p.m.88 views

Exploit for CVE-2026-38360

CVE-2026-38360: Directory Traversal in dash-uploader !CVE...

6AI score0.05982EPSS
Exploits5
OSV
OSV
added 2026/05/07 11:44 a.m.21 views

USN-8247-1 owslib vulnerability

It was discovered that OWSLib did not properly disable entity resolution within its XML parser. An attacker could possibly use this issue to read arbitrary files via a crafted XML payload...

8.2CVSS7.2AI score0.00985EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 10:31 a.m.39 views

CVE-2026-33589 Arbitrary File Read via Local File Inclusion (LFI)

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files content from the docker container via path traversal...

8.2CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/05/07 10:31 a.m.25 views

CVE-2026-33589

Open Notebook v1.8.3 is affected by CVE-2026-33589 due to lack of input validation in the file-upload function, enabling local file read via path traversal from within the docker container. Affected component: file upload handling; attack vector: LOCAL, without user interaction, no privileges req...

8.2CVSS5.8AI score0.0018EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/07 10:28 a.m.47 views

CVE-2026-33588 Arbitrary File Write Through Path Traversal

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal...

7CVSS0.00182EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/07 10:28 a.m.9 views

CVE-2026-33588 Arbitrary File Write Through Path Traversal

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal...

7CVSS5.8AI score0.00182EPSS
Exploits0References1
CVE
CVE
added 2026/05/07 10:28 a.m.23 views

CVE-2026-33588

Open Notebook v1.8.3 contains a path traversal flaw in its file upload feature that allows arbitrary file writes on the docker container due to insufficient input validation. An attacker with local access and no privileges can craft input to create or modify files. CVSSv4.0 metrics from ENISA yie...

8.1CVSS5.8AI score0.00182EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/07 9:46 a.m.14 views

WordPress Slider Revolution plugin 7.0.0-7.0.10 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

WordPress Slider Revolution plugin 7.0.0-7.0.10 - 7.0.10 - Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by h0xilo in WordPress Plugin Slider Revolution versions 7.0.0-7.0.10...

8.8CVSS5.8AI score0.00815EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/07 6:16 a.m.25 views

CVE-2026-6692

The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS0.00815EPSS
Exploits0References2
NVD
NVD
added 2026/05/07 6:16 a.m.30 views

CVE-2026-7252

The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduledoriginalfiledeletion function in all versions up to, and including, 4.5.2 Th...

8.1CVSS0.0095EPSS
Exploits0References9
CVE
CVE
added 2026/05/07 4:27 a.m.20 views

CVE-2026-6692

Slider Revolution WordPress plugin versions 7.0.0–7.0.10 are vulnerable to Arbitrary File Upload due to insufficient file-type validation in the _get_media_url and _check_file_path functions. This allows authenticated users with subscriber-level access or higher to upload files that may be execut...

8.8CVSS6.4AI score0.00815EPSS
In wildExploits0References2
Vulnrichment
Vulnrichment
added 2026/05/07 4:27 a.m.7 views

CVE-2026-6692 Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload via _get_media_url

The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.4AI score0.00815EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 4:27 a.m.72 views

CVE-2026-6692 Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload via _get_media_url

The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS0.00815EPSS
Exploits0References2
Rows per page
Query Builder