EUVD-2026-33927

Path traversal vulnerability in Gleam's handling of custom documentation pages allows arbitrary file read and file write outside the intended documentation output directory. The documentation.pages entries from gleam.toml are incorporated into filesystem paths without sufficient validation or...

CVE-2026-41009 - Local Blobstore may allow arbitrary reads/deletes | Cloud Foundry

MEDIUM CVSSv4: Medium 4.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:L CVSSv3: Medium 5.8 CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:L Vendor Cloud Foundry Foundation Versions Affected Severity is MEDIUM unless otherwise noted. BOSH Director – All versions prior to v282.1.12...

Mobile Verification Toolkit (MVT): Path Traversal via unsanitized File identifiers in iOS Backup processing

Summary The fileID field from Manifest.db a SQLite database inside iOS backups, generated by the device is used directly in filesystem path construction without validation. This affects two commands through a shared code path: - mvt-ios decrypt-backup decrypt.py: fileid is used to construct both...

WordPress Kirki – Freeform Page Builder, Website Builder & Customizer plugin <= 6.0.6 - Unauthenticated Limited Arbitrary File Read and Deletion vulnerability

Unauthenticated Limited Arbitrary File Read and Deletion vulnerability discovered by Rafie Muhammad - Awesome Motive, Inc. in WordPress Plugin Kirki – Freeform Page Builder, Website Builder & Customizer versions = 6.0.6...

Astra Linux - уязвимость в webkit2gtk

The issue was addressed through improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, and watchOS 10.5. An attacker with arbitrary read and write capabilities may be able to bypass Pointer Authentication...

CVE-2026-44641

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.json into .apm/. The manifest fields agents, skills, commands, and hooks are attacker-controlled, but...

CVE-2024-36323

CVE-2024-36323: Improper isolation of VCN-JPEG hardware register space could allow a local attacker (malicious Guest VM or local process) to read/write the JPEG core register space of a victim VM/process, potentially accessing data. CVSS v4.0 vector: AV:L/AC:L/PR:L/UI:N/AT:P/VC:H/SC:H/VI:H/SI:H/V...

CVE-2026-6959

CVE-2026-6959 affects HashiCorp Nomad and Nomad Enterprise older than 2.0.1, allowing arbitrary file read/write on the client host as the Nomad process user via a symlink attack. Impact: potential unauthorized access or manipulation on the client host; CVSS 3.1 base score 6.0 (Scope Changed, Priv...

CVE-2026-2614

Summary: CVE-2026-2614 affects mlflow/mlflow

CVE-2026-44996 OpenClaw < 2026.4.15 - Arbitrary Local File Read via Webchat Audio Embedding

OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or tool-produced ReplyPayload.mediaUrl parameters to resolve absolute local paths or file URLs...

SUSE CVE-2026-7943

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-7964

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-41589 Wish has SCP Path Traversal that allows arbitrary file read/write

Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...

CVE-2026-41589 Wish has SCP Path Traversal that allows arbitrary file read/write

Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...

Incomplete List of Disallowed Inputs

Overview Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the metadata process. An attacker can rename, move, or create links to files within the container by submitting specially crafted metadata values that bypass the intended blocklist. This may also...

EUVD-2026-28027

Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via a crafted Chrome Extension. Chromium security severity: Medium...

EUVD-2026-28003

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. Chromium security severity: Medium...

EUVD-2026-27989

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-44111

OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memoryget function that allows callers to read any Markdown files within the workspace root. Attackers with access to the memory tool can bypass path restrictions by providing arbitrary workspace Markdown...