EUVD-2026-36091

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission storagesvc component registers archive CRUD handlers /v1/archive GET / POST / DELETE and /v1/archives list directly on...

CVE-2026-42453 Termix: Command injection in extractArchive/compressFiles via double-quote escaping bypass

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, the extractArchive and compressFiles endpoints in file-manager.ts use double-quoted strings for shell command construction, unlike all other file manager operation...

RHCOS 4 : OpenShift Container Platform 4.7.38 (RHSA-2021:4801)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4801 advisory. - jenkins: FilePathmkdirs does not check permission to create parent directories CVE-2021-21685 - jenkins: File path filters do not...

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...