EUVD-2026-31598

A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious config.json file containing the attnimplementationinternal field set to an attacker-controlled HuggingFac...

OESA-2026-2358 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.CVE-2026-40226...

Crabbox contains a path traversal vulnerability in the Islo provider's workspace path resolution

Crabbox before 0.9.0 contains a path traversal vulnerability in the Islo provider's workspace path resolution that allows attackers to supply absolute or relative paths that resolve outside the intended /workspace directory. Attackers can craft a malicious .crabbox.yaml or crabbox.yaml file with...

OESA-2026-2280 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.CVE-2026-40226...

OESA-2026-2279 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.CVE-2026-40226...

OESA-2026-2277 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.CVE-2026-40226...

CVE-2026-42085

OpenC3 COSMOS has a path-traversal weakness in save_tool_config() that enables arbitrary file writes into the shared /plugins directory prior to versions 6.10.5 and 7.0.0-rc3. By canonicalizing filenames to absolute paths, a crafted config filename can overwrite existing configuration files acros...

Insertion of Sensitive Information Into Sent Data

Overview axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data through the request configuration handling in the adapters/xhr.js adapter and helpers/resolveConfig.js‎. An attacker can...

SUSE CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

EUVD-2026-21400

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

CVE-2026-40226

The CVE affects systemd-nspawn: versions 233–259 (before 260) are vulnerable. A crafted optional config file can trigger an escape-to-host action. Root cause is not detailed beyond this vector in the provided docs. Remediation implied by the reference is upgrading to systemd 260 or later to mitig...

EUVD-2026-13231

Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client...

CVE-2026-22628

An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file...

CVE-2026-0654

Improper input handling in the administration web interface on TP-Link Deco BE25 v1.0 allows crafted input to be executed as part of an OS command. An authenticated adjacent attacker may execute arbitrary commands via crafted configuration file, impacting confidentiality, integrity and availabili...

CVE-2025-33246

CVE-2025-33246 affects the NVIDIA NeMo Framework across platforms, with the vulnerability residing in the ASR Evaluator utility. A crafted input in a configuration parameter can trigger a command injection, enabling possible code execution, privilege escalation, data tampering, or information dis...

mcp-csharp-cmdexe-poc

MCP C SDK cmd.exe Argument Injection PoC Proof of concept fo...

CVE-2026-22228

An authenticated user with high privileges may trigger a denial‑of‑service condition in TP-Link Archer BE230 v1.2 by restoring a crafted configuration file containing an excessively long parameter. Restoring such a file can cause the device to become unresponsive, requiring a reboot to restore...