Lucene search
+L

147 matches found

OSV
OSV
added 2026/07/08 9:16 p.m.3 views

DEBIAN-CVE-2026-54590

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig.settokens that blocks /, , and .. before %u substitution in...

5.9CVSS6.1AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2026/07/08 8:16 p.m.7 views

CVE-2026-59946

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a Composer package bin entry containing .. path segments can resolve outside the package install directory and cause Composer's binary installation flow to chmod an existing host file to a world-readable and...

6.1CVSS0.00136EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.10 views

PT-2026-56549

Name of the Vulnerable Software and Affected Versions Composer versions prior to 2.2.29 Composer versions prior to 2.10.2 Description A flaw in the binary installation flow allows a package bin entry containing .. path segments to resolve outside the package installation directory. This can lead ...

6.1CVSS6.2AI score0.00136EPSS
Exploits0References11
NVD
NVD
added 2026/07/02 5:17 p.m.9 views

CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

4.3CVSS0.00262EPSS
Exploits0References7
NVD
NVD
added 2026/07/01 7:16 p.m.8 views

CVE-2026-49119

Gradio before 6.16.0 contain a path traversal vulnerability in the FileExplorer component's preprocess method that allows unauthenticated attackers to escape the configured root directory by supplying path segments containing directory traversal sequences or absolute paths. Attackers can provide...

8.7CVSS0.0069EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 6:30 p.m.4 views

CVE-2026-49119 Gradio < 6.16.0 Path Traversal via FileExplorer.preprocess()

Gradio before 6.16.0 contain a path traversal vulnerability in the FileExplorer component's preprocess method that allows unauthenticated attackers to escape the configured root directory by supplying path segments containing directory traversal sequences or absolute paths. Attackers can provide...

8.7CVSS6.1AI score0.0069EPSS
Exploits0References7
CVE
CVE
added 2026/06/30 9:27 p.m.46 views

CVE-2026-50003

The CVE-2026-50003 issue affects the DCMTK toolkit. A malicious or compromised server can exploit the bit-preserving C-GET storage mode in the DCMTK client to write files outside the designated output directory, using both relative (../) paths and absolute paths. Multiple sources (RH CVE entry, E...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 9:27 p.m.33 views

CVE-2026-50003 OFFIS DCMTK Toolkit Path Traversal

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...

9.8CVSS0.00435EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 11:10 a.m.7 views

BIT-LIBPYTHON-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS5.7AI score0.00613EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/26 10:40 p.m.36 views

CVE-2026-28701 Daktronics Controller Firmware Path Traversal

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS0.00702EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 3:42 p.m.158 views

CVE-2026-44705

The CVE-2026-44705 entry concerns the tmp npm package (Node.js temporary file/directory creator). Prior to version 0.2.6, it is vulnerable to a path traversal flaw when user-controlled data is passed to the prefix, postfix, or dir options, allowing escaping the intended temporary base directory a...

8.7CVSS5.5AI score0.00354EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/10 5:31 p.m.31 views

CVE-2026-50568 Fission: SanitizeFilePath lexical HasPrefix bypass permits sibling-directory escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS0.00114EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/10 5:31 p.m.9 views

CVE-2026-50568 Fission: SanitizeFilePath lexical HasPrefix bypass permits sibling-directory escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS5.4AI score0.00114EPSS
Exploits0References4
CVE
CVE
added 2026/06/10 5:31 p.m.30 views

CVE-2026-50568

Fission (Kubernetes-native serverless framework) has a lexical path check vulnerability in SanitizeFilePath (pkg/utils/utils.go) that used strings.HasPrefix(path, safedir) instead of a directory-boundary check. This allowed a sibling directory escape (e.g., /packages-extra/evil under /packages) t...

3.6CVSS5.4AI score0.00114EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.14 views

EulerOS 2.0 SP13 : golang (EulerOS-SA-2026-2334)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.CVE-2026-25679 Actions which insert URLs into the...

9.8CVSS7.8AI score0.00728EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.10 views

CVE-2026-41211

Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, downloadPackageManager accepts an untrusted version string and uses it directly in filesystem paths. A caller can supply ../ segments or an absolute path to escape the VPHOME/packagemanager// cache root and...

10CVSS5.4AI score0.00311EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.20 views

CVE-2026-9102

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

9.4CVSS6.5AI score0.00563EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 10:16 p.m.13 views

UBUNTU-CVE-2026-44973

Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcement may allow crafted paths e.g., using .. to escape intended base directories. While go-billy was...

8.1CVSS5.8AI score0.0031EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 9:26 p.m.2 views

CVE-2026-44973 Billy: Path traversal vulnerabilities

Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcement may allow crafted paths e.g., using .. to escape intended base directories. While go-billy was...

8.1CVSS5.9AI score0.0031EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 9:54 p.m.37 views

CVE-2026-46402

Microsoft UFO (open-source framework) 3.0.1-4-ge2626659 exposes a path traversal risk by using the user-controlled task_name when building session log paths, enabling an authenticated client to create log directories/files outside the intended logs/ directory. This can impact integrity and availa...

8.1CVSS5.8AI score0.00674EPSS
Exploits0References1
Rows per page
Query Builder