CVE-2026-44650 SillyTavern: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

CVE-2026-44650 SillyTavern: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

CVE-2026-44650

CVE-2026-44650 affects SillyTavern (local UI for LLMs) where the POST /api/extensions/delete endpoint accepts extensionName: "." and bypasses sanitize-filename validation. This causes path traversal that deletes the entire user extensions directory (and potentially the global extensions dir) with...

SUSE-SU-2026:2121-1 Security update for frr

This update for frr fixes the following issues: - CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. - CVE-2025-61100: NULL Pointer Dereference in FRRouting bsc1252829. - CVE-2025-61101: NULL Pointer Dereference in FRRouting bsc1252833. - CVE-2025-61102: NULL Pointer Dereference in...

EUVD-2026-33186

Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...

CVE-2026-9891

An use after free flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513508128...

SillyTavern 安全漏洞

SillyTavern is a frontend interface for the SillyTavern open-source language model. Versions of SillyTavern prior to 1.18.0 contained security vulnerabilities. These vulnerabilities stemmed from the POST /api/extensions/delete endpoint accepting an extensionName parameter. This allowed bypassing...

PT-2026-44994

Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer. The sanitizer checks only the final filename suffix, allowing double-extension filenames such as shell.php.jpg to bypass the blocklist, with pathinfo preserving inner .php...

Spatie Laravel Media Library Pro 安全漏洞

Spatie Laravel Media Library Pro is a UI component for Laravel media libraries developed by the Belgian company Spatie. Versions of Spatie Laravel Media Library Pro prior to 11.23.0 contained security vulnerabilities. These vulnerabilities were caused by a bypass of file upload restrictions in...

DEBIAN-CVE-2026-9891

Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...

DEBIAN-CVE-2026-10022

Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2026-9891

CVE-2026-9891 is a use-after-free vulnerability in Chrome’s Extensions component (Chromium) that affects pre-148.0.7778.216 builds. The issue arises when a renderer process is compromised, potentially enabling a sandbox escape via a crafted Chrome Extension. The vulnerability is discussed across ...

CVE-2026-9891

Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...

CVE-2026-9891

Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...

CVE-2026-9891

Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...

CVE-2026-9891

Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...

SUSE-SU-2026:21913-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

RLSA-2026:19206 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

com.cloudbees.plugins:build-flow-plugin (>=0.10 <=0.11.1), org.jenkins-ci.plugins:build-flow-extensions-plugin (=0.1.1) potentially affected by CVE-2026-48927 via org.jenkins-ci.plugins:buildgraph-view (=1.0)

org.jenkins-ci.plugins:buildgraph-view MAVEN version =1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:buildgraph-view and may be impacted: - com.cloudbees.plugins:build-flow-plugin =0.10, =0.11.1 -...

pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation)

A missing verification step has been discovered in PyJWT. PyJWT does not validate the crit Critical Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This...