Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-12480

A flaw was found in Keras. An attacker can craft a malicious model archive or weights file containing a Virtual Dataset VDS that references external files on a victim's system. When a user loads this malicious model, the external file is transparently read. This vulnerability leads to information...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References5
Veracode
Veracode
added 2026/05/16 5:34 a.m.15 views

Path Traversal

Hugo is vulnerable to Path Traversal. The vulnerability is due to unrestricted execution of Node-based asset pipeline tools such as PostCSS, Babel, and TailwindCSS during site builds, allowing code from untrusted sites to read or write files outside the project's working directory when processed ...

8.6CVSS5.9AI score0.00274EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/04/08 3:3 p.m.4 views

UNIX Symbolic Link (Symlink) Following

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following through the include, render, and layout directories, when symlinks are placed within a trusted...

8.2CVSS5.8AI score0.00396EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:18 p.m.7 views

Directory Traversal

Overview h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to Directory Traversal via the serveStatic function. An attacker can access arbitrary files outside the intended static directory by sending crafted HTTP requests...

8.2CVSS6.4AI score
Exploits0References2
Cvelist
Cvelist
added 2026/01/07 12:0 a.m.29 views

CVE-2025-67366

@sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality. Version 0.5.8 of filesystem-mcp contains a critical path traversal vulnerability in its "readcontent" tool. This vulnerability arises from improper symlink handling in the path validation mechanism...

0.00536EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.3 views

EsafeNet CDG 安全漏洞

EsafeNet CDG is a document security management system from EsafeNet, China. A security vulnerability exists in EsafeNet CDG version 5. An attacker can exploit the vulnerability to access files and directories stored outside the web root folder...

7.5CVSS4.8AI score0.00683EPSS
Exploits1References4
Rows per page
Query Builder