CLSA-2026-1779912818 Fix CVE(s): CVE-2026-42307

SECURITY UPDATE: OS command injection in the netrw plugin via crafted sftp:// or file:// URLs - debian/patches/CVE-2026-42307.patch: OS command injection in the netrw plugin via crafted sftp:// or file:// URLs - CVE-2026-42307...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the webchat audio embedding process. An attacker can access and exfiltrate arbitrary local audio-like files readable by the gateway process by influencing the...

CVE-2026-32938 SiYuan has an Arbitrary File Read in its Desktop Publish Service

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the /api/lute/html2BlockDOM on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace assets directory without validating paths against a sensitive-path list. Together with GET...

CVE-2026-32938 SiYuan has an Arbitrary File Read in its Desktop Publish Service

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the /api/lute/html2BlockDOM on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace assets directory without validating paths against a sensitive-path list. Together with GET...

CVE-2026-32938

SiYuan desktop users running versions 3.6.0 and earlier are affected. The flaw in /api/lute/html2BlockDOM allows copying local files referenced by file:// links into the workspace assets directory without validating against a sensitive-path list. When combined with authenticated GET /assets/*path...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal through the html2BlockDOM handler in kernel/api/lute.go and the asset-copying process in the desktop publish service. An attacker can exfiltrate sensitive local files readable by the desktop process by submitting HTM...

GO-2026-4546 FileBrowser Quantum: Password Protection Not Enforced on Shared File Links in github.com/gtsteffaniak/filebrowser/backend

FileBrowser Quantum: Password Protection Not Enforced on Shared File Links in github.com/gtsteffaniak/filebrowser/backend...

GHSA-8VRH-3PM2-V4V6 FileBrowser Quantum: Password Protection Not Enforced on Shared File Links

Summary When users share password-protected files, the recipient can completely bypass the password and still download the file. Details This happens because the API returns a direct download link in the details of the share, which is accessible to anyone with JUST THE SHARE LINK, even without th...

FileBrowser Quantum: Password Protection Not Enforced on Shared File Links

Summary When users share password-protected files, the recipient can completely bypass the password and still download the file. Details This happens because the API returns a direct download link in the details of the share, which is accessible to anyone with JUST THE SHARE LINK, even without th...

CVE-2025-69218

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, moderators can access the topuploads admin report which should be restricted to admins only. This report displays direct URLs to all uploaded files on the site, including sensitive...

CVE-2025-69218

Discourse vulnerability CVE-2025-69218: In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, moderators can access the private top_uploads admin report, which reveals direct URLs to all uploaded files (including potential sensitive content like user data exports and admin backups). The...

CVE-2025-34179 NetSupport Manager < 14.12.0001 Unauthenticated SQLi Local File Disclosure

NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...

PT-2025-51231

NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...

CVE-2025-64407 Apache OpenOffice: URL fetching can be used to exfiltrate arbitrary INI file values and environment variables

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. Such links could also be used to transmit system information, such as environment variable...

EUVD-2020-12017

Malware in sbrugna...

EUVD-2025-7964

Malicious code in bioql PyPI...

EUVD-2024-42289

Malicious code in bioql PyPI...

CVE-2005-2522

Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file...

CVE-2025-30551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in smartredfox Pretty file links pretty-file-links allows Stored XSS.This issue affects Pretty file links: from n/a through = 0.9...

CVE-2025-30551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in smartredfox Pretty file links pretty-file-links allows Stored XSS.This issue affects Pretty file links: from n/a through = 0.9...