CVE-2026-5843

The CVE describes a vulnerability in Docker Model Runner (macOS) where the MLX-LM backend unconditionally imports and executes arbitrary Python files specified by model_file in a model's config.json via importlib, without a trust_remote_code gate or sandboxing. This enables container-to-host arbi...

CVE-2026-24217

NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

curl: HSTS multi-trailing-dot bypass-ish: possible incomplete fix for CVE-2022-30115

Hi all, Honestly, I'm not completely certain about this issue, but I think the CVE-2022-30115 fix "HSTS bypass via trailing dot" is incomplete: the same asymmetry exists for hostnames with two or more trailing dots, so http://example.com../ still gets sent in plaintext when there's a valid HSTS...

SUSE CVE-2026-41256

jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by \x00 and arbitrary suffix compiles and executes as only the prefix before...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 size 4096: comm "kexec", pid 14950, jiffies 4295110793 age 373.951s hex dump first 32 bytes: 7f 45 4c 4...

Path Traversal

LiquidJS is vulnerable to Path Traversal. The vulnerability is due to the top-level file loads not enforcing the boundary set by the configured root, where a Liquid instance configured with an empty temporary directory as root can return the contents of arbitrary files and attackers can exploit...

Malwarebytes Anti-Malware Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Anti-Malware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2025-33253

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

SUSE CVE-2025-71139

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...

CVE-2025-71139

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...

CVE-2025-67900

NXLog Agent before 6.11 is affected by a vulnerability where the process can load a file specified by the OPENSSL_CONF environment variable. This allows manipulation of the OpenSSL configuration, with potential impact on cryptographic operations. Affected product: NXLog Agent; vulnerable version(...

PT-2025-51178

Name of the Vulnerable Software and Affected Versions NXLog Agent versions prior to 6.11 Description NXLog Agent versions before 6.11 are susceptible to a local issue that allows attackers to manipulate the OpenSSL configuration. The issue involves the loading of a file specified by the OPENSSL...

MicrosoftAmplifierPoC

Microsoft Amplifier RCE PoC Proof of concept demonstrating re...

GHSA-CQ46-M9X9-J8W2 Scapy Session Loading Vulnerable to Arbitrary Code Execution via Untrusted Pickle Deserialization

Summary An unsafe deserialization vulnerability in Scapy Internally, this triggers: python main.py SESSION = pickle.loadgzip.opensessionname, "rb" Since no validation or restriction is performed on the deserialized object, any code embedded via reduce will be executed immediately. This makes it...

CVE-2025-49655

CVE-2025-49655 affects the Keras framework with deserialization of untrusted data in versions 3.11.0 up to, but not including, 3.11.3. A maliciously uploaded Keras file containing a TorchModuleWrapper class can execute arbitrary code on an end user’s system when loaded, even if safe mode is enabl...

EUVD-2016-4583

Malware in sbrugna...

EUVD-2020-11414

Malware in sbrugna...

EUVD-2020-6472

Malware in sbrugna...

EUVD-2011-1374

Malware in sbrugna...

Metasploit Weekly Wrap-Up 08/22/2025

An Early Festivus Airing of Grievances Want to tell us how much you like us? We hope! Want to tell us how much you hate us? We hope not! We are somewhat familiar with the reclusive security expert lifestyle, as it is our own, but we are asking our users and non-users to steel themselves and take ...