CVE-2026-41433 OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the --persist-lint-results process. An attacker can overwrite arbitrary JSON files on the filesystem by supplying a crafted APK with manipulated .PKGINFO fields containing path traversal sequences. This is only...

OpenTelemetry eBPF Instrumentation 路径遍历漏洞

OpenTelemetry eBPF Instrumentation is an open-source eBPF-based lightweight telemetry data collection tool developed by OpenTelemetry. In versions 0.4.0 to 0.8.0 of OpenTelemetry eBPF Instrumentation, there was a path traversal vulnerability. This vulnerability stemmed from defects in the Java...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Untar and Unzip functions in pkg/archive/archive.go. An attacker can overwrite arbitrary files on the filesystem by crafting a malicious tar or zip archive containing directory traversal sequences and trickin...

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the put function. An attacker can overwrite or create arbitrary files in the webroot by enticing a user to visit a malicious website, which then issues crafted PUT requests through the victim's browse...

CVE-2026-35364

The CVE-2026-35364 entry describes a TOCTOU race in the mv utility of the uutils coreutils project during cross-device operations. The vulnerability arises when mv removes the destination path and recreates it via a copy; a local attacker with write access to the destination directory can replace...

CVE-2026-35364 uutils coreutils mv Arbitrary File Overwrite via Cross-Device TOCTOU Race Condition

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit thi...

CVE-2026-35356 uutils coreutils install Arbitrary File Overwrite with -D via Path Component Symlink Race

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the -D flag. The command creates parent directories and subsequently performs a second path resolution to create the target file, neither of which is anchored to a directory file...

CVE-2026-35356 uutils coreutils install Arbitrary File Overwrite with -D via Path Component Symlink Race

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the -D flag. The command creates parent directories and subsequently performs a second path resolution to create the target file, neither of which is anchored to a directory file...

CVE-2026-35355 uutils coreutils install Arbitrary File Overwrite via Symlink TOCTOU Race

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file installation. The implementation unlinks an existing destination file and then recreates it using a path-based operation without the OEXCL flag. A local attacker can exploit t...

K000160938: OpenSSH vulnerabilities CVE-2019-16905 and CVE-2020-12062

Security Advisory Description CVE-2019-16905 OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution...

GHSA-MF9W-MJ56-HR94 python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

Summary setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a cross-device rename fallback is triggered. Details The rewrite context manager in dotenv/main.py is used by both setkey...

python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

Summary setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a cross-device rename fallback is triggered. Details The rewrite context manager in dotenv/main.py is used by both setkey...

EUVD-2026-23901

python-dotenv: Symlink following in setkey allows arbitrary file overwrite via cross-device rename fallback...

CVE-2026-28684 python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...

CVE-2026-28684

python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...

CVE-2026-28684 python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...

CVE-2026-28684

CVE-2026-28684 (python-dotenv) : The issue affects python-dotenv where the functions set_key() and unset_key() follow symbolic links when rewriting the .env file. This behavior enables a local attacker to overwrite arbitrary files via a crafted symlink during a cross-device rename fallback. Impac...

CVE-2026-5958

When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to its target and stores the resolved path for determining when output is written, 2. opens the original...

python-dotenv 安全漏洞

python-dotenv is a Python environment management tool developed by Saurabh Kumar. Versions of python-dotenv prior to version 1.2.2 contained security vulnerabilities. These vulnerabilities stemmed from defects in the setkey and unsetkey functions when dealing with symbolic links, which could allo...