Exploit for CVE-2024-2961

CVE-2026-22200: osTicket Arbitrary File Read to RCE...

BIT-ELK-2026-26938 Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF)

Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...

CVE-2025-63909

Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files...

PT-2026-22805

IBM webMethods API Gateway on-prem 10.11 through 10.11 Fix3210.15 to 10.15 Fix2711.1 to 11.1 Fix7 IBM webMethods API Management on-prem fails to properly validate user-supplied input passed to the url parameter on the /createapi endpoint. An attacker can modify this parameter to use a file:// URI...

PT-2026-22768

Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files...

PT-2026-26390

Impact assertBrowserNavigationAllowed validated only http:/https: network targets but implicitly allowed other schemes. An authenticated gateway user could navigate browser sessions to file:// URLs and read local files via browser snapshot/extraction flows. Affected Component -...

OpenClaw Canvas Path Traversal Information Disclosure Vulnerability

ZDI-CAN-29312: OpenClaw Canvas Path Traversal Information Disclosure Vulnerability -- ABSTRACT ------------------------------------- Trend Micro's Zero Day Initiative has identified a vulnerability affecting the following products: OpenClaw - OpenClaw -- VULNERABILITY DETAILS...

OpenClaw: Sandbox media TOCTOU could read files outside sandbox root

Summary Sandbox media handling had a time-of-check/time-of-use gap: media paths could be validated first and read later through a separate path. A symlink retarget between those steps could cause reads outside sandboxRoot. Impact Affected versions could permit host file reads outside the intended...

CVE-2025-65465

A reflected Cross-Site Scripting XSS vulnerability in the RaiseError function of Skrol29 TbsZip version 2.17 and earlier allows remote attackers to execute arbitrary web script or HTML via a crafted payload in a filename parameter e.g., to the FileRead function. This occurs because the error...

CVE-2025-65465

A reflected Cross-Site Scripting XSS vulnerability in the RaiseError function of Skrol29 TbsZip version 2.17 and earlier allows remote attackers to execute arbitrary web script or HTML via a crafted payload in a filename parameter e.g., to the FileRead function. This occurs because the error...

PT-2026-26016

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.24 Description OpenClaw versions before 2026.2.24 contain a local media root bypass in the sendAttachment and setGroupIcon message actions when sandboxRoot is not configured. This allows attackers to read...

📄 WordPress File Away 3.9.9.0.1 Arbitrary File Read

Proof of concept exploit for a WordPress File Away plugin version 3.9.9.0.1 arbitrary file read vulnerability. ============================================================================================================================================= | Title : WordPress File Away Plugin =...

Gradio is Vulnerable to Absolute Path Traversal on Windows with Python 3.13+

Summary Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Details Python 3.13+ changed the definition of os.path.isabs so that root-relative paths like...

GHSA-39MP-8HJ3-5C49 Gradio is Vulnerable to Absolute Path Traversal on Windows with Python 3.13+

Summary Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Details Python 3.13+ changed the definition of os.path.isabs so that root-relative paths like...

CVE-2026-22877

An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to read arbitrary files on the system, and potentially causing a denial-of-service attack...

CVE-2026-28414 Gradio has Absolute Path Traversal on Windows with Python 3.13+

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Python 3.13+ change...

CVE-2026-28414

CVE-2026-28414 : The issue affects Gradio prior to 6.7 on Windows with Python 3.13+. A bug in Gradio’s path-joining logic, triggered by Python 3.13+ changes to os.path.isabs, allows an unauthenticated attacker to read arbitrary files from the Gradio server via root-relative paths. The vulnerabili...

CVE-2026-26938

Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...

CVE-2026-24488 OpenEMR Vulnerable to Arbitrary File Exfiltration via Fax Endpoint

OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on the server...

SUSE-SU-2026:20551-1 Security update for kubevirt

This update for kubevirt fixes the following issues: Update to version 1.7.0 bsc1257128. Security issues fixed: - CVE-2025-64435: logic flaw in the virt-controller can lead to incorrect status updates and potentially causing a DoS bsc1253189. - CVE-2024-45310: kubevirt vendored...