Arbitrary File Write via Path Traversal in Orbax Checkpoint Asset Dict Keys

Description When loading a Keras model from an Orbax checkpoint directory, the writenesteddicttodir function uses dict keys from the checkpoint's asset data directly in os.path.join without any path sanitization. A crafted Orbax checkpoint can include absolute paths or path traversal sequences .....

CVE-2019-25431 delpino73 Blue-Smiley-Organizer 1.32 SQL Injection via datetime

delpino73 Blue-Smiley-Organizer 1.32 contains an SQL injection vulnerability in the datetime parameter that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL code through POST requests to extract sensitive data using boolean-based blind and time-based blind...

CVE-2026-26065

A flaw was found in calibre. This path traversal vulnerability allows a local user to write arbitrary files with arbitrary content and extensions to any location where the user has write permissions. This occurs when processing specially crafted PDB Program Database e-book files. Successful...

UBUNTU-CVE-2026-26064

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows, this leads to Remote Code Execution by writin...

CVE-2026-26065 calibre: Path Traversal can Lead to Arbitrary File Write and Potential Code Execution

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers both 132-byte and 202-byte header variants that allow arbitrary file writes with arbitrary extension and arbitrary...

CVE-2026-26065 calibre: Path Traversal can Lead to Arbitrary File Write and Potential Code Execution

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers both 132-byte and 202-byte header variants that allow arbitrary file writes with arbitrary extension and arbitrary...

CVE-2026-26064 calibre: Path Traversal Vulnerability Enables Arbitrary File Write and Remote Code Execution

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows, this leads to Remote Code Execution by writin...

CVE-2026-26064 calibre: Path Traversal Vulnerability Enables Arbitrary File Write and Remote Code Execution

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows, this leads to Remote Code Execution by writin...

CVE-2026-26064 calibre: Path Traversal Vulnerability Enables Arbitrary File Write and Remote Code Execution

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows, this leads to Remote Code Execution by writin...

CVE-2026-26975 Music Assistant Server Path Traversal in Playlist Update API Allows Remote Code Execution

Music Assistant is an open-source media library manager that integrates streaming services with connected speakers. Versions 2.6.3 and below allow unauthenticated network-adjacent attackers to execute arbitrary code on affected installations. The music/playlists/update API allows users to bypass...

PT-2026-20972

Name of the Vulnerable Software and Affected Versions Music Assistant versions 2.6.3 and below Description Music Assistant is an open-source media library manager that integrates streaming services with connected speakers. Versions 2.6.3 and below allow unauthenticated network-adjacent attackers ...

OpenClaw 路径遍历漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability. The vulnerability stems from the browser download assistant accepting uncleaned output paths, which can be exploited by an attacker to traverse a directory on a system t...

Calibre 路径遍历漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Calibre versions 9.2.1 and earlier had a path traversal vulnerability. This vulnerability stemmed from a path traversa...

OpenClaw safeBins stdin-only bypass via sort output and recursive grep flags

Summary tools.exec.safeBins could be bypassed for filesystem access when sort output flags -o / --output or recursive grep flags were allowed through safe-bin execution paths. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.19 - Latest published version at triag...

GO-2026-4358 Sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal in github.com/sigstore/sigstore

Sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal in github.com/sigstore/sigstore...

Directory Traversal

Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Directory Traversal via the sendfromdirectory function. An attacker can access files within the application package directory by supplying crafted path-traversal...

Path Traversal in NLTK Downloader Package Metadata Allows Arbitrary File Write

Description The NLTK downloader does not validate file paths constructed from package metadata before writing downloaded files. A malicious NLTK data server can specify arbitrary paths via the subdir and id attributes in the package index XML, allowing arbitrary file write outside the intended...

Arbitrary File Write

Langflow is vulnerable to arbitrary file write. The vulnerability is due to lack of path validation and directory restrictions in the fspath parameter, which allows an attacker to specify arbitrary absolute paths and overwrite files on the server...

Exploit for CVE-2025-4517

CVE-2025-4517 Exploit - WingData HTB NOTES This exploit an...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the browser control API's handling of output paths for trace and download files. An attacker can write files to arbitrary locations on the filesystem by supplying...