CVE-2026-42085

OpenC3 COSMOS has a path-traversal weakness in save_tool_config() that enables arbitrary file writes into the shared /plugins directory prior to versions 6.10.5 and 7.0.0-rc3. By canonicalizing filenames to absolute paths, a crafted config filename can overwrite existing configuration files acros...

CVE-2026-42085 OpenC3 COSMOS: Arbitrary write to plugins directory via path-traversed config filenames

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in the savetoolconfig function that allows saving tool configuration files at arbitrary locations...

CVE-2026-42080 PPTAgent: Arbitrary File Write via `save_generated_slides`

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via savegeneratedslides. This issue has been patched via commit 418491a...

CVE-2026-42080

PPTAgent contains an arbitrary file write vulnerability in the component handling slide generation. Prior to commit 418491a, an attacker could write arbitrary files via save_generated_slides. The issue has been patched in commit 418491a. Impact details in the public records indicate a low to medi...

CVE-2026-42080 PPTAgent: Arbitrary File Write via `save_generated_slides`

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via savegeneratedslides. This issue has been patched via commit 418491a...

CVE-2026-42080

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via savegeneratedslides. This issue has been patched via commit 418491a...

CVE-2026-42078 PPTAgent: Arbitrary File Write + Directory Creation via markdown_table_to_image

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary file write and directory creation via markdowntabletoimage. This issue has been patched via commit 418491a...

CVE-2026-42078 PPTAgent: Arbitrary File Write + Directory Creation via markdown_table_to_image

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary file write and directory creation via markdowntabletoimage. This issue has been patched via commit 418491a...

CVE-2026-42078

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary file write and directory creation via markdowntabletoimage. This issue has been patched via commit 418491a...

CVE-2026-42078

PVE: CVE-2026-42078 affects PPTAgent, an agentic framework for reflective PowerPoint generation. Before commit 418491a, the code path markdown_table_to_image allows arbitrary file write and directory creation. The issue has been patched via commit 418491a. Impact ranges from low to potentially en...

CVE-2026-42075 Evolver: Path Traversal via `--out` flag in `fetch` command allows Arbitrary File Write

Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download fetch command allows attackers to write files to arbitrary locations on the filesystem. The --out= flag accepts user-provided paths without validation, enabli...

CVE-2026-42075

Evolver (GEP-powered engine) contains a path traversal vulnerability in the fetch (skill download) command prior to version 1.69.3. The --out= flag accepts user-provided paths without validation, enabling an attacker to write files to arbitrary locations on the filesystem and overwrite sensitive ...

CVE-2026-42075 Evolver: Path Traversal via `--out` flag in `fetch` command allows Arbitrary File Write

Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download fetch command allows attackers to write files to arbitrary locations on the filesystem. The --out= flag accepts user-provided paths without validation, enabli...

Directory Traversal

Overview @puchunjie/doc-tools-mcp is a Word 文档处理 MCP 服务器 - 基于 TypeScript 的文档处理工具 Affected versions of this package are vulnerable to Directory Traversal via the createdocument or opendocument functions in the MCP Interface component when processing the filePath argument. An attacker can access or...

PT-2026-36888

Name of the Vulnerable Software and Affected Versions Detect-It-Easy versions prior to 3.21 Description Insufficient path normalization during archive extraction allows attackers to write arbitrary files to the filesystem. By crafting malicious archive entries using absolute paths or relative...

OpenC3 COSMOS 安全漏洞

OpenC3 COSMOS is an open-source application developed by OpenC3. Vulnerabilities exist in versions of OpenC3 COSMOS prior to 6.10.5 and 7.0.0-rc3. These vulnerabilities stem from design flaws in the savetoolconfig function, allowing the ability to save tool configuration files at any position...

PT-2026-36858

Name of the Vulnerable Software and Affected Versions PPTAgent versions prior to commit 418491a Description An arbitrary file write issue exists in this agentic framework for reflective PowerPoint generation. The flaw occurs through the save generated slides function. Recommendations Update to...

RHCOS 3 : Red Hat OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:1633)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1633 advisory. - kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via kubectl cp CVE-2019-11246 Note that Nessus has not test...

PT-2026-36853

Name of the Vulnerable Software and Affected Versions Evolver versions prior to 1.69.3 Description A path traversal issue exists in the skill download fetch command. The --out= flag accepts user-provided paths without proper validation, allowing attackers to write files to arbitrary locations on...

Evolver 路径遍历漏洞

Evolver is an intelligent agent-based self-evolution tool developed by EvoMap. Versions of Evolver prior to 1.69.3 contained a path traversal vulnerability. This vulnerability stemmed from issues with path traversal in skill download commands, which could allow attackers to write files to any...