11286 matches found
Zenitel AlphaCom 安全漏洞
Zenitel AlphaCom is a critical communication server owned by the Norwegian company Zenitel. There is a security vulnerability in Zenitel AlphaCom, which allows attackers to read arbitrary files by modifying file path parameters to internal system paths...
CVE-2026-26329 OpenClaw has a path traversal in browser upload allows local file read
OpenClaw is a personal AI assistant. Prior to version 2026.2.14, authenticated attackers can read arbitrary files from the Gateway host by supplying absolute paths or path traversal sequences to the browser tool's upload action. The server passed these paths to Playwright's setInputFiles APIs...
CVE-2026-26321
CVE-2026-26321 affects OpenClaw’s Feishu extension, where sendMediaFeishu can treat attacker-controlled mediaUrl values as local filesystem paths, enabling local-file disclosure if an attacker can influence tool calls (e.g., via prompt injection). The vulnerability stems from path handling that a...
CVE-2026-26321 OpenClaw has a local file disclosure via sendMediaFeishu in Feishu extension
OpenClaw is a personal AI assistant. Prior to OpenClaw version 2026.2.14, the Feishu extension previously allowed sendMediaFeishu to treat attacker-controlled mediaUrl values as local filesystem paths and read them directly. If an attacker can influence tool calls directly or via prompt injection...
CVE-2026-26321 OpenClaw has a local file disclosure via sendMediaFeishu in Feishu extension
OpenClaw is a personal AI assistant. Prior to OpenClaw version 2026.2.14, the Feishu extension previously allowed sendMediaFeishu to treat attacker-controlled mediaUrl values as local filesystem paths and read them directly. If an attacker can influence tool calls directly or via prompt injection...
CVE-2026-26202
Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...
CVE-2026-26202 Penpot has Arbitrary File Read via create-font-variant RPC endpoint
Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...
CVE-2026-26202 Penpot has Arbitrary File Read via create-font-variant RPC endpoint
Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...
CVE-2026-26202
Penpot before 2.13.2 is affected by an authenticated arbitrary-file-read via the create-font-variant RPC endpoint: supplying a local path as font data causes the server to store the file contents as a font asset. Any authenticated user with team edit permissions can read files accessible to the P...
CVE-2026-26202 Penpot has Arbitrary File Read via create-font-variant RPC endpoint
Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...
CVE-2026-26337
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal...
CVE-2026-26337
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal...
CVE-2026-26337 Hyland Alfresco Transformation Service Absolute Path Traversal Arbitrary File Read and SSRF
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal...
CVE-2026-26337 Hyland Alfresco Transformation Service Absolute Path Traversal Arbitrary File Read and SSRF
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal...
CVE-2026-26337
Hyland Alfresco Transformation Service is affected by CVE-2026-26337. The flaw enables unauthenticated attackers to perform absolute path traversal, resulting in arbitrary file reads and server-side request forgery (SSRF). Reported CVSS-3.1 base score 8.2 (HIGH) with NETWORK attack vector and no ...
CVE-2026-2274
A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet prior to 2025-11-23 allows an authenticated remote attacker to read sensitive local files and access internal network resources via crafted requests to the production cluster. This vulnerability was patched and no...
CVE-2026-25766
Echo is a Go web framework. In versions 5.0.0 through 5.0.2 on Windows, Echo’s middleware.Static using the default filesystem allows path traversal via backslashes, enabling unauthenticated remote file read outside the static root. In middleware/static.go, the requested path is unescaped and...
CVE-2026-26336 Hyland Alfresco Improper Authorization Arbitrary File Read
Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories like WEB-INF via the "/share/page/resource/" endpoint, thus leading to the disclosure of sensitive configuration files...
CVE-2026-26336
CVE-2026-26336 affects Hyland Alfresco. Unauthenticated attackers can read arbitrary files from protected directories (e.g., WEB-INF) via the /share/page/resource/ endpoint, causing disclosure of sensitive configuration files. The issue stems from improper access control on the resource endpoint,...
CVE-2026-26336 Hyland Alfresco Improper Authorization Arbitrary File Read
Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories like WEB-INF via the "/share/page/resource/" endpoint, thus leading to the disclosure of sensitive configuration files...