PT-2026-30578

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the ksmbd component related to the handling of FS OBJECT ID INFORMATION. The resolution involves utilizing the superblock's UUID sb-s uuid as th...

CVE-2026-31410

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use volume UUID in FSOBJECTIDINFORMATION Use sb-suuid for a proper volume identifier as the primary choice. For filesystems that do not provide a UUID, fall back to stfs.ffsid obtained from vfsstatfs...

PT-2026-30767

Summary PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious publisher can place ../ traversal sequences in the bund...

Ferret 安全漏洞

Ferret is an open-source declarative system developed by MontFerret for web data extraction and querying. Versions of Ferret prior to 2.0.0-alpha.4 contained security vulnerabilities. These vulnerabilities stemmed from path traversal issues in the IO::FS::WRITE standard library function, which...

EUVD-2026-19091

A vulnerability was identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The impacted element is an unknown function of the file /fs of the component Configuration Data Handler. Such manipulation of the argument File leads to information disclosure. It is possible to launch the attack...

CVE-2026-5573

A weakness has been identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This impacts an unknown function of the file /fs. Executing a manipulation of the argument cwd can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public an...

CVE-2026-5573

Affects Technostrobe HI-LED-WR120-G2 (firmware 5.5.0.1R6.03.30). The CVE describes a flaw in an unknown function of the file /fs where manipulation of the argument cwd can lead to an unrestricted upload. The attack is described as remotely launchable with a publicly available exploit. The vendor ...

Technostrobe HI-LED-WR120-G2 安全漏洞

Technostrobe HI-LED-WR120-G2 is a high-brightness industrial strobe lighting device from the Canadian company Technostrobe. Version 5.5.0.1R6.03.30 of Technostrobe HI-LED-WR120-G2 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters “dir” and “path” in...

AVideo: Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php

Summary The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesystem paths, remote server URLs, and SSH connection metadata. Details...

PT-2026-30336

Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without authentication. Other endpoints in the CloneSite plugin directory enforce User::isAdmin. The log contains...

SUSE CVE-2026-23465

In the Linux kernel, the following vulnerability has been resolved: btrfs: log new dentries when logging parent dir of a conflicting inode If we log the parent directory of a conflicting inode, we are not logging the new dentries of the directory, so when we finish we have the parent directory's...

SUSE CVE-2026-34763

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Directory interpolates the configured root path directly into a regular expression when deriving the displayed directory path. If root contains regex metacharacters such as +, , or ., the prefix...

CVE-2026-23465

A flaw was found in the Linux kernel's btrfs filesystem. This vulnerability occurs when the system attempts to log the parent directory of a conflicting inode, failing to properly record new directory entries. Consequently, if a power failure happens after a file system synchronization fsync...

CVE-2026-5327

A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the put function. An attacker can write arbitrary files to any location on the filesystem by sending crafted HTTP PUT requests with specially constructed paths that traverse directories. PoC !/usr/bin/env bash...

OpenClaw: Sandbox escape via TOCTOU race in remote FS bridge readFile

Summary Sandbox escape via TOCTOU race in remote FS bridge readFile Current Maintainer Triage - Normalized severity: critical - Assessment: v2026.3.28 remote sandbox reads still do path-check then separate file read, so the TOCTOU sandbox escape remains present in the latest shipped tag. Affected...

GHSA-9P3R-HH9G-5CMG OpenClaw: Sandbox escape via TOCTOU race in remote FS bridge readFile

Summary Sandbox escape via TOCTOU race in remote FS bridge readFile Current Maintainer Triage - Normalized severity: critical - Assessment: v2026.3.28 remote sandbox reads still do path-check then separate file read, so the TOCTOU sandbox escape remains present in the latest shipped tag. Affected...

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in the readFile process of the remote file system bridge due to a time-of-check to time-of-use TOCTOU race condition. An attacker can gain...

ROS-20260403-73-0036

A vulnerability in the fs/ext4/inline.c component of the Linux operating system kernel is related to insufficient input data validation. Exploitation of the vulnerability allows an attacker to cause a denial of service...

GHSA-7MQQ-6CF9-V2QP Rack has a root directory disclosure via unescaped regex interpolation in Rack::Directory

Summary Rack::Directory interpolates the configured root path directly into a regular expression when deriving the displayed directory path. If root contains regex metacharacters such as +, , or ., the prefix stripping can fail and the generated directory listing may expose the full filesystem pa...