CVE-2025-67364

CVE-2025-67364 concerns fast-filesystem-mcp 3.4.0, where a path traversal flaw arises in file tools (e.g., fast_read_file) due to improper path validation that fails to resolve symlinks. The safePath/isPathAllowed logic uses path.resolve(), which does not handle symlinks, allowing attackers to pl...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000377)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000377 advisory. A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000392 advisory. A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing...

fast-filesystem-mcp 安全漏洞

fast-filesystem-mcp is a Model Context Protocol server by the individual developer efforthye. A security vulnerability exists in fast-filesystem-mcp version 3.4.0, which stems from improper path validation and an inability to resolve symbolic links, which could lead to bypassing directory access...

CVE-2025-59156

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

CVE-2025-59156

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

CVE-2025-59156 Coolify has Docker Compose Injection issue

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

CVE-2025-59156 Coolify has Docker Compose Injection issue

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

EUVD-2025-206241

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

CVE-2025-59156 Coolify has Docker Compose Injection issue

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

Linux Distros Unpatched Vulnerability : CVE-2023-54248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Add check for kmemdup Since the kmemdup may return NULL pointer, it should be better to add check for the return value in order to avoid NULL pointer...

Linux Distros Unpatched Vulnerability : CVE-2023-54264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/sysv: Null check to prevent null-ptr-deref bug sbgetblkinode-isb, parent return a null ptr and taking lock on that leads to the null-ptr-deref bug...

PT-2026-1312

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.420.7 Description Coolify is a self-hostable tool for managing servers, applications, and databases. A Remote Code Execution RCE issue exists in the application deployment workflow. A low-privileged member...

MCP-SandboxScan: WASM-Based Secure Execution and Runtime Analysis for MCP Tools

Tool-augmented LLM agents raise new security risks: tool executions can introduce runtime-only behaviors, including prompt injection and unintended exposure of external inputs e.g., environment secrets or local files. While existing scanners often focus on static artifacts, analyzing runtime...

CVE-2025-48769

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

CVE-2025-48769

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

CVE-2025-48768

Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...

CVE-2025-48768

Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...

CVE-2025-48769

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

CVE-2025-48769 Apache NuttX RTOS: fs/vfs/fs_rename: use after free

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...