Lucene search
K

872 matches found

OSV
OSV
added 2026/05/02 1:10 a.m.9 views

CLSA-2026-1777544655 rsync: Fix of 2 CVEs

CVE-2024-12086: prevent server from reading arbitrary client files via path traversal - CVE-2025-10158: fix invalid access to files array in sender - Add upstream stability fix RsyncProject/rsync PR 706: use-after-free in generator - Enable Amazon Linux 2 ELS...

6.8CVSS5.9AI score0.01761EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/30 9:29 p.m.33 views

CVE-2026-7551 HKUDS OpenHarness Remote Command Execution via /bridge Slash Command

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...

8.8CVSS0.00649EPSS
Exploits1References3
Snyk
Snyk
added 2026/04/30 9:3 p.m.4 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization inconsistent permission checks for pages.access, pages.list, files.access, and files.list in the Panel and REST API. An attacker can gain unauthorized access to content or sensitive information by exploiting...

7.1CVSS5.8AI score0.00303EPSS
Exploits0References3
OSV
OSV
added 2026/04/30 9:3 p.m.14 views

GHSA-85X2-R8XV-WW8C Kirby CMS's `pages.access/list` and `files.access/list` permissions are not consistently checked in the Panel and REST API

TL;DR This vulnerability affects all Kirby sites where users of a particular role have no permission to access or list pages or files pages.access, pages.list, files.access or files.list permission is disabled. This can be due to configuration in the user blueprints, via options in the model...

7.1CVSS5.7AI score0.00303EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/30 9:3 p.m.9 views

Kirby CMS's `pages.access/list` and `files.access/list` permissions are not consistently checked in the Panel and REST API

TL;DR This vulnerability affects all Kirby sites where users of a particular role have no permission to access or list pages or files pages.access, pages.list, files.access or files.list permission is disabled. This can be due to configuration in the user blueprints, via options in the model...

7.1CVSS5.3AI score0.00303EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

OpenClaw 路径遍历漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had a path traversal vulnerability. This vulnerability stemmed from ACP scheduling involving path traversal, which could allow attackers to read arbitrary files by manipulati...

7.1CVSS5.9AI score0.00417EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/27 5:22 p.m.5 views

Placement of User into Incorrect Group

Overview github.com/ubuntu/authd/internal/users is an authentication daemon for external Broker Affected versions of this package are vulnerable to Placement of User into Incorrect Group in the process responsible for assigning primary group IDs when a user's primary group ID differs from their...

7.3CVSS5.8AI score0.0011EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/24 6:56 p.m.19 views

EUVD-2026-25626

SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026-30869 only added a denylist check IsSensitivePath but did not address the root cause — a redundant url.PathUnescape call in serveExport. An authenticated attacker can use double URL encoding...

9.8CVSS5.6AI score0.01028EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/20 1:55 p.m.4 views

CVE-2026-34428 Vvveb < 1.0.8.1 SSRF via oEmbedProxy

Vvveb prior to 1.0.8.1 contains a server-side request forgery vulnerability in the oEmbedProxy action of the editor/editor module where the url parameter is passed directly to getUrl via curl without scheme or destination validation. Authenticated backend users can supply file:// URLs to read...

8.3CVSS5.9AI score0.00256EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/17 6:31 p.m.4 views

EUVD-2026-23446

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory and files. This is caused by improper handling of GPU memory reservation protections...

7.3CVSS5.7AI score0.00099EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/16 6:31 p.m.5 views

Incorrect Authorization

Overview silverstripe/assets is an asset module required component of SilverStripe Framework. Affected versions of this package are vulnerable to Incorrect Authorization via the DBFile::getURL process. An attacker can gain unauthorized access to protected files by exploiting the way access grants...

6.9CVSS5.6AI score0.00398EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/16 9:39 a.m.6 views

CVE-2024-8010

The component accepts XML input through the publisher without disabling external entity resolution. This allows malicious actors to submit a crafted XML payload that exploits the unescaped external entity references. By leveraging this vulnerability, a malicious actor can read confidential files...

3.5CVSS5.8AI score0.00273EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.7 views

PT-2026-33196

OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can manipulate the path input parameter to escape the project...

7.1CVSS5.9AI score0.00414EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/09 5:1 p.m.3 views

CVE-2026-39981 AGiXT has a Path Traversal in safe_join()

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or...

8.8CVSS5.9AI score0.01318EPSS
Exploits1References3
Snyk
Snyk
added 2026/04/08 3:3 p.m.7 views

UNIX Symbolic Link (Symlink) Following

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following through the include, render, and layout directories, when symlinks are placed within a trusted...

8.2CVSS5.8AI score0.00396EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/08 12:4 a.m.3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the Matches function due to improper use of strings.HasPrefix for path matching without ensuring a directory boundary. An attacker can gain unauthorized access to files in directories with names that share a commo...

7.5CVSS6.4AI score0.00392EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31280

Summary A path handling inconsistency in serveStatic allows protected static files to be accessed by using repeated slashes // in the request path. When route-based middleware e.g., /admin/ is used for authorization, the router may not match paths containing repeated slashes, while serveStatic...

5.3CVSS5.9AI score0.00376EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/04/07 10:16 p.m.5 views

CVE-2026-34078

Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access ...

10CVSS6.5AI score0.0168EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/07 7:12 p.m.5 views

CVE-2026-39364

Vite is a frontend tooling framework for JavaScript. From 7.1.0 to before 7.3.2 and 8.0.5, on the Vite dev server, files that should be blocked by server.fs.deny e.g., .env, .crt can be retrieved with HTTP 200 responses when query parameters such as ?raw, ?import&raw, or ?import&url&inline are...

8.2CVSS5.9AI score0.02095EPSS
Exploits1References3Affected Software2
CVE
CVE
added 2026/04/07 7:12 p.m.27 views

CVE-2026-39364

CVE-2026-39364 affects the Vite dev server. Vulnerable versions include Vite 7.1.0 through 7.3.1 and 8.0.0 through 8.0.4; on those, files that should be blocked by server.fs.deny (e.g., .env, *.crt) could be retrieved via HTTP 200 when requesting with certain query params (?raw, ?import&raw, or ?...

8.2CVSS5.9AI score0.02095EPSS
Exploits1References5Affected Software2
Rows per page
Query Builder