Lucene search
K

1400 matches found

Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.10 views

PT-2026-20920

Name of the Vulnerable Software and Affected Versions Penpot versions prior to 2.13.2 Description Penpot is an open-source design and code collaboration tool. An authenticated user with team edit permissions can read arbitrary files from the server. This is achieved by providing a local file path...

7.5CVSS5.5AI score0.00437EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/02/18 8:42 a.m.1 views

nodejs: Nodejs file permissions bypass

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

9.1CVSS7.5AI score0.01633EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2026/02/17 9:33 a.m.5 views

nodejs: Nodejs file permissions bypass

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

9.1CVSS5.9AI score0.01633EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2026/02/17 9:32 a.m.3 views

nodejs: Nodejs file permissions bypass

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

9.1CVSS5.9AI score0.01633EPSS
Exploits2References5
Rapid7 Blog
Rapid7 Blog
added 2026/02/10 6:0 p.m.11 views

Measuring AI Security: Separating Signal from Panic

The conversation around AI security is full of anxiety. Every week, new headlines warn of jailbreaks, prompt injection, agents gone rogue, and the rise of LLM-enabled cybercrime. It’s easy to come away with the impression that AI is fundamentally uncontrollable and dangerous, and therefore...

6.7AI score
Exploits0
EUVD
EUVD
added 2026/01/21 10:8 p.m.6 views

EUVD-2026-4142

Copier safe template has arbitrary filesystem read access via symlinks when preservesymlinks: false...

6.8CVSS5.6AI score0.002EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/01/21 10:8 p.m.11 views

Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false

Impact Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently include arbitrary files/directories outsid...

6.8CVSS5.7AI score0.002EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/19 12:27 p.m.10 views

CVE-2026-23742

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...

8.8CVSS5.5AI score0.00473EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/01/16 8:7 p.m.2 views

CVE-2026-23742

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...

8.8CVSS5.5AI score0.00473EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/16 8:7 p.m.5 views

CVE-2026-23742 Skipper arbitrary code execution through lua filters

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...

8.8CVSS6.3AI score0.00473EPSS
Exploits1References3
NVD
NVD
added 2026/01/15 1:16 p.m.7 views

CVE-2026-22907

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data...

9.9CVSS0.00406EPSS
Exploits0References6
Snyk
Snyk
added 2026/01/13 11:50 p.m.5 views

Protection Mechanism Failure

Overview enclave-vm is a Sandbox runtime for secure JavaScript code execution Affected versions of this package are vulnerable to Protection Mechanism Failure via the exposure of a host-side Error object to sandboxed code, which retains its host realm prototype chain. An attacker can intentionall...

10CVSS7.1AI score0.00588EPSS
Exploits3References2
OSV
OSV
added 2026/01/13 11:11 p.m.4 views

CVE-2026-22686 Sandbox Escape via Host Error Prototype Chain in enclave-vm

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical sandbox escape vulnerability in enclave-vm that allows untrusted, sandboxed JavaScript code to execute arbitrary code in the host Node.js runtime. When a tool invocation fails,...

10CVSS7.9AI score0.00588EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.9 views

PT-2026-2792

Name of the Vulnerable Software and Affected Versions Enclave versions prior to 2.7.0 Description Enclave is a secure JavaScript sandbox used for safe AI agent code execution. A critical sandbox escape issue exists in enclave-vm, allowing untrusted JavaScript code to execute arbitrary code in the...

10CVSS7.7AI score0.00588EPSS
Exploits3References11
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.12 views

CVE-2023-31046

A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server's filesystem, because requests beginning with "GET /ui/static/..//.." reach...

6.5CVSS6.7AI score0.01493EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:31 a.m.9 views

CVE-2019-16176

A path disclosure vulnerability was found in Limesurvey before 3.17.14 that allows a remote attacker to discover the path to the application in the filesystem...

5.3CVSS6.8AI score0.01591EPSS
Exploits0References1
NVD
NVD
added 2026/01/05 6:15 p.m.8 views

CVE-2025-59156

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

9.4CVSS0.00949EPSS
Exploits1References1
OSV
OSV
added 2026/01/05 5:39 p.m.5 views

CVE-2025-59156 Coolify has Docker Compose Injection issue

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

9.4CVSS7.5AI score0.00949EPSS
Exploits1References3
Veracode
Veracode
added 2025/12/23 11:21 a.m.8 views

Sensitive Information Disclosure

Jenkins is vulnerable to Sensitive Information Disclosure. The vulnerability is due to build authorization tokens being stored unencrypted in job configuration files, which allows an attacker with extended read permissions or file system access to view and misuse these credentials...

4.3CVSS6.7AI score0.00153EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2025/12/13 4:43 a.m.11 views

Insertion Of Sensitive Information

Jenkins Kryptowire Plugin is vulnerable to insertion of sensitive information. The vulnerability is due to storing the Kryptowire API key in an unencrypted global configuration file, which allows an attacker with access to the Jenkins controller file system to retrieve the API key...

6.5CVSS5.8AI score0.00259EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder