378 matches found
Rancher has Privilege Escalation from Project Owner to Host
Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...
CVE-2026-34597
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticated Host Remote Code Execution RCE vulnerability was discovered in Coolify. The flaw resides in the handling of user-defined build parameters for the...
CVE-2026-41052 Rancher Privilege Escalation from Project Owner to Host
Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10...
EUVD-2026-39806
Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, or ; - can break out of the Docker container and...
CVE-2026-55599
phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...
Arbitrary host CRI log file read via symlink following in CRI checkpoint restore
Impact A bug was found in containerd where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. Patches This bug has been fixed in the following containerd versions: 2.3.2...
GHSA-R2XF-7JW5-PJG6 Docker MCP Gateway: Argument injection via OCI image label YAML
Summary A maliciously crafted OCI image label can inject arbitrary arguments into the docker run command line constructed by the MCP Gateway. An attacker who controls an image that the victim references via docker://, or that the victim's catalog pulls a snapshot from, can mount the host...
CVE-2026-46873
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2024-38487
api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions...
CVE-2024-38487
api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions...
CVE-2024-38487
CVE-2024-38487 describes a vulnerability where an api-gateway container running with root privileges could escape the container and access the host system. Affected configuration: containerized api-gateway with root-level execution; root privileges combined with local attack vector enable host ac...
CVE-2026-12161
CVE-2026-12161 affects Devolutions Remote Desktop Manager 2026.2.7. The flaw is in the SSH Elevate Shell feature, where improper input validation allows an authenticated user (with permission to create/modify a shared SSH entry) to run arbitrary commands on a remote SSH host using stored elevatio...
CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration
Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the application starts...
CVE-2026-48858
The CVE-2026-48858 entry describes a Server-Side Request Forgery (SSRF) flaw in Erlang/OTP ftp’s PASV path: the ftp_internal PASV handler accepts the server’s 227 response IP and passes it to gen_tcp:connect without validating it against the control connection peer, unlike EPSV handlers. This ena...
flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options
A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. A malicious application could exploit this by using specially crafted symlinks within the sandbox-expose options of the Flatpak portal. This allows the application to access arbitrary host files and potentiall...
Fission 安全漏洞
Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.24.0 contained security vulnerabilities. These vulnerabilities stemmed from tenants with permissions to execute privileged/allowed-privileged/hazardous containers, under the account with hi...
BerriAI LiteLLM Command Injection Vulnerability
BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host...
CVE-2026-42271
A flaw was found in LiteLLM, a proxy server AI Gateway for Large Language Model LLM APIs. Two endpoints, used for previewing an MCP server before saving it, accepted a full server configuration including command execution parameters. An authenticated user, even with low-privilege internal-user...
CVE-2026-45744
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/filemanager/ssh/resolvePath endpoint in Termix is vulnerable to OS command injection. The endpoint uses double-quote escaping for shell command...
CVE-2026-45743
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do not verify that the requesting user owns the SSH session identified by sessionId. An authenticated attacker who knows or...