Lucene search
+L

704 matches found

OSV
OSV
added 2026/07/10 9:30 a.m.2 views

OPENSUSE-SU-2026:21295-1 Security update for yelp

This update for yelp fixes the following issue - CVE-2026-13601: overly permissive Content Security Policy allows host file disclosure via Flatpak applications bsc1269625...

7.1CVSS6.1AI score0.0012EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/07/10 3:11 a.m.4 views

SUSE CVE-2026-59946

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a Composer package bin entry containing .. path segments can resolve outside the package install directory and cause Composer's binary installation flow to chmod an existing host file to a world-readable and...

5.5CVSS6.1AI score0.00136EPSS
Exploits0References3
NVD
NVD
added 2026/07/10 12:16 a.m.6 views

CVE-2026-50180

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.64.0, SQLChatAgent in langroid ships a validatequery defense-in-depth layer whose DANGEROUSSQLPATTERNS regex blocklist enumerates dangerous SQL primitives by specific function name. The list misses...

8.7CVSS0.00686EPSS
Exploits0References2
OSV
OSV
added 2026/07/09 4:16 p.m.5 views

ALPINE-CVE-2026-23562

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS6.2AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 2026/07/08 9:16 p.m.4 views

UBUNTU-CVE-2026-58494

Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination preopens, allowing a WASI guest with a read-only source file capability to overwrite...

6.5CVSS6.1AI score0.00119EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/07/08 8:22 p.m.34 views

CVE-2026-58494 Wasmtime: WASI hard links bypass wasmtime-wasi's FilePerms for destination

Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination preopens, allowing a WASI guest with a read-only source file capability to overwrite...

6.5CVSS0.00119EPSS
Exploits0References9
EUVD
EUVD
added 2026/07/08 8:9 p.m.6 views

EUVD-2026-42345

HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into a container even when volume bind mounts are disabled, potentially leading to reading and writing files on the host. This vulnerability,...

8.7CVSS6AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2026/07/08 8:9 p.m.16 views

CVE-2026-14891

HashiCorp Nomad and Nomad Enterprise are affected by a sandbox escape in the Docker task driver that can allow a job submitter to bind-mount a host path into a container, potentially enabling reading/writing host files even when volume bind mounts are disabled. Affected versions include Nomad Com...

8.7CVSS6AI score0.00316EPSS
Exploits0References1
OSV
OSV
added 2026/07/08 7:32 p.m.4 views

CVE-2026-59946 Composer: Path traversal in package bin field lets dependencies chmod arbitrary host files

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a Composer package bin entry containing .. path segments can resolve outside the package install directory and cause Composer's binary installation flow to chmod an existing host file to a world-readable and...

6.1CVSS6.1AI score0.00136EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.12 views

PT-2026-56556

Name of the Vulnerable Software and Affected Versions Nomad Community Edition versions prior to 2.0.4 Nomad Enterprise versions prior to 2.0.4 Nomad Enterprise versions prior to 1.11.8 Nomad Enterprise versions prior to 1.10.14 Description A sandbox escape exists in the Docker task driver. This...

8.7CVSS6.1AI score0.00316EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 3:45 a.m.7 views

flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. The caching mechanism for ld.so dynamic linker/loader improperly removes outdated cache files without adequately verifying that the application-controlled path to the outdated cache is within the designated...

8.7CVSS7.1AI score0.00323EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 3:45 a.m.6 views

flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. A malicious application could exploit this by using specially crafted symlinks within the sandbox-expose options of the Flatpak portal. This allows the application to access arbitrary host files and potentiall...

10CVSS7.7AI score0.0168EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 9:30 p.m.10 views

Security Bulletin: Nomad vulnerable to arbitrary file read/write on client host through symlink attack

Summary HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11. Vulnerability Details CVEID:CVE-2026-695...

6CVSS5.9AI score0.00169EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/07/01 7:16 p.m.11 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 6:10 p.m.40 views

CVE-2026-53489 containerd: Arbitrary host CRI log file read via symlink following in CRI checkpoint restore

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS0.00208EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/07/01 6:10 p.m.10 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS5.9AI score0.00208EPSS
Exploits0
CVE
CVE
added 2026/07/01 6:10 p.m.55 views

CVE-2026-53489

CVE-2026-53489 affects containerd CRI: when checkpoint restore occurs, the CRI plugin may read a host file by following a symlink for container.log. Vulnerable versions are prior to 2.3.2, 2.2.5 and 2.1.9. Impact described as arbitrary host file read via kubectl logs, with LOCAL attack potential ...

8.2CVSS5.9AI score0.00208EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 6:10 p.m.8 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS5.9AI score0.00208EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/01 6:10 p.m.3 views

CVE-2026-53489 containerd: Arbitrary host CRI log file read via symlink following in CRI checkpoint restore

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS6AI score0.00208EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/07/01 6:10 p.m.10 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS5.9AI score0.00208EPSS
Exploits0
Rows per page
Query Builder