CVE-2026-44343

WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...

Portainer 安全漏洞

Portainer is a lightweight user management interface developed by Portainer, open source, for managing Docker environments and Docker hosts. There is a security vulnerability in Portainer. This vulnerability stems from insecure default settings that grant regular users access to the host’s file...

Local Path Provisioner 安全漏洞

Local Path Provisioner is a Kubernetes local storage dynamic provisioning tool developed by Rancher. Versions of Local Path Provisioner prior to 0.0.36 contained security vulnerabilities. These vulnerabilities stemmed from insufficient validation of the helperPod.yaml template. Malicious users...

CVE-2026-44343

WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...

CVE-2026-44343

WGDashboard (WireGuard VPN dashboard) contains a critical vulnerability prior to version 4.3.2 that could allow unauthenticated parties to access the host filesystem. The root cause details are not provided beyond the high‑level impact in the CVE record, and exploitation details are not disclosed...

CVE-2026-44343

WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...

CVE-2026-44343 WGDashboard: Critical Vulnerability in 4.3.2

WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...

EUVD-2026-29732

WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...

PT-2026-40268

WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...

WGDashboard 输入验证错误漏洞

WGDashboard is an open-source configuration and monitoring tool for WireGuard developed by WG. Versions of WGDashboard prior to 4.3.2 contained a vulnerability related to input validation, which allowed unauthorized attackers to access the host’s file system...

Casdoor 安全漏洞

Casdoor is an open-source platform developed by Casdoor, which supports various authentication and authorization protocols. There is a security vulnerability in Casdoor, caused by insufficient path cleaning. This vulnerability could allow authenticated attackers with administrator privileges to...

CVE-2026-34079

Flatpak (Linux application sandboxing) before version 1.16.4 had a flaw in ld.so cache cleanup: it could delete arbitrary files on the host if the app-controlled path to outdated cache wasn't properly verified within the cache directory. The vulnerability is fixed in 1.16.4. Impact is described a...

EUVD-2016-10406

Malware in sbrugna...

EUVD-2017-14632

Malware in sbrugna...

EUVD-2024-3083

Malicious code in bioql PyPI...

EUVD-2024-3026

Malicious code in bioql PyPI...

Sensitive Information Disclosure

local-deep-research is vulnerable to Sensitive Information Disclosure. The vulnerability is due to insecure local storage because confidential data API keys, etc. are kept in an unencrypted SQLite database with a fixed, non-configurable location, allowing anyone with container or host filesystem...

Containerd 2.1.x < 2.1.1 TOCTOU

The version of Containerd on the remote host is 2.1.x prior to 2.1.1. It is, therefore, affected by a vulnerability. A time-of-check to time-of-use TOCTOU vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could...

CVE-2025-47290

containerd is a container runtime. A time-of-check to time-of-use TOCTOU vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0...

containerd allows host filesystem access on pull

Impact A time-of-check to time-of-use TOCTOU vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. Patches This bug has been fixed in the following containerd versions: 2.1.1 T...