Lucene search
K

31975 matches found

OSV
OSV
added 6 days ago4 views

UBUNTU-CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40087

attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory hierarchy traversal. Attackers who control a pathname component ca...

8.4CVSS5.9AI score0.00136EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References4
CVE
CVE
added 6 days ago15 views

CVE-2026-54369

The CVE-2026-54369 entry concerns acl before version 2.4.0, where a symlink traversal vulnerability exists in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file(). The underlying issue allows a local attacker to escalate privileges by ...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References7
CVE
CVE
added 6 days ago15 views

CVE-2026-22078

CVE-2026-22078 concerns O+ Connect where an unauthenticated IPC service allows a local attacker to escalate privileges via the IPC channel. The root cause is lack of client authentication on the IPC interface, enabling external applications to perform sensitive actions with elevated privileges. T...

7.3CVSS5.8AI score0.00089EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-22078 O+ Connect's lack of authentication for IPC channels led to a local privilege escalation vulnerability.

Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...

7.3CVSS0.00089EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 6 days ago10 views

PT-2026-53272

Name of the Vulnerable Software and Affected Versions acl versions prior to 2.4.0 Description A symlink traversal issue exists in pathname-based functions. Local attackers can escalate privileges by replacing a pathname component with a symbolic link. If an attacker controls any part of a pathnam...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-57919

PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe \.\pipe\PBackupVSS with a DACL that grants GENERICREAD and GENERICWRITE permissions to all authenticated users. A low-privileged local attacker can connect to this pipe and send crafted IPC messages to trigge...

7.8CVSS6.1AI score0.00125EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-53274

Name of the Vulnerable Software and Affected Versions attr versions prior to 2.6.0 Description A flaw in the attr component, specifically within the getfattr and setfattr utilities, allows a local attacker to perform a symlink traversal attack. By replacing a pathname component with a symbolic li...

8.4CVSS6AI score0.00136EPSS
Exploits0References8
NVD
NVD
added 2026/06/27 10:16 a.m.10 views

CVE-2026-49416

The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An...

7.8CVSS0.00107EPSS
Exploits0References1
CVE
CVE
added 2026/06/27 9:25 a.m.38 views

CVE-2026-49416

The CVE-2026-49416 issue affects FreeBSD vt(4) CONS_HISTORY: the ioctl handler validates the requested history size, but large values trigger an integer overflow in the buffer size calculation, causing a smaller heap allocation and an out-of-bounds write on initialization. This can enable an unpr...

7.8CVSS6AI score0.00107EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/27 9:2 a.m.42 views

CVE-2026-49412 Use-after-free bug in the IPV6_MSFILTER socket option handler

The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed memory. An unprivileged...

0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/06/27 9:2 a.m.26 views

CVE-2026-49412

The CVE-2026-49412 issue affects FreeBSD’s IPv6_MSFILTER in the kernel: the handler drops a serializing lock to copy the source-filter list and later reacquires it, creating a window where another thread can free the multicast filter structure and leave a stale pointer. This use-after-free enable...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/27 8:48 a.m.37 views

CVE-2026-49417 Multiple vulnerabilities in the sound(4) mmap path

Second, the audio buffer backing a mapping could be freed when the device was closed even though the mapping remained valid. The freed memory could then be reused elsewhere while still accessible through the stale mapping. The /dev/dsp device nodes are world-accessible by default. On a system wit...

0.00125EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/27 3:5 a.m.11 views

CVE-2026-53185

A flaw was found in the Linux kernel, specifically within the zram module. This vulnerability is a use-after-free error, where the system attempts to use a piece of memory after it has been freed. This occurs when the zrambvecwritepartial function allows an asynchronous read to write into a page...

7.8CVSS6AI score0.00099EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.11 views

PT-2026-53063

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where the audio buffer backing a mapping could be freed upon closing the device while the mapping remains valid. This allows the freed memory to ...

7CVSS6.1AI score0.00125EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 9:16 p.m.10 views

CVE-2026-46710

Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the...

7.8CVSS0.00108EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 3:16 p.m.8 views

CVE-2026-45257

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through non-anonymous MEXTPG pages or...

7.8CVSS0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 1:3 a.m.5 views

CVE-2026-53200

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64 architectures. This vulnerability arises from incorrect handling of the Execute Never XN bit, a memory protection feature, when the FEATXNX feature is not enabled. This error can lead to execute permissions being...

8.8CVSS6.2AI score0.00129EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/25 4:53 p.m.4 views

Insecure Temporary File

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Insecure Temporary File via the...

6.1CVSS6AI score0.00149EPSS
Exploits0References3
Rows per page
Query Builder