1084 matches found
CVE-2026-55878
Symfony UX is a JavaScript ecosystem for Symfony. From 2.32.0 before 2.36.1 and from 3.0.0 before 3.2.0, the ux:install console command installs files from a recipe kit by copying paths listed in a copy-files map, and because Path::isRelative accepts paths like ../../../etc, a crafted or...
CVE-2026-59819
LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.83.10-stable, LiteLLM's /health/testconnection endpoint resolved request-supplied environment and OIDC file references in litellmparams, allowing a proxy administrator or another privileged caller with...
Server-side Request Forgery (SSRF)
Overview repomix is an A tool to pack repository contents to single file for AI consumption Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the processRemoteRepo path in POST /api/pack and its repository URL handling before git clone. An attacker can...
CVE-2026-57259
The input file does not need to be strictly in a structurally valid PDF format. Instead, after reviewing the content, the original document disguised as a PDF will be sent to the parser. Malicious documents will construct malicious external entities that, through the protocol, point to local path...
CVE-2026-57259 Foxit PDF Editor/Reader XDP XFA XXE arbitrary local file read
The input file does not need to be strictly in a structurally valid PDF format. Instead, after reviewing the content, the original document disguised as a PDF will be sent to the parser. Malicious documents will construct malicious external entities that, through the protocol, point to local path...
EUVD-2026-42197
The input file does not need to be strictly in a structurally valid PDF format. Instead, after reviewing the content, the original document disguised as a PDF will be sent to the parser. Malicious documents will construct malicious external entities that, through the protocol, point to local path...
CVE-2026-57259
Technical details about CVE-2026-57259 are not publicly available in the provided documents; no product/version/root-cause information is present here. Monitor for updates.
PT-2026-56358
Name of the Vulnerable Software and Affected Versions Foxit Reader affected versions not specified Description An XML External Entity XXE issue exists where the application processes files that are not strictly in a structurally valid PDF format. By opening a malicious document disguised as a PDF...
Cross-site Request Forgery (CSRF)
Overview webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the open-editor and invalidate endpoints. An attacker can open...
CVE-2026-14620 webpack-dev-server vulnerable to cross-site request forgery via internal developer endpoints
webpack-dev-server versions 5.2.5 and earlier expose two internal developer endpoints, /webpack-dev-server/open-editor and /webpack-dev-server/invalidate, that perform state-changing actions on any GET request without verifying that the request originated from the dev server's own page. Any websi...
CVE-2026-14620
webpack-dev-server prior to 5.2.6 exposes two internal endpoints (/webpack-dev-server/open-editor and /webpack-dev-server/invalidate) that perform state-changing actions on any GET request without origin verification. This enables cross-origin interactions when a user visits any website while the...
CVE-2026-14620 webpack-dev-server vulnerable to cross-site request forgery via internal developer endpoints
webpack-dev-server versions 5.2.5 and earlier expose two internal developer endpoints, /webpack-dev-server/open-editor and /webpack-dev-server/invalidate, that perform state-changing actions on any GET request without verifying that the request originated from the dev server's own page. Any websi...
CVE-2026-47214
A flaw was found in Docling, a document processing tool. Its HTML backend contained vulnerabilities related to unsafe handling of Uniform Resource Identifiers URIs and file paths. This could allow an attacker to access local files, navigate outside of intended directories path traversal, and...
PT-2026-53311
Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper restriction of file path resolution allows arbitrary local file content to be read and transmitted to Snowflake services. An attacker can exploit this by providing crafted repository or...
CVE-2026-45807
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...
CVE-2026-48704
Warp is an agentic development environment. From 0.2023.10.24.08.03.stable00 until 0.2026.05.06.15.42.stable01, Warp may open executable local files through the operating system default file handler. A malicious Markdown document or project can contain a local-file link that appears as normal...
XML External Entity (XXE) Injection
Overview org.jenkins-ci.plugins:assembla is a plugin that integrates Jenkins with Assembla tickets during SCM update / Build. Affected versions of this package are vulnerable to XML External Entity XXE Injection via the XML parser. An attacker can extract sensitive information from the server or...
Astra Linux – Vulnerability in qBittTorrent
qBittorrent versions before 5.1.2 do not prevent access to a local file that is referenced in a link URL. This issue affects rsswidget.cpp and searchjobwidget.cpp...
CVE-2026-49465 n8n: Git Node Clone and Push Operations Bypass File Sandbox
n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authenticated user with permission to create or modify workflows could supply a local filesystem path as the source repository in the Git node's Clone operation, or as the target repository in the Push...
CVE-2026-56274
Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...