Lucene search
K

4 matches found

OSV
OSV
added 3 days ago5 views

PYSEC-2026-544 MCP-for-Stata: Command injection via log_file_name parameter in Stata command wrapper

Summary The logfilename parameter in the statado API and CLI is directly interpolated into a Stata command string without sanitization. The security guard GuardValidator only scans the do-file content but does not validate this parameter. An attacker can inject arbitrary Stata commands including...

9.3CVSS6AI score0.00629EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:55 a.m.8 views

CVE-2026-40861

A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a taskid containing .. sequences accepted by the Task SDK's KEYREGEX write-path attack, and...

5.9AI score0.00665EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/27 9:54 p.m.13 views

CVE-2026-46402 Microsoft UFO uses untrusted task_name in log paths, allowing authenticated path traversal and log file creation outside the logs directory

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled taskname value directly when constructing session log paths. An authenticated client can supply path traversal sequences in taskname and cause...

8.1CVSS5.8AI score0.00674EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:54 p.m.33 views

CVE-2026-46402

Microsoft UFO (open-source framework) 3.0.1-4-ge2626659 exposes a path traversal risk by using the user-controlled task_name when building session log paths, enabling an authenticated client to create log directories/files outside the intended logs/ directory. This can impact integrity and availa...

8.1CVSS5.8AI score0.00674EPSS
Exploits0References1
Rows per page
Query Builder