Note Mark 授权问题漏洞

Note Mark is a web-based Markdown note-taking application developed by Leo Spratt. Versions of Note Mark prior to 0.19.3 had an authorization issue vulnerability. This vulnerability stemmed from the fact that notes and uploaded assets could still be accessed after public books were soft-deleted,...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-140.10.1esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...

Fedora 43 : dotnet8.0 (2026-a1302c450c)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a1302c450c advisory. Update to .NET SDK 8.0.126 and Runtime 8.0.26 Fixes: CVE-2026-26171, CVE-2026-32178, CVE-2026-32203, CVE-2026-33116 Release Notes: - SDK:...

Important: firefox

Issue Overview: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

CVE-2026-7212

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

CLSA-2026-1777453233 Fix CVE(s): CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945

OpenJDK 11.0.30 release, build 7. - CVE-2026-21925: Improve JMX connections - CVE-2026-21932: Enhance handling of URIs AWT/JavaFX - CVE-2026-21933: Improve HttpServer request handling - CVE-2026-21945: Enhance certificate checking - Release notes:...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.29 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.29 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

Linux Distros Unpatched Vulnerability : CVE-2025-6016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have...

Linux Distros Unpatched Vulnerability : CVE-2026-6941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 prior to 6.1.4 contains a path traversal vulnerability in its project notes handling that allows attackers to read or write files outside the configured...

GHSA-VC5J-42HH-J3MR notes-mcp has a Path Traversal issue

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

notes-mcp has a Path Traversal issue

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

Directory Traversal

Overview notes-mcp is a MCP for managing markdown notes with YAML frontmatter Affected versions of this package are vulnerable to Directory Traversal via the rootdir or path arguments in the notesmcp.py process. An attacker can access or modify files outside the intended directory by supplying...

CVE-2026-7212

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

CVE-2026-7212 edvardlindelof notes-mcp notes_mcp.py path traversal

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

CVE-2026-7212 edvardlindelof notes-mcp notes_mcp.py path traversal

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

EUVD-2026-25965

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

CVE-2026-7212

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

CVE-2026-7212

CVE-2026-7212 affects the edvardlindelof notes-mcp project up to version 0.1.4, specifically via an issue in the notes_mcp.py file where manipulation of the arguments root_dir or path enables a path traversal vulnerability. The vulnerability is exploitable remotely and, according to the provided ...

PT-2026-35585

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes mcp.py. The manipulation of the argument root dir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...