NPM: vm2 NodeVM `nesting: true` bypasses `require: false` allowing sandbox escape and arbitrary OS command execution

NPM: vm2 NodeVM nesting: true bypasses require: false allowing sandbox escape and arbitrary OS command execution vulnerability discovered by ? in WordPress Npm vm2 versions = 3.11.0...

GHSA-F2WH-GRMH-R6JM vulnerabilities

Vulnerabilities for packages: apache-hop, apache-hop-fips, jenkins, apache-nifi...

CVE-2025-63705

The CVE-2025-63705 entry concerns the NPM package node-ts-ocr version 1.0.15, with a reported OS Command Injection via the invokeImageOcr function in src/index.js. The vulnerability is described as enabling arbitrary command execution with a network attack vector, as indicated by the CVSS 3.1 met...

open-notebook 安全漏洞

Open-Notebook is a privacy-oriented multi-model AI note-taking tool developed by Luis Novo. Version 1.8.3 of Open-Notebook contains a security vulnerability. This vulnerability stems from a lack of input validation, which may allow users to execute Python code and operating system commands on...

CVE-2025-63705

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...

PT-2026-38418

Name of the Vulnerable Software and Affected Versions Open Notebook version 1.8.3 Description Insufficient user input sanitization allows an application user to perform Server-Side Template Injection SSTI, a flaw where an attacker can inject malicious templates into a server-side engine. This...

Critical Photon OS Security Update - PHSA-2026-5.0-0842

Updates of 'dotnet-runtime', 'linux', 'mysql' packages of Photon OS have been released...

Photon OS 5.0: Curl PHSA-2026-5.0-0838

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0838. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Nessus Manager < 10.10.3 / 10.11.0 < 10.11.3 Path Traversal (TNS-2026-08)

According to its self-reported version, the Nessus Manager application running on the remote host is prior to 10.10.3, prior to 10.11.3. It is, therefore, affected by an path traversal vulnerability as referenced in the TNS-2026-08 advisory. - A path traversal vulnerability exists in Nessus Manag...

Photon OS 5.0: Dotnet PHSA-2026-5.0-0842

An update of the dotnet package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0842. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2026-43265

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for x86 architectures. A local user or a malicious guest operating system could manipulate the virtual CPU vCPU state by injecting events while the vCPU is in a blocking state. This could lead to a spurious exit to userspace,...

EUVD-2026-28091

Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...

CVE-2026-7865

A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH conso...

CVE-2026-7978

Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. Chromium security severity: Medium...

CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. T...

CVE-2026-7957

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7957

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

BIT-JAVA-MIN-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

BIT-JAVA-MIN-2026-20652

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service...

BIT-JAVA-MIN-2026-20644

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...