Lucene search
K

129 matches found

Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.14 views

PT-2026-47627

Name of the Vulnerable Software and Affected Versions FileBrowser Quantum versions prior to 1.3.3-stable FileBrowser Quantum versions prior to 1.4.2-beta Description Path Traversal is possible through the publicPatchHandler function in backend/http/public.go. The issue occurs because the software...

9.3CVSS5.4AI score0.00446EPSS
Exploits0References9
Snyk
Snyk
added 2026/05/16 12:0 a.m.9 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper path resolution during extraction of OCI image layer tarballs. An attacker can write arbitrary files to locations outside the intended extraction root by crafting a layer with a symlink pointing to an absolut...

9.6CVSS5.9AI score0.00482EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.12 views

CVE-2026-44220

ciguard is a static security auditor for CI/CD pipelines. From 0.8.0 to 0.8.1 , the discoverpipelinefiles function in src/ciguard/discovery.py walks a directory tree following symlinks, with cycle protection via tracking visited resolved paths. An attacker who can plant a symlink in a directory t...

3.2CVSS5.8AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 7:22 p.m.59 views

CVE-2026-42549 Flight: Path traversal in `make:controller` CLI creates arbitrary directories outside project root

Flight is an extensible micro-framework for PHP. Prior to 3.18.1, the make:controller CLI command calls mkdir..., recursive: true on a path built from the user-supplied controller name, before Nette's class-name validation runs. The class-file write is correctly rejected by Nette when the name...

4.4CVSS0.00154EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 7:22 p.m.7 views

CVE-2026-42549

Flight is an extensible micro-framework for PHP. Prior to 3.18.1, the make:controller CLI command calls mkdir..., recursive: true on a path built from the user-supplied controller name, before Nette's class-name validation runs. The class-file write is correctly rejected by Nette when the name...

4.4CVSS5.8AI score0.00154EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/12 7:37 p.m.38 views

CVE-2026-44220 ciguard: discover_pipeline_files follows symlinks out of scan root

ciguard is a static security auditor for CI/CD pipelines. From 0.8.0 to 0.8.1 , the discoverpipelinefiles function in src/ciguard/discovery.py walks a directory tree following symlinks, with cycle protection via tracking visited resolved paths. An attacker who can plant a symlink in a directory t...

3.2CVSS0.00158EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:37 p.m.9 views

CVE-2026-44220

ciguard is a static security auditor for CI/CD pipelines. From 0.8.0 to 0.8.1 , the discoverpipelinefiles function in src/ciguard/discovery.py walks a directory tree following symlinks, with cycle protection via tracking visited resolved paths. An attacker who can plant a symlink in a directory t...

3.2CVSS5.8AI score0.00158EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/12 7:37 p.m.23 views

CVE-2026-44220

ciguard (static security auditor for CI/CD) has a symlink-following flaw in discover_pipeline_files() (src/ciguard/discovery.py) that can cause discovery to traverse into symlink targets outside the requested root. Documented in CVE-2026-44220 and GHSA advisories, the vulnerability affects versio...

3.2CVSS5.8AI score0.00158EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/11 6:39 p.m.12 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References8
CVE
CVE
added 2026/05/08 3:45 a.m.38 views

CVE-2026-42275

The CVE-2026-42275 issue affects zrok’s WebDAV drive backend (davServer.Dir) where symbolic links inside the shared DriveRoot are not prevented from pointing outside the root. This allows remote WebDAV clients to read files and, on shares with lax OS permissions, overwrite files anywhere on the h...

8.7CVSS5.8AI score0.0033EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/07 2:16 p.m.18 views

CVE-2026-41589

Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...

9.6CVSS0.00393EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/07 1:17 p.m.14 views

CVE-2026-41589 Wish has SCP Path Traversal that allows arbitrary file read/write

Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...

9.6CVSS5.9AI score0.00393EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/07 1:17 p.m.14 views

EUVD-2026-28370

Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...

9.6CVSS5.9AI score0.00393EPSS
Exploits1References2
CVE
CVE
added 2026/05/07 1:17 p.m.15 views

CVE-2026-41589

CVE-2026-41589 concerns the SCP path traversal in charm.land/wish/v2, affecting Wish SSH server middleware. From version 2.0.0 up to 2.0.1 (before patch), the SCP file system handler can be tricked by crafted filenames containing ../ sequences, allowing a malicious SCP client to read arbitrary se...

9.6CVSS5.9AI score0.00393EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/05/07 4:33 a.m.11 views

Symlink Attack

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Symlink Attack via the isPathAllowed path check in lib/resolver-compat.js. An attacker can execute code outside the configured...

8.5CVSS6.4AI score0.00722EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/07 4:33 a.m.9 views

Symlink Attack

Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Symlink Attack via the isPathAllowed path check in lib/resolver-compat.js. An attacker can execute code outside the configured require.root by placin...

8.5CVSS6.5AI score0.00722EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/05/06 9:34 p.m.10 views

Flight has path traversal in `make:controller` CLI that creates arbitrary directories outside project root

Summary The make:controller CLI command calls mkdir..., recursive: true on a path built from the user-supplied controller name, before Nette's class-name validation runs. The class-file write is correctly rejected by Nette when the name contains /, but the recursive directory creation side effect...

4.4CVSS5.8AI score0.00154EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/06 9:31 p.m.9 views

Duplicate Advisory: OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5h3g-6xhh-rg6p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that...

8.3CVSS5.7AI score0.00208EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.52 views

CVE-2026-44113 OpenClaw < 2026.4.22 - Time-of-Check/Time-of-Use Race Condition in OpenShell FS Bridge

OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...

8.3CVSS0.00208EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/05 4:49 p.m.11 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to the getospath check in fileio.py in the file manager component. An attacker can read, write, and delete files outside the configured root directory by supplying a path whose resolved absolute path shares a...

9.2CVSS6.3AI score0.00583EPSS
Exploits2References2
Rows per page
Query Builder