CVE-2026-34452 Claude SDK for Python: Memory Tool Path Validation Race Condition Allows Sandbox Escape

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory directory, but then...

CVE-2026-2285

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

Directory Traversal

Overview scitokens is a SciToken reference implementation library Affected versions of this package are vulnerable to Directory Traversal via the checkscope and scopepathmatches functions. An attacker can gain unauthorized access to restricted directories by including dot-dot .. sequences in the...

CVE-2026-32716

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the sa...

PT-2026-29380

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory directory, but then...

CVE-2026-29870

A directory traversal vulnerability in the agentic-context-engine project versions up to 0.7.1 allows arbitrary file writes via the checkpointdir parameter in OfflineACE.run. The savetofile method in ace/skillbook.py fails to normalize or validate filesystem paths, allowing traversal sequences to...

Claude SDK for TypeScript 安全漏洞

Claude SDK for TypeScript is an open-source development toolkit by Anthropic, designed for calling the Claude API using TypeScript. Versions of Claude SDK for TypeScript prior to 0.81.0 contain security vulnerabilities. These vulnerabilities stem from insufficient validation of model-provided pat...

UBUNTU-CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

CVE-2026-32883 Botan: Missing OCSP Response Signature Verification Allows MitM Certificate Revocation Bypass

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

EUVD-2026-17211

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

CVE-2026-32883 Botan: Missing OCSP Response Signature Verification Allows MitM Certificate Revocation Bypass

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

CVE-2026-32883

CVE-2026-32883 affects the Botan C++ cryptography library. From version 3.0.0 through before 3.11.0, during X509 path validation, OCSP responses were checked for a valid status but the OCSP response signature itself was not verified, enabling a potential Man‑in‑the‑Middle in certificate revocatio...

CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

EUVD-2026-17119

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

Directory Traversal

Overview crewai-tools is a Set of tools for the crewAI framework Affected versions of this package are vulnerable to Directory Traversal via the JSON loader tool due to lack of path validation. An attacker can access arbitrary files on the server by supplying crafted file paths. Details A Directo...

GHSA-V9P7-GF3Q-H779 @tinacms/graphql has Path Traversal that leads to overwrite of arbitrary files

Summary A Path Traversal vulnerability in @tinacms/graphql allows unauthenticated users to write and overwrite arbitrary files within the project root. This is achieved by manipulating the relativePath parameter in GraphQL mutations. The impact includes the ability to replace critical server...

EUVD-2026-17151

Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation...

GHSA-M8P8-53VF-8357 Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation

Summary The nginx-ui configuration improperly handles URL-encoded traversal sequences. When specially crafted paths are supplied, the backend resolves them to the base Nginx configuration directory and executes the operation on the base directory /etc/nginx. In particular, this allows an...