474 matches found
CVE-2026-42795
Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball. The file collection helpers gleamfiles, nativefiles, privatefiles in compiler-cli/src/fs.rs use followlinkstrue when walking publishable directories...
CVE-2026-7886
Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments parameter which can lead to file permission bypass. The AddMessage and UpdateMessage conversation controllers accept user-supplied file attachment IDs and load files directly via $em-findFile::class,...
GHSA-W4QQ-74H6-58WQ AVideo: Unauthenticated Arbitrary Image Read via Path Traversal in `view/img/image404Raw.php`
Summary The endpoint requires no authentication. An unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded thumbnails,...
EUVD-2026-30637
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, multiple endpoints accept a user-supplied fileid and attach the referenced file to a resource the caller controls folder knowledge, knowledge-base contents without verifying that the...
GHSA-H36F-RQPX-J5WX Open WebUI has Unauthorized File and Knowledge Base Content Access via RAG Vector Search
Unauthorized File and Knowledge Base Content Access via RAG Vector Search Affected Component RAG source resolution in chat completion pipeline: - backend/openwebui/retrieval/utils.py lines 963-965, 1063-1068, 1126-1131 in getsourcesfromitems Affected Versions Current main branch commit 6fdd19bf1...
Linux Distros Unpatched Vulnerability : CVE-2026-1556
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to...
EUVD-2026-16422
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556
A flaw was found in Drupal File Field Paths. This information disclosure vulnerability allows authenticated users to disclose other users’ private files. This can be exploited by performing filename-collision uploads, which causes the system to receive incorrect file Uniform Resource Identifiers...
CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
UBUNTU-CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556
CVE-2026-1556 affects Drupal 7.x (File (Field) Paths module). The vulnerability arises in the processing of file URIs for File (Field) Paths when filenames collide during uploads, allowing an authenticated user to disclose private files belonging to other users. This can cause hook_node_insert() ...
CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556 Information disclosure via file URI overwrite in File (Field) Paths
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-32097
PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...
CVE-2026-32097
PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...
CVE-2026-32097 PingPong has improper access control in thread file endpoints allows access outside intended scope
PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...
CVE-2026-32097
PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...
CVE-2026-32097
PingPong, a platform for teaching/learning with LLMs, has a vulnerability prior to 7.27.2 where an authenticated user could retrieve or delete files outside the intended authorization scope. The issue allows retrieval of private files and deletion of files (including user uploads and model output...
CVE-2026-32097 PingPong has improper access control in thread file endpoints allows access outside intended scope
PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...