GHSA-R492-HJGH-C9GW Vitess users with backup storage access can write to arbitrary file paths on restore

Impact Anyone with read/write access to the backup storage location e.g. an S3 bucket can manipulate backup manifest files so that files in the manifest — which may be files that they have also added to the manifest and backup contents — are written to any accessible location on restore. This is ...

CVE-2026-27969

Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location e.g. an S3 bucket can manipulate backup manifest files so that files in the manifest — which may be files that they have also...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Building X, COMOS, Energy Services, Gridscale X, NX, RUGGEDCOM, SICAM, SIMATIC, SINEC, SINEMA, SIPLUS and Solid Edge. The vulnerabilities potentially enable a malicious person to launch attacks that could result in the following...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as Altair Grid Engine, COMOS, LOGO, SICAM, SIDOOR, SIMATIC, SIPLUS, Spectrum Power and Solid Edge. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: -...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as SIMATIC, SINEC, SIPLUS and Solid Edge. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Circumvention o...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as Apogee, Industial Edge, RUGGEDCOM, SIMATIC, SIMOTION and SINAMICS. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulati...

Vulnerabilities fixed in Siemens Omnivise

Siemens Energy has fixed vulnerabilities in Omnivise T3000. A malicious person could exploit the vulnerabilities to grant themselves elevated privileges on the vulnerable system and thus execute arbitrary code, possibly with system privileges. For successful abuse, the malicious party must be...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products including. SIMATIC, SINEC, SIPROTEC and RUGGEDCOM. The vulnerabilities allow a malicious party potentially able to launch attacks that could lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention o...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in QMS Automotive, Parasolid, WIBU, Teamcenter, JT2Go, Spectrum Power 7, SIMATIC, SIPLUS and RUGGEDCOM products. The vulnerabilities allow a malicious potentially able to carry out attacks that could result in the following categories of damage: Denial-of-Service...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in SIMATIC, SICAM, SIMOTION, WinCC, Solid Edge and Scalance products. The vulnerabilities allow a malicious party potentially capable of carrying out attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data...

Vulnerabilities fixed in Siemens products

Several vulnerabilities have been fixed in Siemens products. The vulnerabilities potentially allow a malicious party to gain access to sensitive data or cause a denial-of-service cause. To exploit the vulnerabilities, the malicious party must have access to the production environment. It is good...