CVE-2026-5223 Crates in third party registries can override the cached source of other crates

Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry. The severity of the vulnerability is medium for users of third-party registries. Users of crates.io a...

CVE-2026-5223 Crates in third party registries can override the cached source of other crates

Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry. The severity of the vulnerability is medium for users of third-party registries. Users of crates.io a...

CVE-2026-5223

CVE-2026-5223 affects Cargo: symlinks inside crate tarballs from third-party registries can cause a malicious crate to override the cached source of another crate from the same registry. The issue is due to how symlinks are handled, enabling modification of source files after download. Impact is ...

CVE-2026-9489

creationtimestamp| type| source ---|---|--- 2026-05-25 06:38:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116633835396055412 2026-05-25 09:26:06+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116634495611199490...

CVE-2026-9405

creationtimestamp| type| source ---|---|--- 2026-05-25 04:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116633333205979935 2026-05-25 04:30:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmnnffdp462o...

CVE-2026-9407

creationtimestamp| type| source ---|---|--- 2026-05-25 03:00:26+00:00| seen| https://infosec.exchange/users/offseq/statuses/116632979036479792 2026-05-25 03:00:28+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmniedcwxa26...

CVE-2026-9408

creationtimestamp| type| source ---|---|--- 2026-05-25 01:30:31+00:00| seen| https://infosec.exchange/users/offseq/statuses/116632625460794481 2026-05-25 01:30:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmnddk3og42y...

CVE-2026-3515

creationtimestamp| type| source ---|---|--- 2026-05-24 06:00:27+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmlbxbir4d2m 2026-05-24 06:03:31+00:00| seen| https://infosec.exchange/users/offseq/statuses/116628024514004193 2026-06-06 11:02:50+00:00| seen|...

cve-researcher

cve-researcher AI-powered CVE research in your terminal —...

CVE-2026-8692

creationtimestamp| type| source ---|---|--- 2026-05-22 13:32:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mmh2b3agfa2s 2026-05-22 13:33:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmh2ds2o5z2n 2026-05-26 05:13:36+00:00| seen|...

CVE-2026-8684

creationtimestamp| type| source ---|---|--- 2026-05-22 12:32:08+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mmgwvthkju2s 2026-05-22 12:59:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgygak4y32n 2026-05-26 06:38:53+00:00| seen|...

CVE-2024-53667

creationtimestamp| type| source ---|---|--- 2026-05-22 11:00:14+00:00| seen| Telegram/Ijp4jLwZAukIpjn8nmvArm7-nJ19glZ2axxpP-42cGx43y8 2026-05-22 15:00:07+00:00| seen| Telegram/QQT-Q6OUMbbPAXT-HqeuIDXp1trXX8UiN3jKLc4d4AIZQ...

CVE-2026-9256

creationtimestamp| type| source ---|---|--- 2026-05-22 09:02:13+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/f5-security-advisory-av26-501 2026-05-22 15:43:17+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116618991514251454 2026-05-22 16:11:43+00:00| seen|...

CVE-2026-8679

creationtimestamp| type| source ---|---|--- 2026-05-22 01:55:43+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-8679.yaml 2026-05-22 09:00:43+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmgl3rnuge26 2026-05-22...

CVE-2026-33000

creationtimestamp| type| source ---|---|--- 2026-05-22 01:30:44+00:00| seen| https://infosec.exchange/users/offseq/statuses/116615638632098258 2026-05-22 03:15:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmfxo2kuex2h 2026-05-26 09:13:20+00:00| seen|...

CVE-2026-47101

creationtimestamp| type| source ---|---|--- 2026-05-21 22:01:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmfgadref72q 2026-05-21 22:16:39+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mmfh44f5ca27 2026-05-25 10:00:04+00:00| seen|...

Rust OneNote File Parser: Path traversal in `Parser::parse_notebook` allows reading files outside the notebook directory

Impact A maliciously crafted .onetoc2 table-of-contents file can cause Parser::parsenotebook to open arbitrary files on the host filesystem outside the notebook's directory. The parser reads entry names listed inside the .onetoc2 and joins them against the notebook's base directory without...

CVE-2026-48249

creationtimestamp| type| source ---|---|--- 2026-05-21 19:27:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmf5nah2ou2o 2026-05-21 19:42:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmf6i3tggj2c...

CVE-2026-48247

creationtimestamp| type| source ---|---|--- 2026-05-21 18:49:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmf3jagyq62q 2026-05-21 19:37:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmf675fama2h...

CVE-2026-48242

creationtimestamp| type| source ---|---|--- 2026-05-21 18:00:11+00:00| seen| https://infosec.exchange/users/offseq/statuses/116613867810424897 2026-05-21 18:00:14+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmeyrke6ru2p 2026-05-21 18:44:13+00:00| seen|...