Lucene search
+L

8613 matches found

CVE
CVE
added 2 days ago7 views

CVE-2026-62294

Flameshot prior to 14.0.0 is affected by a local TOCTOU race in the Open With feature. The software wrote screenshots to a predictable temporary path and followed symlinks, enabling a local unprivileged user on the same machine to pre-plant a symlink and cause Flameshot to write PNG data through ...

5.1CVSS6.1AI score0.00101EPSS
Exploits0References4
NVD
NVD
added 3 days ago7 views

CVE-2026-12482

A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the filtersafetarinfos validation in keras/src/utils/fileutils.py. Specifically, symlink entries are not subjected to the same ispathindir validation as regular file entries,...

3.1CVSS0.00301EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-12482

A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the filtersafetarinfos validation in keras/src/utils/fileutils.py. Specifically, symlink entries are not subjected to the same ispathindir validation as regular file entries,...

3.1CVSS6.1AI score0.00301EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43554

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the...

6.6CVSS6.2AI score0.00129EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 3 days ago3 views

Linux Distros Unpatched Vulnerability : CVE-2026-12482

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the filtersafetarinfos validation in...

8.9CVSS6.1AI score0.00593EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-62239

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the...

6.6CVSS0.00129EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-62239 FlashAttention Symlink Attack via tarfile.extractall in hopper/setup.py

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the...

6.6CVSS0.00129EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 4 days ago3 views

CVE-2026-62239

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the...

6.6CVSS6.2AI score0.00129EPSS
Exploits0References5
CVE
CVE
added 4 days ago9 views

CVE-2026-62239

FlashAttention (up to 2.8.3.post1) contains a symlink attack in hopper/setup.py: download_and_copy() extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can plant a predictable symlink in the cache to redirect extracted binaries to a chosen lo...

6.6CVSS6.2AI score0.00129EPSS
Exploits0References4
OSV
OSV
added 4 days ago3 views

CVE-2026-62239 FlashAttention Symlink Attack via tarfile.extractall in hopper/setup.py

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the...

5.3CVSS6.2AI score0.00129EPSS
Exploits0References7
Snyk
Snyk
added 2026/07/10 12:30 a.m.7 views

Symlink Attack

Overview decompress is a package that can be used for extracting archives. Affected versions of this package are vulnerable to Symlink Attack in the symlink handling process. An attacker can create arbitrary symbolic links outside the intended extraction directory by crafting an archive with...

7.5CVSS6.2AI score0.00501EPSS
Exploits1References2
OSV
OSV
added 2026/07/09 6:32 p.m.3 views

CVE-2026-58198 ChatterBot: Symlink-Following Arbitrary Write via UbuntuCorpusTrainer

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract uses a predictable home-rooted output directory /ubuntudata/ubuntudialogs with a check-then-create pattern followed by tar.extractallpath=self.datapath, allowing a...

5.5CVSS6.1AI score0.00095EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/09 6:32 p.m.6 views

EUVD-2026-42685

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract uses a predictable home-rooted output directory /ubuntudata/ubuntudialogs with a check-then-create pattern followed by tar.extractallpath=self.datapath, allowing a...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/09 6:32 p.m.7 views

CVE-2026-58198

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract uses a predictable home-rooted output directory /ubuntudata/ubuntudialogs with a check-then-create pattern followed by tar.extractallpath=self.datapath, allowing a...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/07/09 6:32 p.m.14 views

CVE-2026-58198

ChatterBot (Python) vulnerability CVE-2026-58198: UbuntuCorpusTrainer.extract() uses a predictable home path (~/.ubuntu_data/ubuntu_dialogs) with a check-then-create pattern, then tar.extractall(path=self.data_path). An attacker who pre-places a symlink at that path can cause archived contents to...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/09 3:24 p.m.6 views

CVE-2026-58203

A flaw was found in the pydantic-settings component. When configured to handle nested secrets, this vulnerability allows an attacker to read sensitive files from outside the designated secrets directory. By placing a specially crafted symbolic link within the secrets directory, an attacker can...

5.3CVSS5.9AI score0.00138EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/08 9:4 p.m.3 views

Security Bulletin: Consul-template is vulnerable to path redirection in writeToFile through symlink attack

Summary The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in...

4.7CVSS5.8AI score0.00105EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/07/08 8:11 p.m.36 views

CVE-2026-14361 Consul-template is vulnerable to path redirection in writeToFile through symlink attack

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...

4.7CVSS0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 2:24 p.m.4 views

CVE-2026-58203

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score0.00138EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.8 views

PT-2026-56055

Name of the Vulnerable Software and Affected Versions linuxfabrik-monitoring-plugins affected versions not specified Description SQLite databases are created using predictable static paths in /tmp, allowing any user to create a symlink at these locations pointing to arbitrary files. When monitori...

5.1CVSS6.2AI score
Exploits0References7
Rows per page
Query Builder