Lucene search
K

8591 matches found

NVD
NVD
added 14 hours ago7 views

CVE-2026-12482

A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the filtersafetarinfos validation in keras/src/utils/fileutils.py. Specifically, symlink entries are not subjected to the same ispathindir validation as regular file entries,...

3.1CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 15 hours ago6 views

CVE-2026-12482

A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the filtersafetarinfos validation in keras/src/utils/fileutils.py. Specifically, symlink entries are not subjected to the same ispathindir validation as regular file entries,...

3.1CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added 20 hours ago4 views

EUVD-2026-43554

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the...

6.6CVSS6.2AI score
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-62239

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the...

6.6CVSS
Exploits0References4
CVE
CVE
added yesterday7 views

CVE-2026-62239

FlashAttention (up to 2.8.3.post1) contains a symlink attack in hopper/setup.py: download_and_copy() extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can plant a predictable symlink in the cache to redirect extracted binaries to a chosen lo...

6.6CVSS6.2AI score
Exploits0References4
Cvelist
Cvelist
added yesterday22 views

CVE-2026-62239 FlashAttention Symlink Attack via tarfile.extractall in hopper/setup.py

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the...

6.6CVSS
Exploits0References4
CVE
CVE
added 5 days ago14 views

CVE-2026-58198

ChatterBot (Python) vulnerability CVE-2026-58198: UbuntuCorpusTrainer.extract() uses a predictable home path (~/.ubuntu_data/ubuntu_dialogs) with a check-then-create pattern, then tar.extractall(path=self.data_path). An attacker who pre-places a symlink at that path can cause archived contents to...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42685

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract uses a predictable home-rooted output directory /ubuntudata/ubuntudialogs with a check-then-create pattern followed by tar.extractallpath=self.datapath, allowing a...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-58198

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract uses a predictable home-rooted output directory /ubuntudata/ubuntudialogs with a check-then-create pattern followed by tar.extractallpath=self.datapath, allowing a...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-58203

A flaw was found in the pydantic-settings component. When configured to handle nested secrets, this vulnerability allows an attacker to read sensitive files from outside the designated secrets directory. By placing a specially crafted symbolic link within the secrets directory, an attacker can...

5.3CVSS5.9AI score0.00138EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago3 views

Security Bulletin: Consul-template is vulnerable to path redirection in writeToFile through symlink attack

Summary The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in...

4.7CVSS5.8AI score0.00105EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-14361 Consul-template is vulnerable to path redirection in writeToFile through symlink attack

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...

4.7CVSS0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 2:24 p.m.4 views

CVE-2026-58203

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score0.00138EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/07/03 10:19 p.m.5 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack in the template repository generation process. An attacker can access or modify files outside the intended directory by leveraging symlinked or non-regular paths. Remediation Upgrade...

9.1CVSS6AI score0.00428EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 10:19 p.m.6 views

Symlink Attack

Overview github.com/go-gitea/gitea/modules/util is a Git with a cup of tea, painless self-hosted git service. Affected versions of this package are vulnerable to Symlink Attack in the template repository generation process. An attacker can access or modify files outside the intended directory by...

9.1CVSS6AI score0.00428EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.8 views

Anthropic Claude Code 2.1.59 < 2.1.128 Information Disclosure (CVE-2026-46406)

The version of Anthropic Claude Code installed on the remote host is 2.1.59 prior to 2.1.128. It is, therefore, affected by an information disclosure vulnerability: - The Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation,...

6.1CVSS6AI score0.00149EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 2:13 p.m.5 views

PYSEC-2026-645 instack-undercloud vulnerable to symlink attack on tmp files

A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploi...

6.4CVSS6.6AI score0.00347EPSS
Exploits0References14
Snyk
Snyk
added 2026/07/01 9:48 p.m.4 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack through improper validation of hardlink targets during tar extraction. An attacker can access or modify files outside the intended extraction directory by crafting a malicious tarball with a hardlink entry whose target is...

7.1CVSS6AI score
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 9:30 p.m.9 views

Security Bulletin: Nomad vulnerable to arbitrary file read/write on client host through symlink attack

Summary HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11. Vulnerability Details CVEID:CVE-2026-695...

6CVSS5.9AI score0.00169EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/07/01 3:46 p.m.19 views

CVE-2026-41001

A flaw was found in Spring Boot. The ArtemisEmbeddedConfigurationFactory component uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can exploit this by pre-creating this predictable directory ...

5.3CVSS5.6AI score0.00094EPSS
Exploits0References4
Rows per page
Query Builder