41 matches found
CVE-2026-48693
FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' src/fastnetmon.cpp line 159. The printscreencontentsintofile function src/fastnetmonlogic.cpp line 2186 opens this path...
EUVD-2026-31899
FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' src/fastnetmon.cpp line 159. The printscreencontentsintofile function src/fastnetmonlogic.cpp line 2186 opens this path...
CVE-2026-48693
CVE-2026-48693 concerns the FastNetMon Community Edition up to 1.2.9. The issue is a local symlink attack due to predictable file paths in /tmp, notably the default statistics file at '/tmp/fastnetmon.dat'. The vulnerable code path opens this path with std::ios::trunc without following symlinks o...
CVE-2026-42191 OpenTelemetry.Exporter.OpenTelemetryProtocol: Disk retry default temp path enables local blob injection for OTLP Exporter
OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP OpenTelemetry Protocol exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but...
CVE-2026-42191
OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP OpenTelemetry Protocol exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but...
CVE-2026-42191 OpenTelemetry.Exporter.OpenTelemetryProtocol: Disk retry default temp path enables local blob injection for OTLP Exporter
OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP OpenTelemetry Protocol exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but...
CVE-2026-42191
OpenTelemetry.Exporter.OpenTelemetryProtocol (OTLP exporter) Vulnerability: from 1.8.0 through 1.15.2, when OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY=disk is used without OTEL_DOTNET_EXPERIMENTAL_OTLP_DISK_RETRY_DIRECTORY_PATH, the retry storage root is resolved with Path.GetTempPath(). The exporter st...
Astra Linux - уязвимость в audacity
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there...
OpenTelemetry's disk retry default temp path enables local blob injection via OTLP Exporter
Summary The OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but OTELDOTNETEXPERIMENTALOTLPDISKRETRYDIRECTORYPATH was not configured. The exporter stored and loaded .blob files under...
GHSA-4625-4J76-FWW9 OpenTelemetry's disk retry default temp path enables local blob injection via OTLP Exporter
Summary The OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but OTELDOTNETEXPERIMENTALOTLPDISKRETRYDIRECTORYPATH was not configured. The exporter stored and loaded .blob files under...
PraisonAI recipe registry publish path traversal allows out-of-root file write
Summary PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious publisher can place ../ traversal sequences in the bund...
PT-2026-30767
Summary PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious publisher can place ../ traversal sequences in the bund...
CVE-2026-23482 Blinko: Unauthorized Arbitrary File Read - /api/file/temp
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the file server endpoint does not perform permission checks on the temp/ path and does not filter path traversal sequences, allowing unauthorized attackers to read arbitrary files on the server. When scheduled backup tasks...
CVE-2026-23482
Blinko (AI-powered card note-taking project) before version 1.8.4 exposes a file server endpoint that does not enforce permission checks on the temp/ path and does not filter path traversal sequences. This allows unauthenticated attackers to read arbitrary files on the server. When scheduled back...
EUVD-2026-14533
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the file server endpoint does not perform permission checks on the temp/ path and does not filter path traversal sequences, allowing unauthorized attackers to read arbitrary files on the server. When scheduled backup tasks...
CVE-2026-32026 OpenClaw < 2026.2.24 - Arbitrary File Read via Improper Temporary Path Validation in Sandbox
OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...
Temporary path handling could write outside OpenClaw temp boundary
Summary Sandbox media local-path validation accepted absolute paths under host tmp, even when those paths were outside the active sandbox root. Affected Packages / Versions - Package: openclaw npm - Latest published version verified during triage: 2026.2.23 - Affected versions: = 2026.2.24 Detail...
GHSA-33HM-CQ8R-WC49 Temporary path handling could write outside OpenClaw temp boundary
Summary Sandbox media local-path validation accepted absolute paths under host tmp, even when those paths were outside the active sandbox root. Affected Packages / Versions - Package: openclaw npm - Latest published version verified during triage: 2026.2.23 - Affected versions: = 2026.2.24 Detail...
EUVD-2013-4024
Malware in sbrugna...
EUVD-2022-0196
Malicious code in bioql PyPI...