58 matches found
GHSA-7FQ5-7WR8-RJWJ OliveTin has a Concurrent Template Parsing Race Condition which Leads to Cross-Request Command Contamination
Summary OliveTin's template engine uses a single shared text/template.Template instance tpl package-level variable in service/internal/tpl/templates.go across all goroutines. Every action execution calls tpl.Parsesource followed by t.Execute on this shared instance with no synchronization. When t...
CVE-2026-45676
CVE-2026-45676 affects OpenTelemetry eBPF Instrumentation (OBI). Before version 0.9.0, OBI’s replacement ELF parser trusts section offsets, counts, and string offsets from the executable, allowing a crafted local ELF to trigger invalid dereferences or out-of-bounds slicing in the parser. The vuln...
CVE-2026-48690
CVE-2026-48690 affects FastNetMon Community Edition up to v1.2.9. The issue is an integer overflow in the packet capture buffer allocation: allocate_buffer() computes memory_size_in_bytes as buffer_size_in_packets * (max_captured_packet_size + sizeof(fastnetmon_pcap_pkthdr_t)) + sizeof(fastnetmon...
GHSA-WP73-MWGF-4JQ9 OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent
Summary OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. Details...
OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent
Summary OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. Details...
CVE-2026-41497
PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist or argument validation to parsemcpcommand, allowing arbitrary executables like bash, python, or /bin/sh with inline code execution flags to pass through t...
CVE-2026-40042 Pachno 1.0.6 Wiki TextParser XML External Entity Injection
Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting unsafe XML parsing in the TextParser helper. Attackers can inject malicious XML entities through wiki table syntax and inline tags in issue descriptions...
Chamilo LMS 代码问题漏洞
Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Code vulnerabilities existed in versions prior to Chamilo LMS 1.11.38 and 2.0.0-RC.3. These vulnerabilities...
CVE-2026-39890
Prais onAI’s AgentService.loadAgentFromFile parses YAML with js-yaml without disabling dangerous tags (e.g., !!js/function, !!js/undefined), enabling attacker to upload a malicious agent definition and achieve remote code execution on the server. Affected software: PraisonAI (before 4.5.115). Roo...
GO-2026-4670 OliveTin's unsafe parsing of UniqueTrackingId can be used to write files in github.com/OliveTin/OliveTin
OliveTin's unsafe parsing of UniqueTrackingId can be used to write files in github.com/OliveTin/OliveTin...
CVE-2026-24457
An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved...
EUVD-2026-9839
An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved...
CVE-2026-24457
An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved...
CVE-2026-24457
An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved...
CVE-2026-24457
CVE-2026-24457: OpenMQ unsafe parsing of configuration allows a remote attacker to read arbitrary files on the MQ Broker server, potentially reading host OS files. In some scenarios, RCE could be achieved. Metrics indicate CVSS v3.1 base score 9.1 (CRITICAL) with NETWORK attack vector, LOW attack...
PT-2026-23475
Name of the Vulnerable Software and Affected Versions OpenMQ affected versions not specified Description An unsafe parsing of OpenMQ’s configuration allows a remote attacker to read arbitrary files from a MQ Broker’s server. Full exploitation could lead to reading unauthorized files from the Open...
CVE-2026-23739
A flaw was found in Asterisk. The astxmlopen function in xml.c processes XML documents using libxml with unsafe parsing options, enabling entity expansion and XInclude processing. A remote attacker can exploit this by providing specially crafted XML input, leading to XML External Entity XXE or...
CVE-2026-23739
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the astxmlopen function in xml.c parses XML documents using libxml with unsafe parsing options that enable entity expansion and XInclude processing...
CVE-2026-23739
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the astxmlopen function in xml.c parses XML documents using libxml with unsafe parsing options that enable entity expansion and XInclude processing...
CVE-2026-23739
CVE-2026-23739 concerns Asterisk’s ast_xml_open() in xml.c, which parses XML using libxml with unsafe options (XML_PARSE_NOENT) and later processes XIncludes, enabling external entity processing. If untrusted XML is provided, this can trigger XML External Entity (XXE) or XInclude-based local file...