PT-2026-45490

Summary EntryPoint::FromStr in rattler conda types performs only .trim on the command field before the linker joins it onto the install prefix and writes an executable Python script. A malicious noarch:python package can ship an info/link.json with an entry-point name containing .., /, , or an...

PT-2024-6557 · Grafana +1 · Grafana Agent +1

Name of the Vulnerable Software and Affected Versions: Grafana Agent versions prior to 0.43.2 Grafana Agent versions prior to 0.43.3 Description: The issue is related to an Unquoted Search Path or Element vulnerability in Grafana Agent Flow mode on Windows, which allows Privilege Escalation from...