Lucene search
K

10 matches found

NVD
NVD
added 2026/06/12 8:16 p.m.14 views

CVE-2026-54055

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...

5CVSS0.00072EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 8:16 p.m.6 views

UBUNTU-CVE-2026-54055

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...

5CVSS5.5AI score0.00072EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 8:6 p.m.11 views

EUVD-2026-36578

Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...

7.6CVSS5.7AI score0.00268EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/06/12 8:3 p.m.6 views

CVE-2026-54055

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...

5CVSS5.6AI score0.00072EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/12 8:3 p.m.7 views

CVE-2026-54055

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...

5CVSS5.5AI score0.00072EPSS
Exploits0
OSV
OSV
added 2026/02/13 12:39 a.m.4 views

CLEANSTART-2026-JB30245 Security fixes for GHSA-F6X5-JH6R-WRFV, GHSA-J5W8-Q4QC-RX2X applied in versions: 0.47.2-r0

Multiple security vulnerabilities affect the prometheus-mongodb-exporter package. These issues are resolved in later releases. See references for individual vulnerability details...

5.9AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-22159

Malicious code in bioql PyPI...

5.3CVSS7.2AI score0.0053EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/07/22 11:22 p.m.3 views

SUSE CVE-2025-54121

Starlette is a lightweight ASGI Asynchronous Server Gateway Interface framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files greater than the default max spool size starlette will block the main thread t...

5.3CVSS7.1AI score0.0053EPSS
Exploits0References5
OSV
OSV
added 2025/07/21 8:15 p.m.2 views

DEBIAN-CVE-2025-54121

Starlette is a lightweight ASGI Asynchronous Server Gateway Interface framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files greater than the default max spool size starlette will block the main thread t...

5.3CVSS5.6AI score0.0053EPSS
Exploits0References1
OSV
OSV
added 2025/07/21 8:15 p.m.2 views

UBUNTU-CVE-2025-54121

Starlette is a lightweight ASGI Asynchronous Server Gateway Interface framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files greater than the default max spool size starlette will block the main thread t...

5.3CVSS5.8AI score0.0053EPSS
Exploits0References6
Rows per page
Query Builder