CVE-2026-8235

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

CVE-2026-42246 net-imap vulnerable to STARTTLS stripping via invalid response timing

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. This issue has been patched in versions 0.3.10,...

CVE-2026-44313

CVE-2026-44313 (Linkwarden) : A SSRF vulnerability exists in the fetchTitleAndHeaders function prior to version 2.13.0, enabling authenticated users to cause arbitrary HTTP requests to internal services due to insufficient URL validation that only checks for the prefixes "http://" or "https://". ...

CVE-2026-41511

CVE-2026-41511 affects the OpenMcdf .NET/C# library for Compound File Binary (CFB) manipulation. Before version 3.1.3, the library failed to detect cycles in the directory-entry red–black tree, allowing a crafted CFB file to create a cycle in LeftSiblingID/RightSiblingID that causes Storage.Enume...

UBUNTU-CVE-2026-42030

MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a crafted WMS URL. The...

DEBIAN-CVE-2026-41070

openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on SSO auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin...

CVE-2026-44335

PraisonAI is a multi-agent teams system. Prior to version 1.6.32, the URL checking logic in PraisonAI has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. This issue has been patched in version 1.6.32...

CVE-2026-41507 Remote Code Execution (RCE) via String Literal Injection into math-codegen

math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse is injected verbatim into a new Function body without sanitization. This allows an attacker to execute arbitrary system commands when user-controlled input reaches the...

CVE-2026-42203

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.80.5 to before version 1.83.7, the POST /prompts/test endpoint accepted user-supplied prompt templates and rendered them without sandboxing. A crafted template could run arbitrary code inside the...

EUVD-2026-28504

PromptHub is an all-in-one AI toolbox for prompt, skill, and agent management. From version 0.4.9 to before version 0.5.4, apps/web/src/routes/skills.ts exposes an authenticated endpoint POST /api/skills/fetch-remote that fetches a user-supplied URL server-side and reflects the response body up t...

SUSE CVE-2026-41650

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

PT-2026-39217

Name of the Vulnerable Software and Affected Versions Grimmory versions prior to 2.3.1 Description A stored cross-site scripting XSS issue in the browser-based EPUB reader allows an attacker to embed arbitrary JavaScript within a crafted EPUB file. When a user opens the affected book, the script...

CVE-2026-41490

Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating...

GHSA-VXRR-W42W-W76G Flight: HTTP method override enabled by default, facilitating CSRF escalation and middleware bypass

Summary Request::getMethod unconditionally honors the X-HTTP-Method-Override header and the $REQUEST'method' parameter on any HTTP verb including safe verbs such as GET, with no opt-in and no whitelist of permitted target methods. A GET request can silently become a DELETE or PUT, enabling CSRF...

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise...

CVE-2026-27644

CVE-2026-27644 affects Traccar (versions 6.11.1–6.13.0). CSV export writes position data and computed attributes without proper escaping, enabling an attacker to inject spreadsheet formulas via exported fields. When opened in spreadsheet software, this can lead to formula execution and potential ...

CVE-2026-42080

PPTAgent contains an arbitrary file write vulnerability in the component handling slide generation. Prior to commit 418491a, an attacker could write arbitrary files via save_generated_slides. The issue has been patched in commit 418491a. Impact details in the public records indicate a low to medi...

ROOT-OS-DEBIAN-12-CVE-2026-4046 CVE-2026-4046 in rootio-glibc - Patched by Root

Root has patched CVE-2026-4046 in the rootio-glibc package for Root:Debian:12. Multiple fixed versions available...

PT-2026-36588

Name of the Vulnerable Software and Affected Versions Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets versions prior to 4.2.3 Description Remote Code Execution is possible via the Display Logic feature. The issue arises because the plugin uses the eval...

GHSA-44V6-JHGM-P3M4 n8n has a Python Task Runner Sandbox Escape Vulnerability

Impact An authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. - This issue only affects instances where the Python Task Runner is enabled. Patches The issue has...