Anthropic Claude Code < 2.1.64 Sandbox Escape via Symlink Following (CVE-2026-39861)

The version of Anthropic Claude Code installed on the remote host is prior to 2.1.64. It is, therefore, affected by a sandbox escape vulnerability. - Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. When Claude Code...

CVE-2026-31879 Frappe Workspace modification and stored XSS due to improper resource ownership checks

Frappe is a full-stack web application framework. Prior to 14.100.2, 15.101.0, and 16.10.0, due to a lack of validation and improper permission checks, users could modify other user's private workspaces. Specially crafted requests could lead to stored XSS here. This vulnerability is fixed in...

PT-2026-24826

A weakness has been identified in OpenBMB XAgent 1.0.0. Affected by this vulnerability is the function workspace of the file XAgentServer/application/routers/workspace.py. This manipulation of the argument file name causes path traversal. The attack may be initiated remotely. The exploit has been...

Exploit for CVE-2025-62376

CVE-2025-62376: Local Privilege Escalation Exploit for Sudo...

EUVD-2019-12374

Malware in sbrugna...

EUVD-2014-8487

Malware in sbrugna...

EUVD-2013-4060

Malware in sbrugna...

@aws/nx-plugin (>=0.21.0 <=0.51.4), @caliobase/caliobase-nx (>=0.3.53 <=0.3.54) +69 more potentially affected by CVE-2025-10894 via @nx/workspace (>=21.0.0-beta.0 <=21.5.0-canary.20250904-2c678a1)

@nx/workspace NPM version =21.0.0-beta.0, =0.21.0, =0.3.53, =1.1.1, =2.1.1, =2.1.1, =2.1.1, =2.1.1, =0.0.1, =0.0.3, =0.0.1, =0.0.3, =0.0.3, =0.3.3 and more Source cves: CVE-2025-10894 Source advisory: OSV:MAL-2025-41442...

Dust: User Limit Bypass via Pending Invitations in Workspace System

The platform's workspace user limit was found to be vulnerable to bypass through the use of pending invitations. Users were able to join a workspace by signing up with an invited email, even after the workspace had reached its user limit for the current subscription tier. This allowed an unlimite...

KDE Workspace Path Traversal Vulnerability

KDE Workspace is a virtual desktop tool from the KDE community. A path traversal vulnerability exists in KDE Workspace 5.93.0 and earlier versions, which stems from a path traversal vulnerability in the component /calendar/eventpluginsmanager.cpp...

Oracle Hyperion 安全漏洞

Oracle Hyperion is the United States Oracle Oracle company's set of financial modeling applications. The software provides financial closure, report creation, and other functions. A security vulnerability exists in Oracle Hyperion's Oracle Hyperion Workspace product, which arises from a...

IBM Planning Analytics 代码问题漏洞

IBM Planning Analytics is a business planning and analysis solution from IBM Corporation. Planning Analytics Workspace is the Web management interface for IBM Planning Analytics. IBM Planning Analytics Workspace version 2.0 contains a file upload vulnerability that stems from a failure to Validat...

IBM Planning Analytics 信息泄露漏洞

IBM Planning Analytics is a suite of business planning and analytics solutions from IBM USA. The solution supports automated execution of processes such as business planning, budgeting and analysis. An information disclosure vulnerability exists in IBM Planning Analytics Workspace that allows a...

Oracle Hyperion Unspecified Vulnerability in Oracle Hyperion Financial Reporting Component

Oracle Hyperion is the United States Oracle Oracle company's set of financial modeling applications, it provides financial results, report production and other functions.Oracle Hyperion Financial Reporting is one of the financial statement management component. An unspecified vulnerability exists...

Design/Logic Flaw

TYPO3 Neos 1.1.x before 1.1.3 and 1.2.x before 1.2.3 allows remote editors to access, create, and modify content nodes in the workspace of other editors via unspecified vectors...