Lucene search
K

1686 matches found

RedhatCVE
RedhatCVE
added 2026/04/01 11:0 p.m.8 views

CVE-2026-34450

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and...

4.8CVSS5.8AI score0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/04/01 9:15 p.m.2 views

GHSA-Q5F5-3GJM-7MFM Claude SDK for Python has Insecure Default File Permissions in Local Filesystem Memory Tool

The local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and world-writable in environments with a permissive umask such as many Docker base images. A local attacker on a shared host could read...

4.8CVSS5.9AI score0.00122EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/01 9:15 p.m.7 views

Claude SDK for Python has Insecure Default File Permissions in Local Filesystem Memory Tool

The local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and world-writable in environments with a permissive umask such as many Docker base images. A local attacker on a shared host could read...

4.8CVSS5.9AI score0.00122EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/03/31 10:16 p.m.7 views

CVE-2026-34450

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and...

4.8CVSS0.00122EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/31 9:32 p.m.6 views

CVE-2026-34450 Claude SDK for Python: Insecure Default File Permissions in Local Filesystem Memory Tool

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and...

4.8CVSS5.8AI score0.00122EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 9:32 p.m.8 views

CVE-2026-34450

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and...

4.8CVSS5.8AI score0.00122EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/31 9:32 p.m.31 views

CVE-2026-34450 Claude SDK for Python: Insecure Default File Permissions in Local Filesystem Memory Tool

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and...

4.8CVSS0.00122EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.3 views

PT-2026-29378

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and...

4.8CVSS5.8AI score0.00122EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/18 4:9 p.m.29 views

Capgo CLI: symlink-following local secret writes enable arbitrary file overwrite + world-readable credentials (0600 missing)

Summary The Capgo CLI writes sensitive local files .capgo API key file and build credentials JSON using unsafe file operations that follow symlinks and do not enforce safe permissions. This allows an attacker-controlled repository to cause arbitrary file overwrite on the developer’s machine when...

5.9AI score
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.5 views

EulerOS Virtualization 2.12.1 : libvirt (EulerOS-SA-2026-1470)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was perform...

5.5CVSS5.9AI score0.00204EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.3 views

EulerOS Virtualization 2.12.0 : libvirt (EulerOS-SA-2026-1527)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was perform...

5.5CVSS5.9AI score0.00204EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/06 7:52 a.m.4 views

CVE-2026-29128

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...

10CVSS5.9AI score0.00277EPSS
Exploits1References1
CVE
CVE
added 2026/03/05 4:4 p.m.32 views

CVE-2026-30785

RustDesk Client (through version 1.4.5) is affected by CVE-2026-30785 due to a vulnerability described as Prototype Pollution and weak password hashing in the password_security, config, and machine-uid-related code paths (hbb_common and related modules). The issue can allow Retrieve Embedded Sens...

8.2CVSS6AI score0.00083EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/03/05 6:30 a.m.5 views

EUVD-2026-9789

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...

8.6CVSS6AI score0.00277EPSS
Exploits1References2
NVD
NVD
added 2026/03/05 6:16 a.m.5 views

CVE-2026-29128

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...

10CVSS0.00277EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:12 a.m.3 views

CVE-2026-29128

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...

8.6CVSS6AI score0.00277EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/05 5:12 a.m.3 views

CVE-2026-29128 IDC SFX2100 Satellite Receiver bgpd/ospfd/ripd/zebra Config Credential Disclosure via World-Readable Files

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...

8.6CVSS6AI score0.00277EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/05 5:12 a.m.30 views

CVE-2026-29128 IDC SFX2100 Satellite Receiver bgpd/ospfd/ripd/zebra Config Credential Disclosure via World-Readable Files

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components e.g., zebra, bgpd, ospfd, and ripd that are owned by root but world-readable. The configuration files e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf contain hardcoded or otherwise...

8.6CVSS0.00277EPSS
Exploits1References1
CVE
CVE
added 2026/03/05 5:12 a.m.13 views

CVE-2026-29128

The CVE-2026-29128 entry affects IDC SFX2100 Satellite Receiver firmware. Daemon configuration files (zebra.conf, bgpd.conf, ospfd.conf, ripd.conf) are owned by root but world-readable, containing hardcoded or insecure plaintext passwords (including enable/privileged credentials). A remote attack...

10CVSS6AI score0.00277EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.3 views

PT-2026-23134

Name of the Vulnerable Software and Affected Versions IDC SFX2100 Satellite Receiver affected versions not specified Description The IDC SFX2100 Satellite Receiver firmware includes daemon configuration files zebra, bgpd, ospfd, and ripd owned by root but accessible to all users. These files...

8.6CVSS5.8AI score0.00277EPSS
Exploits1References6
Rows per page
Query Builder