Lucene search
+L

36 matches found

OSV
OSV
added 4 days ago5 views

DEBIAN-CVE-2026-54572

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Prior to 1.74.4, with -l/--links, rclone serializes symlinks as .rclonelink text objects and recreates them on a local destination without validating the target, allowing an...

8.8CVSS6.1AI score0.00404EPSS
Exploits1References1
OSV
OSV
added 2026/06/30 10:16 p.m.4 views

DEBIAN-CVE-2026-50003

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...

9.3CVSS5.9AI score0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 6:47 p.m.27 views

CVE-2026-50548 Cursor Desktop sandbox escape via agent-controlled working directory

Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working directory. A flaw was identified in how the agent could modify the workingdirectory parameter, which could...

9.3CVSS0.00637EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/17 6:35 p.m.11 views

Apache Airflow SFTP provider: Path traversal in SFTPHook.retrieve_directory

A path traversal in the SFTP provider SFTPHook.retrievedirectory / SFTPOperatoroperation=get let a malicious or compromised remote SFTP server write files outside the configured local destination directory via crafted directory-entry names. No Airflow account is required — the attack surface is a...

9.1CVSS5.3AI score0.00626EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/06 2:54 a.m.14 views

SUSE CVE-2026-7774

tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...

7.5CVSS5.4AI score0.00622EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/25 5:45 a.m.41 views

CVE-2026-41863 LLM-influenced filename used unsanitized in Path.resolve before file write in Spring AI support for Anthropic Skills API

Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories. Affected versions: Spring AI: 1.1.0...

6.5CVSS0.00398EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/23 12:0 a.m.15 views

Directory Traversal

Overview org.springframework.ai:spring-ai-anthropic is an Anthropic models support Affected versions of this package are vulnerable to Directory Traversal via filename handling in the API support. An attacker can perform path traversal by supplying LLM-influenced filenames that are used unsanitiz...

8.7CVSS6.3AI score0.00398EPSS
Exploits0References2
CVE
CVE
added 2026/04/06 9:51 p.m.25 views

CVE-2026-35454

The CVE-2026-35454 affects coder/code-marketplace (Code Extension Marketplace) up to version 2.4.1. A Zip Slip/path-traversal vulnerability arises in the ExtractZip logic where raw zip entry names are passed to a callback that writes files via filepath.Join without boundary checks, allowing paths...

8.7CVSS6.1AI score0.00343EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/19 1:0 a.m.5 views

CVE-2026-27670

OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that allows local attackers to write files outside the intended destination directory. Attackers can exploit a time-of-check-time-of-use race between path validation and file write operations by rebinding...

5.8CVSS5.8AI score0.00081EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.7 views

PT-2026-27225

Summary ZIP extraction in OpenClaw could be raced into writing outside the intended destination directory via parent-directory symlink rebind between validation and write. Affected Packages / Versions - Package: openclaw npm - Vulnerable versions: = 2026.3.1 - Latest published vulnerable version...

8.7CVSS5.8AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.13 views

PT-2026-22744

Name of the Vulnerable Software and Affected Versions OpenViking versions prior to 0.2.1 Description The software contains a path traversal issue in the handling of .ovpack imports. This allows attackers to write files outside the intended import directory. Attackers can create malicious ZIP...

8.4CVSS6.2AI score0.00181EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.5 views

PT-2026-23534

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description The software contains a path traversal issue in sandbox skill mirroring when the skill frontmatter name parameter is used without proper sanitization during skill copying into the sandbox...

6.1CVSS5.8AI score0.00134EPSS
Exploits0References7
EUVD
EUVD
added 2026/02/26 3:23 p.m.8 views

EUVD-2026-8753

Vikunja has Path Traversal in CLI Restore...

7.2CVSS5.2AI score0.00739EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/02/03 11:57 p.m.16 views

apko has a path traversal in apko dirFS which allows filesystem writes outside base

A Path Traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatted repository could create directories or symlinks outside the intended installation root. The MkdirAll, Mkdir, and Symlink...

7.5CVSS5.4AI score0.00369EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/02/03 8:49 p.m.6 views

EUVD-2026-5156

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

7.7CVSS5.4AI score0.00464EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/26 9:2 p.m.12 views

pnpm has Windows-specific tarball Path Traversal

Summary A path traversal vulnerability in pnpm's tarball extraction allows malicious packages to write files outside the package directory on Windows. The path normalization only checks for ./ but not .. On Windows, backslashes are directory separators, enabling path traversal. This vulnerability...

6.5CVSS5.9AI score0.00433EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2025/12/17 1:28 a.m.7 views

rsync: Path traversal vulnerability in rsync

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

7.5CVSS5.9AI score0.02262EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2025/10/13 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2210)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.4CVSS6.7AI score0.01227EPSS
Exploits14References3
Vulnrichment
Vulnrichment
added 2025/09/22 8:26 p.m.3 views

CVE-2025-59532 Codex has sandbox bypass due to bug in path configuration logic

Codex CLI is a coding agent from OpenAI that runs locally. In versions 0.2.0 to 0.38.0, due to a bug in the sandbox configuration logic, Codex CLI could treat a model-generated cwd as the sandbox’s writable root, including paths outside of the folder where the user started their session. This log...

8.6CVSS6.9AI score0.00815EPSS
Exploits1References3
OSV
OSV
added 2025/08/11 1:53 p.m.11 views

BIT-LIBPYTHON-2025-4517 Arbitrary writes via tarfile realpath overflow

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...

9.4CVSS8AI score0.01227EPSS
Exploits11References13
Rows per page
Query Builder