110 matches found
PT-2026-22628
Name of the Vulnerable Software and Affected Versions ZimaOS version 1.5.2-beta3 Description ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application restricts file and folder creation in internal OS paths through the...
CVE-2026-21891
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...
CVE-2026-21891
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...
CVE-2026-21891 ZimaOS has Authentication Bypass via System-Level Username
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...
EUVD-2026-1670
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...
CVE-2026-21891 ZimaOS has Authentication Bypass via System-Level Username
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...
CVE-2026-21891 ZimaOS has Authentication Bypass via System-Level Username
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...
ZimaOS 安全漏洞
ZimaOS is an open source operating system project from IceWhaleTech designed to provide a lightweight, high-performance, secure operating system environment. A security vulnerability exists in ZimaOS 1.5.0 and prior versions that stems from improper password authentication and could lead to...
PT-2026-2122
Name of the Vulnerable Software and Affected Versions ZimaOS versions up to and including 1.5.0 Description ZimaOS, a fork of CasaOS, experiences an authentication bypass issue in versions up to and including 1.5.0. The application validates usernames but improperly handles password validation fo...
EUVD-2024-43401
Malicious code in bioql PyPI...
EUVD-2025-29749
Malicious code in bioql PyPI...
EUVD-2025-29750
Malicious code in bioql PyPI...
EUVD-2024-43400
Malicious code in bioql PyPI...
EUVD-2024-43135
Malicious code in bioql PyPI...
EUVD-2024-43136
Malicious code in bioql PyPI...
EUVD-2024-43399
Malicious code in bioql PyPI...
CVE-2025-58432
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and all prior versions, the /v21/files/file/uploadV2 endpoint allows file upload from ANY USER who has access to localhost. File uploads are performed AS ROOT...
CVE-2025-58431
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and earlier, the /v21/files/file/download endpoint allows file read from ANY USER who has access to localhost. File reads are performed AS ROOT...
CVE-2025-58431
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and earlier, the /v21/files/file/download endpoint allows file read from ANY USER who has access to localhost. File reads are performed AS ROOT...
CVE-2025-58432
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and all prior versions, the /v21/files/file/uploadV2 endpoint allows file upload from ANY USER who has access to localhost. File uploads are performed AS ROOT...