PaperCut NG < 25.0.11 Path Traversal (CVE-2026-6418)

The version of PaperCut NG installed on the remote Windows host is prior to 25.0.11. It is, therefore, affected by a vulnerability: - A path traversal vulnerability exists in the Shared Account Synchronization component of PaperCut NG/MF. Due to a lack of proper path validation and sanitization, ...

PaperCut MF < 25.0.11 Path Traversal (CVE-2026-6418)

The version of PaperCut MF installed on the remote Windows host is prior to 25.0.11. It is, therefore, affected by a vulnerability: - A path traversal vulnerability exists in the Shared Account Synchronization component of PaperCut NG/MF. Due to a lack of proper path validation and sanitization, ...

EUVD-2026-27233

An issue was discovered in the Shared Account Synchronization component of PaperCut MF version 25.0.4. The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validation and sanitization, an authenticated user with...

CVE-2026-6418

An issue was discovered in the Shared Account Synchronization component of PaperCut MF version 25.0.4. The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validation and sanitization, an authenticated user with...

CVE-2026-6418

PaperCut MF (version 25.0.4) Shared Account Synchronization contains a path traversal in which an authenticated administrator can specify arbitrary local file paths for account data synchronization due to insufficient path validation and sanitization. When the synchronization runs, the system par...

CVE-2026-6418 PaperCut NG/MF: Path Traversal in Shared Account Synchronization

An issue was discovered in the Shared Account Synchronization component of PaperCut MF version 25.0.4. The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validation and sanitization, an authenticated user with...

CVE-2026-6418 PaperCut NG/MF: Path Traversal in Shared Account Synchronization

An issue was discovered in the Shared Account Synchronization component of PaperCut MF version 25.0.4. The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validation and sanitization, an authenticated user with...

PT-2026-36983

Name of the Vulnerable Software and Affected Versions PaperCut MF version 25.0.4 Description An issue in the Shared Account Synchronization component allows authenticated administrative users to specify arbitrary file paths on the local file system due to insufficient path validation and...

Huawei EMUI and Huawei HarmonyOS elevation of privilege vulnerability (CNVD-2025-07822)

Huawei EMUI and Huawei HarmonyOS are both products of Huawei, a Chinese company.Huawei EMUI is a mobile operating system based on Android.Huawei HarmonyOS is an operating system... An elevation of privilege vulnerability exists in Huawei EMUI and Huawei HarmonyOS, which stems from improper...

CVE-2024-39670

Privilege escalation vulnerability in the account synchronisation module. Impact: Successful exploitation of this vulnerability will affect availability...

CVE-2024-39670

Privilege escalation vulnerability in the account synchronisation module. Impact: Successful exploitation of this vulnerability will affect availability...

CVE-2024-39670

CVE-2024-39670 is a privilege-escalation vulnerability in Huawei EMUI and Huawei HarmonyOS, stemming from improper privilege management in the account synchronization module. The weakness is reported to impact availability upon successful exploitation. Connected sources identify affected platform...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei EMUI and Huawei HarmonyOS are both products of Huawei, a Chinese company.Huawei EMUI is a mobile operating system based on Android.Huawei HarmonyOS is an operating system... An elevation of privilege vulnerability exists in Huawei EMUI and Huawei HarmonyOS, which stems from improper...

Lunary Security Breach

Lunary is a production toolkit for LLM that is open sourced by lunary. A security vulnerability exists in Lunary v1.2.11 and earlier versions that stems from allowing the creation of multiple accounts with essentially the same email address, leading to incorrect synchronization and potential...

Path Traversal

NATS nats-server is vulnerable to Path Traversal. The vulnerability is caused by a missing validation check while constructing filenames for account synchronization, which happens in the system account, allowing arbitrary file write as the user running NATS by anyone who can publish arbitrary...

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords TOTPs to the cloud. "This change means users are better protected from lockout and...