UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

Docker: Race condition in docker cp allows bind mount redirection to host path

Summary A race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. Details When copying files into a container, the daemon sets up a temporary filesystem vie...

Arbitrary Code Injection

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Arbitrary Code Injection via the calculation parameter in the V1 Views API, which is interpolated directly into a CouchDB reduce function without validation. An attacker can execute arbitrary...

GHSA-X86F-5XW2-FM2R Docker: `PUT /containers/{id}/archive` executes container binary on the host

Summary When a user uploads a compressed archive into a container, a malicious image can execute arbitrary code with daemon host root privileges. Details When handling PUT /containers/id/archive requests with compressed archives, the daemon decompresses them using external system binaries. Due to...

Access Control Bypass

Overview sulu/sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Affected versions of this package are vulnerable to Access Control Bypass in the users endpoint controller, which exposes the apiKey field to logged-in users who have permission for...

GHSA-7FV8-6PP7-6H85 Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens

Impact The password reset tokenand API key generation uses a weak cryptographical hash algorithm. Patches Fixed in 2.6.23 and 3.0.6 version. Workarounds Patch the related User.php and ResettingController.php file in the SecurityBundle...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview org.asynchttpclient:async-http-client is a maven plugin for the Async Http Client AHC classes. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the propagatedHeaders method during cross-origin redirects,...

CVE-2026-44570

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were inconsistent, resulting in the ability of a standard user to delete, restore, and view the contents of other users' memories...

CVE-2026-41948 Dify v1.14.1 Path Traversal via Plugin Daemon Internal API Access

Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencod...

EUVD-2026-30771

Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencod...

CVE-2026-41948

Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencod...

jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the post update and patch API endpoints. An attacker can modify existing posts despite lacking posting privileges by sending crafted API requests. Remediation Upgrade...

CVE-2026-28732

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate existing system or custom slash...

Malicious code in validate-api-key (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73c2249a9b57bfab0277840b52fc1774c096dd7c3022b9bd0d0ae5cfeda0b14c The package validate-api-key was found to contain malicious code. Source: ghsa-malware db221657101473a5da0e59194e2ba30d99b576faae8b3e7ff21c5d68b83ff1...

Malicious Package

Overview validate-api-key is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-3828 Malicious code in validate-api-key (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73c2249a9b57bfab0277840b52fc1774c096dd7c3022b9bd0d0ae5cfeda0b14c The package validate-api-key was found to contain malicious code. Source: ghsa-malware db221657101473a5da0e59194e2ba30d99b576faae8b3e7ff21c5d68b83ff1...

EUVD-2026-30760

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate existing system or custom slash...

CVE-2026-6341

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

CVE-2026-2325

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 fail to limit the size of the request body on the start meeting API endpoint, which allows an authenticated attacker to cause resource exhaustion or denial of service via a crafted oversized HTTP POST request to...