562 matches found
CVE-2026-23561
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...
EUVD-2026-42604
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...
UBUNTU-CVE-2026-12480
Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE-2026-1669. The vulnerability resides in the H5IOStore.verifydataset and fileeditor.py methods, which fail to check the dataset.isvirtual property of HDF5 datasets. This allows ...
EUVD-2026-41090
Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE-2026-1669. The vulnerability resides in the H5IOStore.verifydataset and fileeditor.py methods, which fail to check the dataset.isvirtual property of HDF5 datasets. This allows ...
CVE-2026-14122
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...
CVE-2026-48313
The CVE-2026-48313 issue affects ColdFusion versions 2025.9, 2023.20 and earlier. It describes an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability that could lead to arbitrary file system read and limited write access, allowing an attacker to access sensi...
Linux Distros Unpatched Vulnerability : CVE-2026-56876
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relative path like...
Astra Linux – Vulnerability in Chromium
Integer overflow in Codecs in Google Chrome prior to version 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 146.0.7680.153, read and write operations in WebGL in Google Chrome allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-54299
Summary of CVE-2026-54299 (Astro) : Astro SSR apps that prerender error pages (e.g., 404/500 with prerender = true) fetch those pages over HTTP using a URL derived from request.url, which is based on the Host header. If Host is not validated against allowedDomains, an attacker can direct the fetc...
CVE-2026-49356
Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is...
Astra Linux – Vulnerability in node-tar
node-tar is a fully featured Tar library for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink within the extraction directory that points to a file outside of the extraction root. This allows arbitrary file reading and writing b...
PT-2026-51123
Name of the Vulnerable Software and Affected Versions Symfony UX versions 2.32.0 through 2.36.0 Symfony UX versions 3.0.0 through 3.1.9 Description The ux:install console command installs files from a recipe kit by copying paths listed in a copy-files map. Due to improper validation in...
GHSA-P6GQ-J5CR-W38F Nodemailer: Message-level raw option bypasses disableFileAccess/disableUrlAccess, enabling arbitrary file read and full-response SSRF in the delivered message
Message-level raw option bypasses disableFileAccess / disableUrlAccess, enabling arbitrary file read and full-response SSRF in the sent message - Target: nodemailer/nodemailer, npm nodemailer v9.0.0 HEAD 4e58450eb490e5097a74b2b2cce35a8d9e21856e - Verdict: CONFIRMED local PoC, no network Summary...
CVE-2026-46393
The CVE-2026-46393 entry documents an authenticated SSRF in HAXcms createSite. In affected versions prior to 26.0.0, a malicious build.files input lets an authenticated user cause server-side requests (via file_get_contents on attacker-controlled tmp_name), enabling fetches of arbitrary internal/...
EUVD-2026-33927
Path traversal vulnerability in Gleam's handling of custom documentation pages allows arbitrary file read and file write outside the intended documentation output directory. The documentation.pages entries from gleam.toml are incorporated into filesystem paths without sufficient validation or...
CVE-2026-41009 - Local Blobstore may allow arbitrary reads/deletes | Cloud Foundry
MEDIUM CVSSv4: Medium 4.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:L CVSSv3: Medium 5.8 CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:L Vendor Cloud Foundry Foundation Versions Affected Severity is MEDIUM unless otherwise noted. BOSH Director – All versions prior to v282.1.12...
Mobile Verification Toolkit (MVT): Path Traversal via unsanitized File identifiers in iOS Backup processing
Summary The fileID field from Manifest.db a SQLite database inside iOS backups, generated by the device is used directly in filesystem path construction without validation. This affects two commands through a shared code path: - mvt-ios decrypt-backup decrypt.py: fileid is used to construct both...
WordPress Kirki – Freeform Page Builder, Website Builder & Customizer plugin <= 6.0.6 - Unauthenticated Limited Arbitrary File Read and Deletion vulnerability
Unauthenticated Limited Arbitrary File Read and Deletion vulnerability discovered by Rafie Muhammad - Awesome Motive, Inc. in WordPress Plugin Kirki – Freeform Page Builder, Website Builder & Customizer versions = 6.0.6...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...