Lucene search
K

5286 matches found

Vulnrichment
Vulnrichment
added 2026/06/24 5:48 p.m.7 views

CVE-2026-44017 Docling: Unsafe Zip Extraction in EasyOCR Model Download

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the EasyOCR model download functionality extracted ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker could compromi...

7.5CVSS6.7AI score0.00478EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 5:48 p.m.29 views

CVE-2026-44017 Docling: Unsafe Zip Extraction in EasyOCR Model Download

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the EasyOCR model download functionality extracted ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker could compromi...

7.5CVSS0.00478EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 10:17 a.m.11 views

CVE-2026-11968

Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...

5.5CVSS0.00124EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 9:33 a.m.7 views

CVE-2026-11968

Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/24 9:33 a.m.9 views

EUVD-2026-38733

Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 9:33 a.m.11 views

CVE-2026-11968

CVE-2026-11968 affects TortoiseGitBlame. The issue arises from argument injection via malicious Git history filenames, enabling arbitrary file write in TortoiseGit. The provided sources describe the vulnerability name and impact but do not include concrete exploit details, affected versions, root...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-52059

Name of the Vulnerable Software and Affected Versions Jellyfin versions prior to 10.11.10 Description An argument injection issue exists in the subtitle conversion process. The function ConvertTextSubtitleToSrtInternal interpolates the subtitle file path into FFmpeg command-line arguments without...

8.8CVSS5.9AI score0.00357EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51757

Name of the Vulnerable Software and Affected Versions TortoiseGit affected versions not specified Description Argument injection is possible in TortoiseGitBlame through the use of malicious git history filenames. This flaw allows for arbitrary file write operations within TortoiseGit...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-50574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an...

9.6CVSS6.5AI score0.00406EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 5:17 p.m.5 views

CVE-2026-50574

yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On...

9.6CVSS0.00406EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 5:17 p.m.4 views

DEBIAN-CVE-2026-50574

yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On...

9.6CVSS6.5AI score0.00406EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 5:10 p.m.3 views

GHSA-C39W-43GM-34H5 Gogs has Path Traversal in organization name that results in RCE through Git hooks

Summary Organization names containing path traversal sequences ../ are accepted by Gogs, and repositories under them are written to paths following these path traversals. This allows storing/retrieving data for repositories at arbitrary locations on the filesystem. By creating nested structure of...

10CVSS6.1AI score0.01107EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/23 4:29 p.m.34 views

CVE-2026-42867 Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API POST /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are used directly to create file paths without...

6.5CVSS0.00313EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 4:9 p.m.49 views

CVE-2026-50574

CVE-2026-50574 affects yt-dlp, where using aria2c as an external downloader for fragmented manifests (HLS/DASH) allows an attacker to write arbitrary files by passing insufficiently sanitized input to aria2c. On Windows, this can cause immediate arbitrary code execution; on non-Windows, execution...

9.6CVSS6.5AI score0.00406EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/06/23 4:9 p.m.6 views

CVE-2026-50574

yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On...

9.6CVSS6.5AI score0.00406EPSS
Exploits0
CVE
CVE
added 2026/06/23 4:3 p.m.20 views

CVE-2026-12958

CVE-2026-12958 affects Language Servers for AWS due to missing symlink validation, allowing arbitrary file write outside the workspace trust boundary when a user opens a workspace containing a crafted symlink. The issue is reported across multiple sources (CVE entry, NVD, and related databases). ...

8.5CVSS6AI score0.00142EPSS
Exploits0References2
PyPA
PyPA
added 2026/06/23 1:16 p.m.8 views

PYSEC-0000-CVE-2026-56258

Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...

9.2CVSS6.4AI score0.00656EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/23 1:16 p.m.8 views

CVE-2026-56258

Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...

9.2CVSS0.00656EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 12:12 p.m.14 views

CVE-2026-56258

CVE-2026-56258 affects Crawl4AI prior to 0.8.8. An arbitrary file write exists in the screenshot and PDF endpoints via output_path, exploiting insufficient path validation and symlink following with TOCTOU. Unauthenticated remote attackers can write files outside the intended directory, potential...

9.2CVSS6.5AI score0.00656EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/23 12:12 p.m.31 views

CVE-2026-56258 Crawl4AI - Arbitrary File Write via output_path Symlink and TOCTOU

Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...

9.2CVSS0.00656EPSS
Exploits0References2
Rows per page
Query Builder