CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

696 matches found

CVE-2026-45405

Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preventing symlink traversal. GNU tar creates symlinks during extraction and follows them for subsequen...

9CVSS0.00289EPSS

Exploits0References2

ATTACKERKB•added 2 days ago•4 views

CVE-2026-45405

9CVSS5.9AI score0.00289EPSS

Exploits0References3Affected Software1

CVE•added 2 days ago•24 views

CVE-2026-44018

CVE-2026-44018 affects Docling’s METS-GBS backend. From versions 2.45.0 through 2.91.0, XML parsing and input document format detection lacked security controls, enabling crafted METS-GBS archives to read sensitive files, exhaust resources, or crash the application. The issue is fixed in 2.91.0. ...

7.1CVSS5.8AI score0.001EPSS

Exploits0References2Affected Software1

Cvelist•added 2 days ago•34 views

CVE-2026-44018 Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.45.0 until 2.91.0, the METS-GBS backend's XML parsing and the input document format detection lacked security controls. An attacker could craft malicious METS-GBS...

5.5CVSS0.001EPSS

Exploits0References2

NVD•added 3 days ago•6 views

CVE-2026-54093

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, filebrowser builds the download-as-zip / download-as-tar archive entry names with filepath.ToSlash, which on a Linux host is a no-op for...

6.8CVSS0.00189EPSS

Exploits0References1

Cvelist•added 3 days ago•26 views

CVE-2026-54093 File Browser: Path traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames

6.8CVSS0.00189EPSS

Exploits0References1

NVD•added 3 days ago•5 views

CVE-2026-48945

The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...

5.3CVSS0.00197EPSS

Exploits0References1

EUVD•added 3 days ago•4 views

EUVD-2026-39447

5.3CVSS5.9AI score0.00197EPSS

Exploits0References1

CVE•added 2026/06/17 9:45 p.m.•16 views

CVE-2026-12565

The CVE-2026-12565 entry concerns the unarchive module’s archive extraction commands, which perform no path validation and rely on external tools (notably GNU tar) whose behavior varies by platform. On systems using GNU tar < 1.34 (e.g., Ubuntu 20.04, Debian Buster, CentOS 7, and many Docker b...

5.3CVSS5.3AI score0.00208EPSS

Exploits0References1

Positive Technologies•added 2026/06/17 12:0 a.m.•17 views

PT-2026-50560

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The unarchive internal module's archive extraction commands lack code-level validation for extracted file paths. This causes the module to rely on the behavior o...

5.3CVSS5.2AI score0.00208EPSS

Exploits0References5

EUVD•added 2026/06/15 9:30 p.m.•6 views

EUVD-2026-36766

In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar1 rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file writes outside of the...

5.4AI score0.00373EPSS

Exploits0References2

RedhatCVE•added 2026/06/15 8:35 a.m.•6 views

CVE-2026-11816

A flaw was found in Keras. Attackers can exploit a path traversal vulnerability in the archive extraction utilities, specifically filtersafetarinfos and filtersafezipinfos. This occurs because the validation of archive member paths is performed against the process's current working directory CWD...

8.1CVSS7.6AI score0.0045EPSS

Exploits0References5

Github Security Blog•added 2026/06/12 9:53 p.m.•27 views

File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames

Summary filebrowser builds the download-as-zip / download-as-tar archive entry names with filepath.ToSlash, which on a Linux host is a no-op for backslashes \ is only a path separator on Windows. A file whose name contains Windows-style traversal ......\evil.txt is accepted by the resource...

6.8CVSS5.7AI score0.00189EPSS

Exploits0References4Affected Software2

Tenable Nessus•added 2026/06/12 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in keras/src/utils/fileutils.py. The functio...

8.1CVSS7.8AI score0.0045EPSS

Exploits0References3

Snyk•added 2026/06/11 3:20 p.m.•11 views

Directory Traversal

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to Directory Traversal via the filtersafetarinfos and filtersafezipinfos functions in the archive extraction utilities. An attacker can write arbitrary files outside the...

8.6CVSS6.2AI score0.0045EPSS

Exploits0References2

NVD•added 2026/06/11 2:16 p.m.•9 views

CVE-2026-11816

Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in keras/src/utils/fileutils.py. The functions filtersafetarinfos and filtersafezipinfos validate archive member paths against the process current working directory CWD instead of t...

8.1CVSS0.0045EPSS

Exploits0References2