CVE-2026-40552

mpGabinet is vulnerable to Remote Command Execution. An authorized user with access to the application and direct access to the backend database can achieve system command execution by uploading an attachment and modifying its storage path in the database to reference an attacker-controlled remot...

CVE-2026-40552

mpGabinet is vulnerable to Remote Command Execution. An authorized user with access to the application and direct access to the backend database can achieve system command execution by uploading an attachment and modifying its storage path in the database to reference an attacker-controlled remot...

CVE-2026-40552 Remote Code Execution in mpGabinet

mpGabinet is vulnerable to Remote Command Execution. An authorized user with access to the application and direct access to the backend database can achieve system command execution by uploading an attachment and modifying its storage path in the database to reference an attacker-controlled remot...

EUVD-2026-26046

mpGabinet is vulnerable to Remote Command Execution. An authorized user with access to the application and direct access to the backend database can achieve system command execution by uploading an attachment and modifying its storage path in the database to reference an attacker-controlled remot...

PT-2026-35722

Some increased actor activities are shown targeting BinSoft mpGabinet CVE-2026-40552 https://t.co/mUbccZwq7B...

CVE-2026-41370 OpenClaw < 2026.3.31 - Path Traversal via Inbound Channel Attachment Path in ACP Dispatch

OpenClaw before 2026.3.31 contains a path traversal vulnerability in ACP dispatch that allows attackers to read arbitrary files by manipulating inbound channel attachment paths. Remote attackers can bypass attachment-cache and root directory checks to access files outside intended directories...

PT-2026-33878

Name of the Vulnerable Software and Affected Versions nbconvert versions 6.5 through 7.17.0 Description The nbconvert tool converts Jupyter notebooks to various formats using Jinja templates. A path traversal issue exists where the ExtractAttachmentsPreprocessor function passes attachment filenam...

OpenClaw OS Command Injection Vulnerability (CNVD-2026-19447)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability. The vulnerability stems from an uncleared remote attachment path in the iMessage attachment staging process that contains shell metacharacters and i...

GHSA-58Q2-7R52-JQ62 OpenClaw: Path traversal via inbound channel attachment path in ACP dispatch allows arbitrary file read

Summary Path traversal via inbound channel attachment path in ACP dispatch allows arbitrary file read Current Maintainer Triage - Normalized severity: medium - Assessment: v2026.3.28 ACP dispatch still reads attachment paths outside the guarded attachment-cache or root checks, and the...

OpenClaw: Path traversal via inbound channel attachment path in ACP dispatch allows arbitrary file read

Summary Path traversal via inbound channel attachment path in ACP dispatch allows arbitrary file read Current Maintainer Triage - Normalized severity: medium - Assessment: v2026.3.28 ACP dispatch still reads attachment paths outside the guarded attachment-cache or root checks, and the...

CVE-2025-66955

Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls...

EUVD-2001-1263

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-49466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part, CVE-2025-4946...

CVE-2025-49466

aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part,...

WordPress plugin GiveWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

GHSA-HM8R-95G3-5HJ9 phpMyFAQ Stored Cross-site Scripting at File Attachments

Summary An attacker with admin privileges can upload an attachment containing JS code without extension and the application will render it as HTML which allows for XSS attacks. Details When attachments are uploaded without an extension, the application renders it as HTML by default. Therefore...

CVE-2020-28145

Arbitrary file deletion vulnerability was discovered in wuzhicms v 4.0.1 via coreframe\app\attachment\admin\index.php, which allows attackers to access sensitive information...

PT-2021-12009 · Phpmailer · Phpmailer

Name of the Vulnerable Software and Affected Versions: PHPMailer versions 6.1.8 through 6.4.0 Description: The issue allows object injection through Phar Deserialization via the addAttachment method with a UNC pathname. This is a reintroduction of an earlier problem due to an unrelated bug fix in...

CVE-2001-1282

Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information...