CVE-2026-48768

TypeBot is a chatbot builder tool. In versions 3.16.1 and earlier, POST /api/blocks/file-input/v3/generate-upload-url is unauthenticated and uses unsanitized fileName input to construct public/ S3 object keys, while issuing presigned PUT URLs that do not bind Content-Type. As a result, any...

CVE-2026-42497

A flaw was found in perl-Archive-Tar. This vulnerability allows an attacker to craft a malicious tar archive that, when extracted, can create hardlinks to arbitrary files outside the intended extraction directory. This could lead to the modification of sensitive files on the system, potentially...

UBUNTU-CVE-2026-42497

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...

CVE-2026-42497

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...

CVE-2026-43891

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...

CVE-2026-43891

Summary: CVE-2026-43891 and related advisories describe an arbitrary local file read in changedetection.io caused by trusting attacker-controlled history.txt entries restored via crafted backups. Prior to 0.55.1, history values containing path separators are treated as filesystem paths and can re...

protobuf.js is Vulnerable to OS Command Injection in the CLI

Summary pbts invoked JSDoc by building a shell command string from input file paths and executing it through childprocess.exec. File paths containing shell metacharacters could therefore be interpreted by the shell instead of being passed to JSDoc as plain arguments. Impact An attacker who can...

PT-2026-40533

Name of the Vulnerable Software and Affected Versions protobufjs-cli versions prior to 1.2.1 protobufjs-cli versions prior to 2.0.2 Description The pbts command-line tool invokes JSDoc by constructing a shell command string from input file paths and executing it via child process.exec. File paths...

DEBIAN-CVE-2026-1462

A vulnerability in the TFSMLayer class of the keras package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of .keras models, even when safemode=True. This bypasses the security guarantees of safemode and enables arbitrary attacker-controlled...

CVE-2025-34294

Wazuh's File Integrity Monitoring FIM, when configured with automatic threat removal, contains a time-of-check/time-of-use TOCTOU race condition that can allow a local, low-privileged attacker to cause the Wazuh service running as NT AUTHORITY\SYSTEM to delete attacker-controlled files or paths...

ALPINE-CVE-2025-48385

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to...

PYSEC-2018-43

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code...

ansible: ansible.cfg is being read from current working directory allowing possible code execution

It was found that ansible.cfg is being read from the current working directory, which can be made to point to plugin or module paths that are under control of the attacker. This could allow an attacker to execute arbitrary code...

ansible: ansible.cfg is being read from current working directory allowing possible code execution

It was found that ansible.cfg is being read from the current working directory, which can be made to point to plugin or module paths that are under control of the attacker. This could allow an attacker to execute arbitrary code...