EUVD-2026-24085

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...

CVE-2026-32147

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...

CVE-2026-32147 SFTP chroot bypass via path traversal in SSH_FXP_FSETSTAT

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...

CVE-2026-32147

Technical details about affected products/versions and remediation are not provided in the supplied documents; monitor for updates.

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010743)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010743 advisory. In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. Tenable has extracted the precedin...

CVE-2026-29644

XiangShan open-source high-performance RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 2024-11-28 has improper gating of its distributed CSR write-enable path, allowing illegal CSR write attempts to alter custom PMA Physical Memory Attribute CSR state. Though the RISC-V privilege...

CVE-2026-29644

XiangShan open-source high-performance RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 2024-11-28 has improper gating of its distributed CSR write-enable path, allowing illegal CSR write attempts to alter custom PMA Physical Memory Attribute CSR state. Though the RISC-V privilege...

CVE-2026-29644

XiangShan open-source high-performance RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 2024-11-28 has improper gating of its distributed CSR write-enable path, allowing illegal CSR write attempts to alter custom PMA Physical Memory Attribute CSR state. Though the RISC-V privilege...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the linkify function in app/Misc/Helper.php, which...

CVE-2026-29644

CVE-2026-29644 concerns XiangShan, an open-source high-performance RISC-V processor. The issue arises from improper gating of the distributed CSR write-enable path in the commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28), which can allow illegal CSR write attempts to alter the custom P...

Coturn 安全漏洞

Coturn is an open-source implementation of TURN TURN VoIP Media Services NAT Traversal Server and Gateway and STUN Simple Transfer of User Datagram Protocol Network Address Translators Servers. Versions prior to Coturn 4.10.0 contained security vulnerabilities. These vulnerabilities stemmed from...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007013)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007013 advisory. In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specifi...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010870)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010870 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Panic on bad configs that VE on private memory access All normal kernel memory is TDX...

CVE-2026-40479

Kimai is an open-source time tracking application. In versions 1.16.3 through 2.52.0, the escapeForHtml function in KimaiEscape.js does not escape double quote or single quote characters. When a user's profile alias is inserted into an HTML attribute context via the team member form prototype and...

CVE-2026-40259

SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id directly to a model...

EUVD-2026-23652

The Flipbox Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Flipbox widget's button URL customattributes field in all versions up to, and including, 2.1.1 due to insufficient validation of custom attribute names. Specifically, the plugin uses eschtml ...

CVE-2026-40479

Kimai is an open-source time tracking application. In versions 1.16.3 through 2.52.0, the escapeForHtml function in KimaiEscape.js does not escape double quote or single quote characters. When a user's profile alias is inserted into an HTML attribute context via the team member form prototype and...

CVE-2026-40479 Kimai: Stored XSS via Incomplete HTML Attribute Escaping in Team Member Widget

Kimai is an open-source time tracking application. In versions 1.16.3 through 2.52.0, the escapeForHtml function in KimaiEscape.js does not escape double quote or single quote characters. When a user's profile alias is inserted into an HTML attribute context via the team member form prototype and...

CVE-2026-40479

CVE-2026-40479 (Kimai) : Concrete details across multiple sources show a stored XSS vulnerability caused by an incomplete escape in the client-side escapeForHtml() in KimaiEscape.js. Affected versions are 1.16.3 through 2.52.0; the issue arises when a user-controlled profile alias is injected int...

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to openid4java

Summary IBM webMethods BPM uses openid4java to implement OpenID-based authentication Vulnerability Details CVEID:CVE-2011-4314 DESCRIPTION: message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before...