CVE-2026-53753 Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT...

pam_usb 授权问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 have a vulnerability related to authorization issues. This vulnerability stems from symbolic link attacks involving the pad directory and pad files,...

Flatpak Local Elevation of Privilege Vulnerability

Flatpak is a system for building and installing Linux desktop applications. A local elevation of privilege vulnerability exists in versions of Flatpak prior to 0.8.7. A local attacker could exploit this vulnerability to run the setuid executable...

DEBIAN-CVE-2009-1513

Buffer overflow in the PATinst function in src/loadpat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name...