CVE-2026-54917 SeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket access

SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...

CVE-2026-54917

SeaweedFS prior to version 4.30 exposes a path traversal flaw in the S3 gateway and the Iceberg REST catalog gateway. Both gateways constructed their routers with mux.NewRouter().SkipClean(true), so with path cleaning disabled a .. segment in a URL like GET /bucket-A/../evil-bucket/key can surviv...

EUVD-2026-38823

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...

CVE-2026-56302

Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, insert, and delete stored app icons. Remote attackers can exploit this misconfiguration to delete all icons and leak sensitive app IDs and user IDs...

EUVD-2026-38749

Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, insert, and delete stored app icons. Remote attackers can exploit this misconfiguration to delete all icons and leak sensitive app IDs and user IDs...

CVE-2026-56302 Capgo - Unsecured Supabase Images Bucket via Missing Row Level Security

Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, insert, and delete stored app icons. Remote attackers can exploit this misconfiguration to delete all icons and leak sensitive app IDs and user IDs...

CVE-2026-56302

Capgo before 12.128.2 uses an unsecured Supabase images bucket with no row-level security, allowing unauthenticated read, insert, and delete operations on stored app icons. This misconfiguration enables attackers to delete all icons and leak sensitive app IDs and user IDs. The connected documents...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dma-debug: fixed a possible deadlock in radixlock. radixlock should not be held while holding dmahashentryidx.lock. Otherwise, a deadlock scenario may occur when the dma debug API is called while holding rqlock: CPU0 CPU1 CPU2...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nfconntrack: A crash occurred when attempting to remove an uninitialized entry from the hash bucket list. A crash occurred while trying to remove the conntrack entry from the hash bucket list: Exception RIP:...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: sched: Fixed out-of-bound access in uclamp. Util-clamp places tasks into different buckets based on their clamp values for performance reasons. However, the size of the buckets is currently computed using a rounding division, whi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element during updates, before locking the target hash table bucket. Immediately afterwards, the maps attempt to lock the bucke...

CVE-2025-10560

Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials...

@hulumi/baseline: AccountFoundation audit-delivery S3 bucket could be silently weakened

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-1059 Insufficient Technical Documentation / Behavioral Inconsistency Summary The S3 bucket that AccountFoundation creates to receive CloudTrail and AWS Config audit logs is meant to be tamper-resistant — if someone with...

GHSA-2MXR-P26X-MJ73 @hulumi/baseline: AccountFoundation audit-delivery S3 bucket could be silently weakened

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-1059 Insufficient Technical Documentation / Behavioral Inconsistency Summary The S3 bucket that AccountFoundation creates to receive CloudTrail and AWS Config audit logs is meant to be tamper-resistant — if someone with...

@hulumi/policies has a HULUMI-H5 bypass via decoy sibling resources targeting a different bucket

Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-284 Improper Access Control Summary HULUMI-H1 forbids raw aws:s3:Bucket outside of Hulumi's SecureBucket component, with one exemption: a raw bucket that's a child of a SecureBucket is allowed because the component is...

GHSA-9VC9-4JV3-RF86 @hulumi/policies has a HULUMI-H5 bypass via decoy sibling resources targeting a different bucket

Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-284 Improper Access Control Summary HULUMI-H1 forbids raw aws:s3:Bucket outside of Hulumi's SecureBucket component, with one exemption: a raw bucket that's a child of a SecureBucket is allowed because the component is...

PT-2026-48476

Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-284 Improper Access Control Summary HULUMI-H1 forbids raw aws:s3:Bucket outside of Hulumi's SecureBucket component, with one exemption: a raw bucket that's a child of a SecureBucket is allowed because the component is...

PT-2026-48477

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-1059 Insufficient Technical Documentation / Behavioral Inconsistency Summary The S3 bucket that AccountFoundation creates to receive CloudTrail and AWS Config audit logs is meant to be tamper-resistant — if someone with...

CVE-2026-9748

The $internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines...

UBUNTU-CVE-2026-9748

The $internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines...