47 matches found
EUVD-2026-43577
Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php sanitizes the bucket name with pregreplace'/^a-zA-Z0-9-\./','', $bucket, which permits '..' and '../' sequences. The sanitized value is...
EUVD-2026-42285
SeaweedFS is a distributed storage system. Prior to 4.34, the S3 API gateway does not reject dot-dot path segments in the X-Amz-Copy-Source header used by CopyObject and UploadPartCopy, allowing an authenticated identity scoped to one bucket to read objects from other buckets through server-side...
CVE-2026-55874 SeaweedFS: Path traversal in the S3 gateway X-Amz-Copy-Source header allows cross-bucket object read
SeaweedFS is a distributed storage system. Prior to 4.34, the S3 API gateway does not reject dot-dot path segments in the X-Amz-Copy-Source header used by CopyObject and UploadPartCopy, allowing an authenticated identity scoped to one bucket to read objects from other buckets through server-side...
BIT-SEAWEEDFS-2026-54917 SeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket access
SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...
CVE-2026-50137
Budibase prior to 3.39.0 is affected by CVE-2026-50137: unauthenticated POST /api/attachments/:datasourceId/url allows anonymous callers to mint 15-minute AWS S3 pre-signed PUT URLs using the datasource’s IAM credentials, with the bucket not pinned to the datasource. The attack discloses the targ...
CVE-2026-54917 SeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket access
SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...
CVE-2026-54917
CVE-2026-54917 affects SeaweedFS prior to 4.30. The S3 gateway and Iceberg REST catalog gateway construct routers with mux.NewRouter().SkipClean(true); when path cleaning is disabled, a .. segment in URLs can survive routing (example: GET /bucket-A/../evil-bucket/key) and be parsed as a valid buc...
GHSA-G697-2XRC-GC46 amazon-braket-sdk vulnerable to Insecure Deserialization via pickle.loads()
Summary Amazon Braket SDK is an open-source Python library for interacting with the Amazon Braket quantum computing service, including managing hybrid quantum jobs and retrieving job results. An issue exists where, under certain circumstances, a remote authenticated user with S3 write access to a...
CVE-2025-10560
Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials...
GHSA-VXGG-MQX2-3W59 Apache Polaris has an Improper Input Validation Issue
Apache Polaris accepts literal characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and s3:prefix conditions. In S3 IAM policy matching, is treated as ...
PT-2026-36670
Name of the Vulnerable Software and Affected Versions Apache Polaris version 1.4.0 Description Apache Polaris fails to properly escape namespace and table identifiers when constructing Common Expression Language CEL strings for Google Cloud Storage GCS Credential Access Boundaries CAB. This allow...
CVE-2026-1612
AL-KO Robolinho Update Software has hard-coded AWS Access and Secret keys that allow anyone to access AL-KO's AWS bucket. Using the keys directly might give the attacker greater access than the app itself. Key grants AT LEAST read access to some of the objects in bucket. The vendor was notified...
CVE-2026-1612
AL-KO Robolinho Update Software has hard-coded AWS Access and Secret keys that allow anyone to access AL-KO's AWS bucket. Using the keys directly might give the attacker greater access than the app itself. Key grants AT LEAST read access to some of the objects in bucket. The vendor was notified...
CVE-2026-1612 Hard-coded AWS Key in AL-KO Robolinho Update Software
AL-KO Robolinho Update Software has hard-coded AWS Access and Secret keys that allow anyone to access AL-KO's AWS bucket. Using the keys directly might give the attacker greater access than the app itself. Key grants AT LEAST read access to some of the objects in bucket. The vendor was notified...
CVE-2026-1612 Hard-coded AWS Key in AL-KO Robolinho Update Software
AL-KO Robolinho Update Software has hard-coded AWS Access and Secret keys that allow anyone to access AL-KO's AWS bucket. Using the keys directly might give the attacker greater access than the app itself. Key grants AT LEAST read access to some of the objects in bucket. The vendor was notified...
CVE-2026-1612
AL-KO Robolinho Update Software has hard-coded AWS Access and Secret keys that allow anyone to access AL-KO's AWS bucket. Using the keys directly might give the attacker greater access than the app itself. Key grants AT LEAST read access to some of the objects in bucket. The vendor was notified...
CVE-2026-1612
AL-KO Robolinho Update Software contains hard-coded AWS Access and Secret keys that grant at least read access to objects in an AWS bucket. The vulnerability is documented for version 8.0.21.0610 as vulnerable; other versions were not tested and may also be affected. No remediation details are pr...
AL-KO Robolinho Update Software 信任管理问题漏洞
AL-KO Robolinho Update Software is a firmware update tool developed by the German company AL-KO. Version 8.0.21.0610 of AL-KO Robolinho Update Software contains a vulnerability related to trust management. This vulnerability stems from hard-coded AWS keys, which may allow unauthorized access to A...
PT-2026-29008
AL-KO Robolinho Update Software has hard-coded AWS Access and Secret keys that allow anyone to access AL-KO's AWS bucket. Using the keys directly might give the attacker greater access than the app itself. Key grants AT LEAST read access to some of the objects in bucket. The vendor was notified...
CVE-2026-32101
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in...