BIT-DJANGO-2026-25674 Potential incorrect permissions on newly created file system objects

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's...

CVE-2026-25674 Potential incorrect permissions on newly created file system objects

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's...

Deserialization of Untrusted Data

Overview langgraph-checkpoint is a library with base interfaces for LangGraph checkpoint savers. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the BaseCache class when cache backends inheriting from BaseCache are enabled, and nodes are opted into cachin...

LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution

Context A Remote Code Execution vulnerability exists in LangGraph's caching layer when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. Prior to langgraph-checkpoint 4.0.0, BaseCache defaults to JsonPlusSerializerpicklefallback=True. When...

CVE-2026-27794

A flaw was found in LangGraph Checkpoint. This vulnerability allows a remote attacker with write access to the cache backend to achieve remote code execution. This occurs when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. If msgpack...

CVE-2026-27794

LangGraph Checkpoint defines the base interface for LangGraph checkpointers. Prior to version 4.0.0, a Remote Code Execution vulnerability exists in LangGraph's caching layer when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. Prior to...

CVE-2026-27794

LangGraph CVE-2026-27794 affects the Checkpoint component prior to version 4.0.0 where the BaseCache default serializer (JsonPlusSerializer with pickle_fallback) can deserialize attacker-supplied bytes from a cache backend if the application enables caching and nodes opt into CachePolicy. An atta...

EUVD-2021-28279

Malicious code in bioql PyPI...

Secrets leakage to telemetry endpoint via cache backend configuration via buildx

...

GHSA-M4GQ-FM9H-8Q75 buildx allows a possible credential leakage to telemetry endpoint

Impact Some cache backends allow configuring their credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. If this was done by the user, these secure values could be captured together with OpenTelemetry trace as part of the arguments and flags for the...

CVE-2025-0495 Secrets leakage to telemetry endpoint via cache backend configuration via buildx

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

CVE-2025-0495 Secrets leakage to telemetry endpoint via cache backend configuration via buildx

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

PT-2025-11542 · Docker +4 · Buildx +4

Name of the Vulnerable Software and Affected Versions: Buildx versions affected versions not specified Description: The issue concerns the Buildx Docker CLI plugin, which extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values ...

Rate-limits not working on instances without configured memory cache backend

None...

Amazon Linux: Security Advisory (ALAS-2015-560)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenStack Keystone Cache Backend Information Disclosure Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration and Rackspace, Inc. in the U.S. OpenStack Keystone is one of the projects used for authentication, providing identity, token, directory, and policy services. An information disclosure...

Amazon Linux AMI : php-ZendFramework (ALAS-2014-460)

The 1 ZendLdap class in Zend before 1.12.9 and 2 Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind. CVE-2014-8088 The 1.12.9, 2.2.8, and 2.3.3 releas...