CVE-2026-56447 MISP remote code execution via arbitrary rdkafka configuration path

MISP allowed an authenticated site administrator to set the Kafkardkafkaconfig setting to an arbitrary filesystem path. MISP subsequently parsed the referenced INI file and passed its options to rdkafka. A crafted attacker-controlled configuration file could use rdkafka options such as...

EUVD-2026-36038

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a configfilename form field that is passed straight through to configmod.masterslaveuploadandrestart... as the destination path. The validation chai...

GHSA-XM76-R88J-VM3G Automad has Broken Access Control: Unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpoint

Summary A Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcrypt password hash of every administrator account with a single POST request. The /api/user-collection/create-first-user setup endpoint remains publicly accessible once initial configuration is...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/user-collection/create-first-user endpoint, which remains publicly accessible after initial setup. An attacker can obtain bcrypt password hashes of all administrator accounts and...

SUSE CVE-2022-32223

Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine: OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf”...

PT-2026-44152

Name of the Vulnerable Software and Affected Versions Automad versions 2.0.0-alpha.1 through 2.0.0-beta.27 Description A broken access control issue allows an unauthenticated attacker to retrieve the bcrypt password hashes of all administrator accounts via a single POST request. The setup endpoin...

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the adapterConfig.instructionsFilePath configuration field, which is processed by the server during agent execution. An attacker can access sensitive files on the host filesystem by supplying...

OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients

Summary Before OpenClaw 2026.4.2, the Gateway connect success snapshot exposed local configPath and stateDir metadata to non-admin clients. Low-privilege authenticated clients could learn host filesystem layout and deployment details that were not needed for their role. Impact A non-admin client...

EUVD-2026-19170

A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the component HTTP Interface. The manipulation of the argument configpath results in os command injection. Attacking locally is a requirement...

PT-2026-26555

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=update interface png. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...

GHSA-WW6V-V748-X7G9 OpenClaw has a sandbox network isolation bypass via docker.network=container:<id>

Summary In [email protected], sandbox network hardening blocks network=host but still allows network=container:. This can let a sandbox join another container's network namespace and reach services available in that namespace. Preconditions and Trust Model Context This issue requires a...

CVE-2019-25365

CVE-2019-25365 affects ChaosPro 2.0. The vulnerability is a buffer overflow in the configuration file path handling that can overwrite the Structured Exception Handler, enabling remote code execution on vulnerable Windows XP systems. Attack requires crafting a malicious configuration file; CVSS d...

CVE-2019-25365 ChaosPro 2.0 - Buffer Overflow

ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious configuration file with carefully constructed payload to overwrite memory...

PT-2026-25847

Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.2 Description Glances is a system cross-platform monitoring tool. The application exposes sensitive information through unauthenticated API endpoints. Specifically, the /api/v4/args and /api/v4/args/item endpoints...

CVE-2025-14406

Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Soda PDF Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system...

EUVD-2019-6949

Malware in sbrugna...

CVE-2025-34234

Summary: CVE-2025-34234 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.1.102 and Application prior to 25.1.1413. Two hardcoded private keys are shipped inside application containers (printerlogic/pi, printerlogic/printer-admin-api, printercloud/pi) and stored in p...

i-Educar 代码注入漏洞

i-Educar is a free educational software from Portábilis Open Source. A code injection vulnerability exists in i-Educar 2.10 and earlier versions, which stems from misuse of the parameter tipoacao in the file /module/Configuracao/ConfiguracaoMovimentoGeral, and could lead to a cross-site scripting...

Linux Distros Unpatched Vulnerability : CVE-2024-45405

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gix-path is a crate of the gitoxide project an implementation of git written in Rust dealing paths and their conversions. Prior to version 0.10.11, gix-path run...

CVE-2025-9151

A security flaw has been discovered in LiuYuYang01 ThriveX-Blog up to 3.1.7. Affected by this vulnerability is the function updateJsonValueByName of the file /webconfig/json/name/web. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The...