CVE-2026-49135 CodexBar < 0.32.0 Insecure Temporary File Handling in Notarization Workflow

CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the same host can read...

CVE-2026-49135

CVE-2026-49135 affects CodexBar up to version 0.31.x (before 0.32.0). The issue is insecure temporary file handling in the notarization workflow, enabling a local attacker with access to the same host to read the App Store Connect API key written to a fixed path, pre-create files or symlinks to r...

PT-2026-45558

CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the same host can read...

PT-2025-37526

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the cfg80211 subsystem related to the wext interface. Key data in wext.connect is not reset during connection attempts, potentially leading to a...