Unity Linux 20.1060e / 20.1070e Security Update: containerd (UTSA-2026-017436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017436 advisory. containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root...

CVE-2026-33589

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files content from the docker container via path traversal...

CVE-2026-33588

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal...

CVE-2026-33589

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files content from the docker container via path traversal...

GHSA-3CV5-Q585-H563 Gotenberg has arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routes

Summary Six conversion routes pdfengines/merge, pdfengines/split, libreoffice/convert, chromium/convert/url, chromium/convert/html, chromium/convert/markdown accept stampSource=pdf + stampExpression=/path and watermarkSource=pdf + watermarkExpression=/path from anonymous callers. The dedicated...

Insecure File Permissions

Claude SDK for Python is vulnerable to insecure file permissions. The vulnerability is due to the memory tool creating files with mode 0o666, where the files are world‑readable on systems with a standard umask and world‑writable in environments with a permissive umask, and a local attacker on a...

Linux Distros Unpatched Vulnerability : CVE-2026-23924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.containerinfo' parameters when forwarding them to the Docker daemon. An attacker capable of...

DEBIAN-CVE-2026-23924

Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.containerinfo' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API...

PT-2026-27477

Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container info' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API...

podman: Build Context Bind Mount

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

EUVD-2020-5702

Malware in sbrugna...

EUVD-2016-0780

Malware in sbrugna...

PT-2025-39897

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 25.1.102 Vasion Print Application versions prior to 25.1.1413 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and Application deployments contain hardcoded private keys stored in clear text...

SUSE CVE-2025-4953

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

AZL-68054 CVE-2025-4953 affecting package podman for versions less than 5.6.1-2

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

CVE-2025-4953 Podman: build context bind mount

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

CVE-2025-4953

CVE-2025-4953 affects Podman builds using RUN --mount=type=bind; data written during build may persist and appear in the host build context, exposing created files. The issue is specific to Podman/bind-mmount behavior. Remediation: upgrade Podman to a version where the fix is applied (e.g., Podma...

podman: Build Context Bind Mount

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

Crafatar Path Traversal Vulnerability

Crafatar is an application from Crafatar, Inc. that provides skin-based Minecraft avatars for use by external applications. A path traversal vulnerability exists in Crafatar versions prior to 2.1.5, which stems from the fact that by default, all files within a container can be found in the...

CVE-2023-48094

A cross-site scripting XSS vulnerability in CesiumJS v1.111 allows attackers to execute arbitrary code in the context of the victim's browser via sending a crafted payload to /containerfiles/publichtml/doc/index.html. NOTE: the vendor’s position is that Apps/Sandcastle/standalone.html is part of...