Lucene search
K

39 matches found

NVD
NVD
added 2026/06/18 12:16 a.m.12 views

CVE-2026-48768

TypeBot is a chatbot builder tool. In versions 3.16.1 and earlier, POST /api/blocks/file-input/v3/generate-upload-url is unauthenticated and uses unsanitized fileName input to construct public/ S3 object keys, while issuing presigned PUT URLs that do not bind Content-Type. As a result, any...

9.3CVSS0.00268EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 10:16 a.m.17 views

CVE-2026-11853

Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine accepted arbitrary fully...

6.5CVSS0.00269EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 9:10 a.m.26 views

CVE-2026-11853

CVE-2026-11853 affects Debusine. The vulnerability arises in the parser for Debian source packages (.dsc) and upload artifacts (.changes), where it accepts arbitrary fully user-controlled paths. The mergeuploads task could be exploited to create arbitrary symbolic links on a worker, overwriting a...

6.5CVSS5.7AI score0.00269EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/10 9:10 a.m.9 views

CVE-2026-11853

Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine accepted arbitrary fully...

6.5CVSS5.7AI score0.00269EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.9 views

CVE-2026-42497

A flaw was found in perl-Archive-Tar. This vulnerability allows an attacker to craft a malicious tar archive that, when extracted, can create hardlinks to arbitrary files outside the intended extraction directory. This could lead to the modification of sensitive files on the system, potentially...

7.5CVSS5.5AI score0.00417EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/28 8:13 p.m.12 views

CVE-2026-44837

viewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file path with File.realpath, then checks whether the resolved path starts with the temp directory path...

7.5CVSS5.8AI score0.00412EPSS
Exploits1References1
OSV
OSV
added 2026/05/26 2:16 a.m.6 views

UBUNTU-CVE-2026-42497

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...

7.5CVSS5.8AI score0.0043EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.16 views

CVE-2026-42497

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...

7.5CVSS5.8AI score0.0043EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:56 p.m.10 views

CVE-2026-43891

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...

7.5CVSS5.8AI score0.00354EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/05/12 4:56 p.m.23 views

CVE-2026-43891

Summary: CVE-2026-43891 and related advisories describe an arbitrary local file read in changedetection.io caused by trusting attacker-controlled history.txt entries restored via crafted backups. Prior to 0.55.1, history values containing path separators are treated as filesystem paths and can re...

7.5CVSS5.8AI score0.00354EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/12 2:59 p.m.15 views

protobuf.js is Vulnerable to OS Command Injection in the CLI

Summary pbts invoked JSDoc by building a shell command string from input file paths and executing it through childprocess.exec. File paths containing shell metacharacters could therefore be interpreted by the shell instead of being passed to JSDoc as plain arguments. Impact An attacker who can...

7.8CVSS6AI score0.00132EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-40533

Name of the Vulnerable Software and Affected Versions protobufjs-cli versions prior to 1.2.1 protobufjs-cli versions prior to 2.0.2 Description The pbts command-line tool invokes JSDoc by constructing a shell command string from input file paths and executing it via child process.exec. File paths...

7.8CVSS6.1AI score0.00132EPSS
Exploits0References6
OSV
OSV
added 2026/04/13 3:17 p.m.3 views

DEBIAN-CVE-2026-1462

A vulnerability in the TFSMLayer class of the keras package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of .keras models, even when safemode=True. This bypasses the security guarantees of safemode and enables arbitrary attacker-controlled...

7.8CVSS8.7AI score0.00328EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/03/28 5:6 p.m.13 views

arkadiyt-projects: Path Traversal in writeFile via Unsafe Prefix Containment Check Allows Out-of-Directory Writes

A path traversal vulnerability was discovered in the protodump tool. The vulnerability allowed an attacker to influence the output filename construction and bypass the containment check, enabling writes outside the intended output directory. The vulnerability was caused by the use of...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/01/27 7:37 p.m.23 views

CVE-2026-24473 Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter)

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, Serve static Middleware for the Cloudflare Workers adapter contains an information disclosure vulnerability that may allow attackers to read arbitrary keys from the Workers environment...

6.3CVSS0.00419EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.5 views

Smb4K 安全漏洞

Smb4K is a KDE open source online neighborhood browser. A security vulnerability exists in Smb4K versions prior to 4.0.5 that originates from external control of filenames or paths and could lead to a local user performing a local root attack...

7.3CVSS6.1AI score0.00111EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/20 8:1 p.m.3 views

CVE-2025-34290 Versa SASE Client for Windows < 7.9.5 Arbitrary Folder Deletion Leading to Local Privilege Escalation

Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating...

8.5CVSS6.6AI score0.00095EPSS
Exploits0References2
NVD
NVD
added 2025/12/15 7:16 p.m.5 views

CVE-2025-65213

MooreThreads torchmusa through all versions contains an unsafe deserialization vulnerability in torchmusa.utils.comparetool. The compareforsingleop and naninftrackforsingleop functions use pickle.load on user-controlled file paths without validation, allowing arbitrary code execution. An attacker...

9.8CVSS0.00619EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/29 4:4 p.m.6 views

CVE-2025-34294

Wazuh's File Integrity Monitoring FIM, when configured with automatic threat removal, contains a time-of-check/time-of-use TOCTOU race condition that can allow a local, low-privileged attacker to cause the Wazuh service running as NT AUTHORITY\SYSTEM to delete attacker-controlled files or paths...

7.1CVSS6.8AI score0.00016EPSS
Exploits0References1
Veracode
Veracode
added 2025/10/16 7:7 a.m.6 views

Path Traversal

monai is vulnerable to Path Traversal Zip Slip. The vulnerability is due to extracting user-controlled paths without sanitization, an attacker can supply a crafted or downloadable ZIP to overwrite system files or drop malicious code...

8.8CVSS6.9AI score0.00568EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder