Lucene search
K

620 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42951

Grav is a file-based Web platform. Prior to 2.0.0, an authenticated admin.super user can crash Grav or fill the disk by uploading a specially crafted ZIP archive through the Direct Install tool because Installer::unZip calls ZipArchive::extractTo without limits on uncompressed size, entry count, ...

6.9CVSS6.1AI score0.0039EPSS
Exploits1References3
CVE
CVE
added 4 days ago7 views

CVE-2026-39244

The CVE-2026-39244 entry concerns adm-zip before 0.5.18 and describes a denial-of-service vulnerability triggered by a crafted ZIP file with a manipulated uncompressed size header. The root cause is that zipEntry.js allocates memory using Buffer.alloc(_centralHeader.size) based on the uncompresse...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References3
Snyk
Snyk
added 6 days ago8 views

Directory Traversal

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Directory Traversal via path traversal in the skill archive extraction logic in SkillPromptInjectionHandler and SkillsSandboxExecutor. An authenticated user with access to...

6.8CVSS6.5AI score0.00323EPSS
Exploits0References2
NVD
NVD
added last week10 views

CVE-2026-23698

Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitrary PHP files by submitting a crafted zip archive through the ModuleManager import function, which extracts contents...

8.6CVSS0.00867EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-23698

Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitrary PHP files by submitting a crafted zip archive through the ModuleManager import function, which extracts contents...

8.6CVSS6.7AI score0.00867EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2026/06/29 7:52 a.m.5 views

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/27 1:19 p.m.12 views

CVE-2026-57453

A security vulnerability exists in the Vim text editor. If a user opens a specially crafted ZIP file in Vim, it can trick the application into running hidden, harmful commands on their computer. This specific issue is only triggered if Vim relies on PowerShell to open the ZIP file...

7.3CVSS5.8AI score0.00137EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 9:53 p.m.7 views

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

7.1CVSS6AI score0.00126EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.15 views

EulerOS Virtualization 2.13.0 : sqlite (EulerOS-SA-2026-2418)

According to the versions of the sqlite packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows...

7.5CVSS5.5AI score0.00301EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.9 views

EulerOS 2.0 SP13 : sqlite (EulerOS-SA-2026-2314)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain...

7.5CVSS5.6AI score0.00301EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/09 7:38 p.m.16 views

CVE-2026-10732

A flaw was found in the decompress package. A remote attacker can exploit this by providing a crafted ZIP archive with two entries at the same path: a symlink to an arbitrary target and a regular file. Due to microtask processing order, the file content is written through the symlink before it is...

7.5CVSS6.2AI score0.00521EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2026-2228)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain...

7.5CVSS5.6AI score0.00301EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 a.m.15 views

CVE-2026-48959

A flaw was found in perl-IO-Compress. An attacker can exploit a vulnerability in the IO::Uncompress::Unzip module's fastForward function by providing a specially crafted zip file. When a named entry is extracted, a per-byte read loop occurs, leading to CPU exhaustion. This can result in a Denial ...

7.5CVSS5.6AI score0.00373EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.9 views

CVE-2026-42886

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/backups/upload endpoint decompresses the details entry from an uploaded .audiobookshelf ZIP file entirely into memory using zip.entryData, with no limit on the decompressed size. The upload middleware als...

4.9CVSS5.5AI score0.00257EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42607

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, an authenticated user with administrative privileges can achieve Remote Code Execution RCE by uploading a specially crafted ZIP file through the "Direct Install" tool. While the system attempts to block direct .php file uploads, it fails t...

9.1CVSS6.1AI score0.03934EPSS
Exploits4References1
RedHat Linux
RedHat Linux
added 2026/06/03 3:2 p.m.10 views

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References5
NVD
NVD
added 2026/05/29 4:16 p.m.19 views

CVE-2026-39276

The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive containing directory traversal sequences in filenames, an attacker can overwrite default template files or...

7.2CVSS0.00782EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in unzip

A flaw was discovered in unzip. The vulnerability arises from improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to submit a specially crafted zip file, resulting in a crash or code execution...

3.3CVSS6.2AI score0.0057EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 2:30 p.m.8 views

CVE-2026-41937

Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows superadmin users to execute arbitrary PHP code by uploading a malicious plugin ZIP file. Attackers can craft a ZIP containing a plugin.php with a valid Slug header and a...

8.6CVSS6.2AI score0.00403EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 7:54 p.m.12 views

EUVD-2026-29209

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/backups/upload endpoint decompresses the details entry from an uploaded .audiobookshelf ZIP file entirely into memory using zip.entryData, with no limit on the decompressed size. The upload middleware als...

4.9CVSS5.8AI score0.00257EPSS
Exploits0References1
Rows per page
Query Builder