CVE-2026-40342

A flaw was found in Firebird, an open-source relational database management system. An authenticated user with CREATE FUNCTION privileges can exploit a path traversal vulnerability in the external engine plugin loader. This allows an attacker to use a crafted engine name to load an arbitrary shar...

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the createuploadfile function. An attacker can upload arbitrary files by sending crafted requests to the affected API endpoint. Remediation Upgrade langflow-base to version 0.8.0 or higher. References - GitHub...

Langflow: DoS Through Lack of File Size Restriction via Deprecated Unauthenticated File Upload API

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...

CVE-2026-6596

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...

CVE-2026-6598

A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function createproject/encryptauthsettings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument authsetting...

CVE-2026-6596 langflow-ai langflow API Endpoint endpoints.py create_upload_file unrestricted upload

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...

CVE-2026-6596

LangFlow (langflow-ai) up to version 1.1.0 has a vulnerability in the API endpoint, specifically in create_upload_file (src/backend/base/Langflow/api/v1/endpoints.py). The flaw allows unrestricted file uploads and can be exploited remotely. Exploitation is supported by public disclosures; multipl...

CVE-2026-6596

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...

EUVD-2026-23731

A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function createoriginonlymiddleware of the file server.py. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The...

Langflow 安全漏洞

Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Versions of Langflow 1.8.3 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the functions createproject and...

CVE-2026-40350

CVE-2026-40350 affects Movary (self-hosted movie tracking app). Before v0.71.1, an ordinary authenticated user can access the user-management endpoints at /settings/users due to missing admin-only middleware and a broken controller authorization check, enabling enumeration of all users and creati...

OpenClaw: Discord event cover images bypassed sandbox media normalization

Summary Discord event cover images bypassed sandbox media normalization. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.7 = 2026.4.10 Impact Discord event cover image parameters could bypass the sandbox media normalization path used for outbound...

GHSA-3PRP-9GF7-4RXX Flowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)

Summary A Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated users to control the primary key id and internal state fields of DocumentStore entities. Because the service uses repository.save with a client-supplied primary key, the POST create endpoint behave...

CVE-2026-40342

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE...

CVE-2026-40342 Firebird: Path Traversal + Arbitrary File Write Leads to Remote Code Execution

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE...

[SECURITY] Fedora 43 Update: buildah-1.43.1-1.fc43

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007534)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007534 advisory. In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007550 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsicoexattach The coexcb needs to be freed when rsicreatekthread...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007524)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007524 advisory. In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007409 advisory. In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocate...