Lucene search
+L

413 matches found

NVD
NVD
added 2026/04/09 9:16 p.m.14 views

CVE-2026-35206

Helm is a package manager for Charts for Kubernetes. In Helm versions =3.20.1 and =4.1.3, a specially crafted Chart will cause helm pull --untar chart URL | repo/chartname to write the Chart's contents to the immediate output directory as defaulted to the current working directory; or as given by...

4.8CVSS0.00199EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/02 4:56 p.m.3 views

CVE-2026-5271

pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...

7.8CVSS5.8AI score0.00173EPSS
Exploits1References1
NVD
NVD
added 2026/04/01 2:16 p.m.15 views

CVE-2026-5271

pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...

7.8CVSS0.00173EPSS
Exploits1References2
CVE
CVE
added 2026/04/01 1:48 p.m.39 views

CVE-2026-5271

CVE-2026-5271 concerns the Python tool pymanager, where the current working directory is added to sys.path. The underlying issue is that modules in the attacker-controlled directory can shadow intended packages, enabling a malicious module to be imported and executed when pymanager-generated comm...

7.8CVSS5.8AI score0.00173EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/04/01 1:48 p.m.29 views

CVE-2026-5271 Possible to hijack modules in current working directory

pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...

5.6CVSS0.00173EPSS
Exploits1References1
OSV
OSV
added 2026/04/01 1:48 p.m.4 views

CVE-2026-5271 Possible to hijack modules in current working directory

pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...

5.6CVSS5.9AI score0.00173EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/01 12:2 a.m.13 views

OpenClaw has a CWD `.env` environment variable injection which bypasses host-env policy and allows config takeover

Summary OpenClaw loaded the current working directory .env before trusted state-dir configuration, allowing untrusted workspace state to inject host environment values. Impact A repository or workspace containing a malicious .env file could override runtime configuration and security-sensitive...

8.6CVSS5.9AI score0.0013EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.9 views

Python Install Manager 安全漏洞

Python Install Manager is an open-source installation management tool for Python. Python Install Manager has a security vulnerability that stems from including the current working directory in the sys.path, which may allow malicious modules to be imported from a directory controlled by the attack...

7.8CVSS5.8AI score0.00173EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/26 9:30 a.m.7 views

EUVD-2026-16125

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

8.4CVSS7.3AI score0.00175EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/26 6:54 a.m.3 views

CVE-2026-28760

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

8.4CVSS7.3AI score0.00175EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/26 6:54 a.m.42 views

CVE-2026-28760

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

8.4CVSS0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/26 6:54 a.m.3 views

CVE-2026-28760

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

8.4CVSS6AI score0.00175EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/03/26 6:54 a.m.15 views

CVE-2026-28760

The vulnerability CVE-2026-28760 affects RATOC RAID Monitoring Manager for Windows. The installer loads DLLs by searching the current directory, enabling a user-directed crafted DLL to be loaded during installation, which may allow arbitrary code execution with administrator privileges. The issue...

8.4CVSS7.3AI score0.00175EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.8 views

PT-2026-28221

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

8.4CVSS6AI score0.00175EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 9:3 a.m.12 views

Malicious code in @cloudsop/hmoment (npm)

Malicious package due to suspicious install script attempting to require the current directory and low project popularity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad95ef51ef99f49ca08b99a81d6a18ecb75dafb1dad2afc2bca687f221ef95dc The package...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/03/24 9:3 a.m.9 views

MAL-2026-2408 Malicious code in @cloudsop/hmoment (npm)

Malicious package due to suspicious install script attempting to require the current directory and low project popularity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad95ef51ef99f49ca08b99a81d6a18ecb75dafb1dad2afc2bca687f221ef95dc The package...

5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/21 12:42 a.m.6 views

CVE-2026-32043

OpenClaw versions prior to 2026.2.25 contain a time-of-check-time-of-use vulnerability in approval-bound system.run execution where the cwd parameter is validated at approval time but resolved at execution time. Attackers can retarget a symlinked cwd between approval and execution to bypass comma...

6.5CVSS6.3AI score0.00099EPSS
Exploits0References4
CVE
CVE
added 2026/03/18 1:34 a.m.24 views

CVE-2026-27545

OpenClaw is affected in versions prior to 2026.2.26. The issue is an approval bypass in system.run execution, where an attacker can rebinding writable parent symlinks in the current working directory after approval to modify the effective target path while the visible CWD remains unchanged. The r...

6.9CVSS6.1AI score0.00095EPSS
Exploits0References7Affected Software1
Snyk
Snyk
added 2026/02/18 10:42 p.m.5 views

Arbitrary Command Injection

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Arbitrary Command Injection due to embedding the current working directory path into LLM prompts without sanitization. An attacker can manipulate agent behavior or cause disclosure of...

8.6CVSS5.7AI score0.00205EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/17 9:32 a.m.3 views

nodejs: Nodejs file permissions bypass

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

9.1CVSS5.9AI score0.01633EPSS
Exploits2References5
Rows per page
Query Builder