CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/10 5:30 p.m.•14 views

CVE-2026-50567

CVE-2026-50567 affects Fission prior to 1.25.0. The vulnerability resides in Unarchive (pkg/utils/zip.go) where archive entry paths are joined with the destination path without validating that the final path stays under the destination. An attacker who can control a Package.Spec.Source.URL or Dep...

7.7CVSS5.4AI score0.00301EPSS

RedhatCVE•added 2026/06/10 8:59 a.m.•10 views

CVE-2026-49818

The Apache Airflow Samba provider's GCSToSambaOperator joined GCS object names to the SMB destination path without a containment check, so an object named with ../ segments resolved a write path outside the configured destinationpath. An attacker able to write objects into the source GCS bucket —...

6.5CVSS5.6AI score0.00726EPSS

NVD•added 2026/06/09 9:16 a.m.•9 views

CVE-2026-49818

6.5CVSS0.00726EPSS

PyPA•added 2026/06/09 9:16 a.m.•5 views

PYSEC-2026-208

6.5CVSS5.5AI score0.00726EPSS

Exploits0References3Affected Software1

OSV•added 2026/06/09 9:16 a.m.•5 views

PYSEC-2026-208

6.5CVSS5.5AI score0.00726EPSS

Vulnrichment•added 2026/06/09 7:42 a.m.•7 views

CVE-2026-49818 Apache Airflow Samba provider: Path traversal in GCSToSambaOperator via GCS object names

5.6AI score0.00726EPSS

Exploits0References2

EUVD•added 2026/06/09 7:42 a.m.•7 views

EUVD-2026-35374

6.5CVSS5.6AI score0.00726EPSS

Exploits0References2

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-47720

Name of the Vulnerable Software and Affected Versions apache-airflow-providers-samba versions prior to 4.12.6 Description The GCSToSambaOperator in the Apache Airflow Samba provider fails to perform a containment check when joining GCS object names to the SMB destination path. This allows an...

6.5CVSS5.6AI score0.00726EPSS

Exploits0References9

EUVD•added 2026/06/06 12:31 a.m.•8 views

EUVD-2026-34920

MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage download handlers where the local destination path is constructed by concatenating the configured download directory with a filename taken directly from remote cloud API metadata without basename...

8.1CVSS5.6AI score0.00469EPSS

Exploits0References4

RedhatCVE•added 2026/06/05 7:18 p.m.•7 views

CVE-2026-45663

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file upload functionality. When an authenticated user uploads a file to a container, the destinationPath parameter is not properly sanitized and is directly...

9.9CVSS5.9AI score0.00887EPSS

EUVD•added 2026/05/29 4:3 p.m.•8 views

EUVD-2026-33348

Vulnrichment•added 2026/05/29 4:3 p.m.•10 views

CVE-2026-45663 Dokploy: Remote Code Execution via destinationPath in Container File Upload

ATTACKERKB•added 2026/05/29 4:3 p.m.•7 views

CVE-2026-45663

Exploits0References2Affected Software1

CVE•added 2026/05/29 4:3 p.m.•17 views

CVE-2026-45663

Dokploy (PaaS) contains a command injection vulnerability in the Docker file upload flow prior to 0.29.1. The destinationPath parameter is not sanitized and is interpolated into a shell command, allowing an authenticated user who uploads a file to a container to inject shell metacharacters (e.g.,...

Cvelist•added 2026/05/29 4:3 p.m.•30 views

CVE-2026-45663 Dokploy: Remote Code Execution via destinationPath in Container File Upload

9.9CVSS0.00887EPSS

Positive Technologies•added 2026/05/29 12:0 a.m.•11 views

PT-2026-44904

Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.29.2 Description An authenticated user can execute arbitrary OS commands on the host system through the Docker file upload functionality. The issue occurs because the destinationPath parameter is not properly...

9.9CVSS6.2AI score0.00887EPSS