Improper Directory Validation

@anthropic-ai/claude-code is vulnerable to improper directory validation. The vulnerability is due to insufficient validation of directory changes when using the cd command with write operations, which allows an attacker to navigate into protected folders e.g., .claude and create or modify files...

CVE-2026-25121

The CVE-2026-25121 entry concerns a path traversal in apko’s dirFS (package apko) where MkdirAll, Mkdir, and Symlink in rwosfs.go use filepath.Join() without validating the path against the base directory. A malicious APK package (e.g., from a compromised or typosquatted repo) could cause writes ...

SCADA DNP3 dir operate function code

...

Fedora Core 4 : ruby-1.8.4-3.fc4 (2006-842)

Thu Jul 20 2006 Akira TAGOH - 1.8.4-3 - security fixes CVE-2006-3694 - ruby-1.8.4-fix-insecure-dir-operation.patch : - ruby-1.8.4-fix-insecure-regexp-modification.patch: fixed the insecure operations in the certain safe-level restrictions. 199538 - ruby-1.8.4-fix-alias-safe-level.patch: fixed to...

PT-2003-1724 · Ibm · Ibm U2 Universe

Name of the Vulnerable Software and Affected Versions: IBM U2 UniVerse version 10.0.0.9 and earlier Description: The issue allows local users to gain privileges by deleting and overwriting arbitrary files, as cci dir in IBM U2 UniVerse creates hard links and unlinks files as root. Recommendations...