CVE-2026-7738 puchunjie doc-tools-mcp MCP mcp-server.ts open_document path traversal

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function createdocument/opendocument of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The...

CVE-2026-7728 ryanjoachim mcp-rtfm MCP update_doc path traversal

A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function getdoccontent/readdoc/updatedoc of the component MCP Interface. Such manipulation of the argument docFile leads to path traversal. The attack can be launched remotely. The exploit is publicly...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

Word Tools MCP Server 路径遍历漏洞

Word Tools MCP Server is an AI-driven word document manipulation tool developed by Jeremy Pu. Version 1.0.18 of Word Tools MCP Server contains a path traversal vulnerability. This vulnerability stems from the createdocument/opendocument function in the MCP Interface component, where the filePath...

PT-2026-37199

Name of the Vulnerable Software and Affected Versions Pillow versions 4.2.0 through 12.1.x Description A flaw in the PdfParser allows an attacker to supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This occurs because...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in PDF files in Google Chrome prior to version 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions through a crafted PDF file. Chromium security severity: Low...

Astra Linux - уязвимость в firefox

Use-after-free in the DOM: Core & HTML components. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

Astra Linux - уязвимость в firefox

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

Astra Linux - уязвимость в firefox

Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

Astra Linux - уязвимость в firefox

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

Astra Linux - уязвимость в firefox

Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

EUVD-2026-26840

A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...

CVE-2026-7702 toeverything AFFiNE Public Markdown Preview Endpoint :docId allowDocPreview authorization

A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...

CVE-2026-7702 toeverything AFFiNE Public Markdown Preview Endpoint :docId allowDocPreview authorization

A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...

CVE-2026-7702

A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...

PT-2026-36706

Name of the Vulnerable Software and Affected Versions toeverything AFFiNE versions prior to 0.26.4 Description An authorization bypass exists in the Public Markdown Preview Endpoint. A remote attacker can manipulate the allowDocPreview function within the '/workspace/:workspaceId/:docId' endpoint...

CLSA-2026-1777464764 libxml2: Fix of 2 CVEs

CVE-2018-14404: fix NULL pointer dereference in xmlXPathCompOpEval when AND/OR operator operates on an empty XPath stack - CVE-2019-19956: fix memory leak in xmlParseBalancedChunkMemoryRecover when parsing NULL doc...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2026:1650-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1650-1 advisory. This update for MozillaFirefox fixes the following issue: Update to Firefox Extended Support Release 140.10.0 ESR bsc1262230, MFSA 2026-32: -...

EUVD-2026-26723

A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This affects the function savedocument/exporttotext/exporttohtml of the file mcp-server/src/index.ts of the component MCP Interface. Performing a manipulation of the argument outputpath results in path traversal. Remote exploitation of the...