Important: nerdctl

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

Exploit for Out-of-bounds Read in Linux Linux_Kernel

CVE-2026-31413: One Byte in the BPF Verifier to Container Esca...

Exploit for CVE-2026-31413

CVE-2026-31413: One Byte in the BPF Verifier to Container Esca...

[SECURITY] [DSA 6207-1] flatpak security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6207-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 12, 2026 https://www.debian.org/security/faq -...

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.

...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

SUSE CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

CVE-2026-39408

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a path traversal issue in toSSG allows files to be written outside the configured output directory during static site generation. When using dynamic route parameters via ssgParams, specially...

RockyLinux 8 : thunderbird (RLSA-2026:6917)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6917 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.3...

GHSA-2943-CRP8-38XX goshs is Missing Write Protection for Parametric Data Values

Summary The SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. Details Here is the issue: go // helper.go:155-215 func cmdFileroot string, r sftp.Request, ip string, sftpServer SFTPServer error fullPath...

CVE-2026-40188

goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...

GHSA-3C4R-6P77-XWR7 PraisonAI Vulnerable to Code Injection and Protection Mechanism Failure

PraisonAI's AST-based Python sandbox can be bypassed using type.getattribute trampoline, allowing arbitrary code execution when running untrusted agent code. Description The executecodedirect function in praisonaiagents/tools/pythontools.py uses AST filtering to block dangerous Python attributes...

EUVD-2026-21498

In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set...

EUVD-2026-21400

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

EUVD-2026-21409

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

CVE-2026-35651

OpenClaw versions 2026.2.13 through 2026.3.24 contain an ANSI escape sequence injection vulnerability in approval prompts that allows attackers to spoof terminal output. Untrusted tool metadata can carry ANSI control sequences into approval prompts and permission logs, enabling attackers to...

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres via the ForwardToWall process. An attacker can inject ANSI escape sequences into user terminals by executing a logger -p emerg command when the relevant configuration is enabled. This is only...

DEBIAN-CVE-2026-40228

In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set...

DEBIAN-CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...