CVE-2026-28838

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox...

CVE-2026-28838

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox...

CVE-2026-28817

CVE-2026-28817 is a race-condition vulnerability in macOS components that was addressed by improved state handling. The public records indicate fixes in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4. Affected behavior: a sandboxed process may be able to circumvent sandbox restri...

CVE-2026-28817

A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A sandboxed process may be able to circumvent sandbox restrictions...

CVE-2026-28827

The CVE-2026-28827 entry describes a parsing issue in the handling of directory paths that could allow an app to break out of its sandbox. Concrete details indicate remediation via macOS updates: Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4 include the fix for improved path validation. The relat...

CVE-2026-20688

A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox...

CVE-2026-28826

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox...

CVE-2026-28826

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox...

CVE-2026-28826

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox...

PT-2026-28091

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.27 n8n versions prior to 2.13.3 n8n versions prior to 2.14.1 Description n8n is a workflow automation platform. A flaw in the LDAP node's filter escape logic allows LDAP metacharacters to pass through unescaped when...

Linux Distros Unpatched Vulnerability : CVE-2026-4688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, a...

Linux Distros Unpatched Vulnerability : CVE-2026-4689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34,...

PT-2026-35859

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free issue in ANGLE allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Use after free...

Ubuntu 20.04 LTS : Linux kernel (AWS FIPS) vulnerability (USN-8121-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8121-1 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to...

Linux Distros Unpatched Vulnerability : CVE-2026-4690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34,...

Linux Distros Unpatched Vulnerability : CVE-2026-4692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and...

SUSE SLES15 Security Update : go1.26-openssl (SUSE-SU-2026:0993-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0993-1 advisory. Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. -...

Scriban: Sandbox escape due to TypedObjectAccessorcache bypassing MemberFilter after TemplateContext reuse

Summary TemplateContext caches type accessors by Type only, but those accessors are built using the current MemberFilter and MemberRenamer. When a TemplateContext is reused and the filter is tightened for a later render, Scriban still reuses the old accessor and continues exposing members that...

USN-8121-1 linux-aws-fips vulnerability

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

USN-8121-1: Linux kernel (AWS FIPS) vulnerability

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...