RHEL 8 : firefox (RHSA-2026:2073)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2073 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 9 : firefox (RHSA-2026:2044)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2044 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 9 : firefox (RHSA-2026:2043)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2043 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : firefox (RHSA-2026:2069)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2069 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : firefox (RHSA-2026:2074)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2074 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

UBUNTU-CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

CVE-2025-22873 Improper access to parent directory of root in os

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability intomcat-embed-core-10.1.42.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability intomcat-embed-core-10.1.42.jar Vulnerability Details CVEID:CVE-2025-55752 DESCRIPTION: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized...

CVE-2026-24843

melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host. The retrieveWorkspace function extracts tar entries...

n8n has a Python sandbox escape

Impact A vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. Only authenticated users are able to execute code through Task Runners. This issue affected any deployment in which the...

GHSA-8398-GMMX-564H n8n has a Python sandbox escape

Impact A vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. Only authenticated users are able to execute code through Task Runners. This issue affected any deployment in which the...

CVE-2026-25121

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...

CVE-2026-25115

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8...

CVE-2026-25115 n8n is vulnerable to Python sandbox escape

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8...

CVE-2026-25115

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8...

EUVD-2026-5414

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8...

CVE-2026-25115

CVE-2026-25115 affects the n8n open source workflow platform, with the vulnerability in the Python Code node allowing authenticated users to break out of the Python sandbox and execute code outside the intended security boundary. The issue is fixed in version 2.4.8 ; upgrading to this version is ...

CVE-2026-25115 n8n is vulnerable to Python sandbox escape

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8...

CVE-2026-25115 n8n is vulnerable to Python sandbox escape

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8...