Lucene search
K

1329 matches found

CVE
CVE
added 9 hours ago7 views

CVE-2026-43637

Cornac before 2.6.0 is affected by a path traversal (Tar Slip) in the _extract_archive() function (cornac/utils/download.py). The vulnerability allows an attacker to write arbitrary files outside the intended cache directory by supplying crafted TAR archives with ../ sequences, absolute paths, or...

9.1CVSS6.2AI score
Exploits0References4
EUVD
EUVD
added 9 hours ago4 views

EUVD-2026-44669

Cornac before 2.6.0 contains a path traversal Tar Slip vulnerability that allows attackers to write arbitrary files outside the intended cache directory by supplying a crafted TAR archive containing ../ sequences, absolute paths, or symlink/hardlink entries to the extractarchive function in...

9.1CVSS6.2AI score
Exploits0References4
NVD
NVD
added yesterday7 views

CVE-2026-59732

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Prior to 1.74.4, rclone archive extract can write extracted files outside the user-selected destination prefix when extracting a crafted archive containing parent path components such as...

5CVSS
Exploits0References4
CVE
CVE
added yesterday13 views

CVE-2026-59732

The CVE describes a vulnerability in rclone where rclone archive extract could write extracted files outside the user-specified destination prefix when processing crafted archives containing parent path components (e.g., ../). This allowed creating or overwriting sibling objects in the same bucke...

5CVSS6.1AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 5 days ago4 views

cpython: python: Extraction filter bypass for linking outside extraction directory

A flaw was found in CPython's tarfile module. This vulnerability allows bypassing of extraction filters, enabling symlink traversal outside the intended extraction directory and potential modification of file metadata via malicious tar archives using TarFile.extractall or TarFile.extract with the...

7.5CVSS6.5AI score0.00805EPSS
Exploits2References10
NVD
NVD
added 5 days ago8 views

CVE-2026-55783

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-55783 NanaZip: NULL pointer dereference in Extract() of all seven NanaZip custom archive handlers when extracting/testing the whole archive

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS0.00112EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42955

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS6.1AI score0.00112EPSS
Exploits0References3
OSV
OSV
added 5 days ago3 views

CVE-2026-55783 NanaZip: NULL pointer dereference in Extract() of all seven NanaZip custom archive handlers when extracting/testing the whole archive

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS6.1AI score0.00112EPSS
Exploits0References5
NVD
NVD
added 5 days ago11 views

CVE-2026-61455

Grav before 2.0.1 contains a decompression bomb vulnerability in ZipArchiver::extract that lacks limits on uncompressed size, file count, and nesting depth. Attackers can supply a crafted ZIP archive that expands to fill available disk space, causing denial of service by exhausting storage...

7.1CVSS0.00249EPSS
Exploits0References2
CVE
CVE
added 5 days ago6 views

CVE-2026-61455

Grav before 2.0.1 contains a decompression bomb vulnerability in ZipArchiver::extract() that lacks limits on uncompressed size, file count, and nesting depth. A crafted ZIP archive can expand to fill available disk space, causing denial of service by exhausting storage resources. This CVE (CVE-20...

7.1CVSS6.1AI score0.00249EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 11:36 a.m.8 views

BIT-PYTHON-MIN-2026-4360 Tarfile.extract() doesn't fully respect filter parameter

In the Tarfile.extract function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract function...

5.3CVSS5.9AI score0.00235EPSS
Exploits0References9
OSV
OSV
added 2026/07/08 11:31 a.m.8 views

BIT-LIBPYTHON-2026-4360 Tarfile.extract() doesn't fully respect filter parameter

In the Tarfile.extract function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract function...

5.3CVSS5.9AI score0.00235EPSS
Exploits0References9
NVD
NVD
added 2026/07/04 1:16 p.m.10 views

CVE-2026-14628

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS0.00551EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/07/04 1:0 p.m.42 views

CVE-2026-14628 NousResearch hermes-agent Live Webhook Endpoint base.py extract_media path traversal

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS0.00551EPSS
Exploits1References5
EUVD
EUVD
added 2026/07/04 1:0 p.m.11 views

EUVD-2026-41673

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/07/04 1:0 p.m.9 views

CVE-2026-14628

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/07/04 1:0 p.m.31 views

CVE-2026-14628

The CVE concerns NousResearch hermes-agent (up to 2026.5.16), specifically the Live Webhook Endpoint component’s gateway/platforms/base.py extract_media function. The vulnerability is a path traversal flaw that can be triggered remotely. Public exploit information exists, and CVSS metrics show a ...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-4360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Tarfile.extract function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted...

5.3CVSS6.1AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 9:48 p.m.5 views

GHSA-FXHP-MV3V-67QP `oras-go` tar extraction: Hardlink entry with relative Linkname escapes extract dir via process CWD resolution

Root cause The tar-extraction helper ensureLinkPath at content/file/utils.go:262-275 validates that a hardlink's target resolves inside the extract base, but then returns the original unresolved target string back to the caller: go func ensureLinkPathbaseAbs, baseRel, link, target string string,...

7.1CVSS6AI score
Exploits0References3
Rows per page
Query Builder