CVE-2026-40893

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames the file. This allows remote attackers to move, rename, and change permissions for arbitrary files...

CVE-2026-9530

A flaw was found in GNU LibreDWG, specifically within the Dwgbmp Utility component. A local attacker could exploit an out-of-bounds read vulnerability in the read2004compressedsection function by manipulating a file. This could lead to a denial of service, making the application unavailable...

CVE-2026-8758 Metasoft 美特软件 MetaCRM upload3.jsp unrestricted upload

A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This impacts an unknown function of the file /common/jsp/upload3.jsp. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been publicly...

CVE-2026-34596

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...

CVE-2026-34458

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration restrictions EditAdminOnly and ConfigPassword and inject arbitrary directives into the global...

CVE-2026-7643 ChatGPTNextWeb NextChat API Endpoint Next.js cross-domain policy

A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This impacts an unknown function of the file Next.js of the component API Endpoint. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been...

Arbitrary Argument Injection

Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via the WriteMetadata process. An attacker can manipulate files, create or overwrite arbitrary files, and establish symlinks or hard links by injecting specially crafted metadata values containing newline...

CVE-2026-33694 Junction File Manipulation

This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYST...

CVE-2026-33694

CVE-2026-33694 describes a junction file manipulation vulnerability where an attacker can create a junction to delete arbitrary files with SYSTEM privileges, potentially enabling arbitrary code execution at SYSTEM level. The description explicitly notes elevated privileges and the possibility of ...

CVE-2026-6610

A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipulation of the argument USER/PASSWORD leads to hard-coded credentials. The attack may be launched...

CVE-2026-6139

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. There are security vulnerabilities in versions of Checkmk prior to 2.2.0, 2.3.0p46, 2.4.0p25, and 2.5.0b3. These vulnerabilities stem from the ability for site users to manipulate files, potentially leading to permission...

CVE-2026-33054

Mesop is a Python-based UI framework that allows users to build web applications. Versions 1.2.2 and below contain a Path Traversal vulnerability that allows any user supplying an untrusted statetoken through the UI stream payload to arbitrarily target files on the disk under the standard...

CVE-2026-33054 Mesop: Path Traversal utilizing `FileStateSessionBackend` leads to Application Denial of Service and File Write/Deletion

Mesop is a Python-based UI framework that allows users to build web applications. Versions 1.2.2 and below contain a Path Traversal vulnerability that allows any user supplying an untrusted statetoken through the UI stream payload to arbitrarily target files on the disk under the standard...

CVE-2026-33054

CVE-2026-33054 affects the Mesop Python UI framework (versions ≤ 1.2.2) and enables a Path Traversal via the UI stream payload when FileStateSessionBackend is used. An untrusted state_token can target arbitrary files on disk, causing denial of service (crash loops) or unauthorized file writes/del...

CVE-2026-21668

A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository...

Vulnerabilities fixed in Veeam Backup & Replication

Veeam has fixed vulnerabilities in Veeam Backup & Replication. The vulnerabilities allow an authenticated domain user to remotely execute code on the backup server, which can lead to unauthorized control of backup operations. This issue is present in the backup server environment and can be...

Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`

If an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note that it is intended behavior that the JavaScript would...

PT-2026-24194

Name of the Vulnerable Software and Affected Versions Copyparty versions prior to 1.20.11 Description Copyparty’s nohtml configuration option, designed to block JavaScript execution in uploaded HTML files, did not extend to SVG images. A user with write access could upload an SVG file containing...

CVE-2026-3409

Affected software: eosphoros-ai db-gpt 0.7.5. Vulnerable component: Flow Import Endpoint, specifically importlib.machinery.SourceFileLoader.exec_module in /api/v1/serve/awel/flow/import. Root cause: manipulating a File leads to code injection. Impact: remote execution of injected code possible; n...