Lucene search
K

3760 matches found

CVE
CVE
added yesterday7 views

CVE-2026-58494

CVE-2026-58494 affects Wasmtime runtimes prior to the fixed versions 24.0.11, 36.0.12, 45.0.3, and 46.0.1. The issue arises in wasmtime-wasi where hard-link creation and renaming check directory permissions do not correctly match FilePerms on source and destination preopens. This can allow a WASI...

6.5CVSS6AI score
Exploits0References9
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-24969

mkfifo: permissions of an existing file are changed after FIFO creation fails...

7.1CVSS5.9AI score0.00165EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-13769

A flaw was found in AWS CLI. Overly permissive file permissions on Unix-like systems, where the umask has not been configured to restrict file permissions, may allow other local users on the same host to read credentials. This occurs when certain AWS CLI subcommands, such as aws codeartifact logi...

6.8CVSS5.9AI score0.00101EPSS
Exploits0References7
Snyk
Snyk
added 2026/07/01 9:19 p.m.5 views

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource via the createconfig path in awscli/customizations/codedeploy/register.py. An attacker can read the CodeDeploy on-premises configuration file by accessing it on the same Unix-like ho...

6.8CVSS6AI score0.00101EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 6:34 p.m.5 views

CVE-2026-13769

Overly permissive file permissions in AWS CLI before 1.44.78 v1 and 2.34.29 v2 on Unix-like systems where the umask has not been configured to restrict file permissions the default on most systems may allow other local users on the same host to read credentials written by certain CLI subcommands...

6.8CVSS5.8AI score0.00101EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54637

Name of the Vulnerable Software and Affected Versions AWS CLI versions prior to 1.44.78 v1 AWS CLI versions prior to 2.34.29 v2 Description On Unix-like systems where the umask is not configured to restrict file permissions, overly permissive file permissions may allow local users on the same hos...

6.8CVSS5.8AI score0.00101EPSS
Exploits0References6
OSV
OSV
added 2026/06/26 8:53 p.m.4 views

GHSA-RHQ6-9RGH-V45C Pterodactyl Wings: Chmod operation can be used to change permissions of files outside of the server container

In wings/internal/ufs/fsunix.go line 92-94, this function is defined and is used to change permissions of files in the server: go func fs UnixFS fchmodatop string, dirfd int, name string, mode FileMode error return ensurePathErrorunix.Fchmodatdirfd, name, uint32mode, 0, op, name This call to the...

5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/25 12:57 p.m.2 views

SUSE-SU-2026:22368-1 Security update for nodejs22

This update for nodejs22 fixes the following issues Update to 22.23.0: - CVE-2026-6733: undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery bsc1268479. - CVE-2026-9496: pacote: excessive CPU consumption in addGitSha when processing a...

9.8CVSS7AI score0.26356EPSS
Exploits3References53
NVD
NVD
added 2026/06/24 9:16 p.m.9 views

CVE-2026-32315

motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...

5.5CVSS0.02902EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 8:16 p.m.8 views

CVE-2026-54327

Pi is a minimal terminal coding harness. From 0.74.0 until 0.78.1, Pi stored API keys and OAuth credentials in auth.json. A race condition in the file write path could briefly create or rewrite this file with permissions derived from the process umask before tightening the file to owner-only...

2.2CVSS0.00074EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 7:28 p.m.14 views

CVE-2026-54327

The Pi credential storage vulnerability (CVE-2026-54327) stems from a race in the auth.json write path. Between file creation/writes and the subsequent permission tightening, auth.json could be created or rewritten with permissions derived from the process umask, briefly exposing stored API keys ...

2.2CVSS5.8AI score0.00074EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/22 8:59 p.m.10 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7AI score0.00292EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.19 views

PT-2026-51431

Name of the Vulnerable Software and Affected Versions motionEye versions prior to 0.44.0 Description Configuration files /etc/motioneye/motion.conf and camera-.conf are created with 644 permissions, making them readable by any local user on the system. The motion.conf file contains sensitive data...

5.5CVSS5.7AI score0.02902EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Containerd

Containerd is a container runtime. A bug was discovered in containerd versions prior to 1.4.8 and 1.5.4, where pulling and extracting a specially crafted container image could result in changes to Unix file permissions for existing files in the host’s filesystem. Changes to file permissions could...

6.8CVSS6.3AI score0.01608EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in libzstd

In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. The correct file permissions matching the input would only be set at the time of completion. As a result, output files could be readable or writable by unintended parties...

5.5CVSS6AI score0.00431EPSS
Exploits1References2
NVD
NVD
added 2026/06/15 9:17 p.m.7 views

CVE-2026-47261

Wasmtime is a runtime for WebAssembly. In versions prior to 24.0.9, 36.0.10, and 44.0.2, when a filesystem preopen is given DirPerms::all and FilePerms::READ without FilePerms::WRITE, this access control mechanism can be bypassed via the wasip2 descriptor.open-at or wasip1 pathopen interfaces by...

7.5CVSS0.00357EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/15 7:47 p.m.27 views

CVE-2026-47261 Wasmtime: WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restriction

Wasmtime is a runtime for WebAssembly. In versions prior to 24.0.9, 36.0.10, and 44.0.2, when a filesystem preopen is given DirPerms::all and FilePerms::READ without FilePerms::WRITE, this access control mechanism can be bypassed via the wasip2 descriptor.open-at or wasip1 pathopen interfaces by...

7.5CVSS0.00357EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 11:34 a.m.9 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.6AI score0.00419EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/09 8:46 a.m.42 views

CVE-2026-46748

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...

8.8CVSS0.00206EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 8:46 a.m.35 views

CVE-2026-46748

CVE-2026-46748 affects SINEC INS (all versions

8.8CVSS5.5AI score0.00206EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder