CVE-2026-49406

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.12, when Deno was run in BYONM mode nodeModulesDir: "manual", the module resolver did not validate that a package's resolved entrypoint stayed within its nodemodules// directory. A malicious package.json whose main field...

CVE-2026-49406 Deno: BYONM module resolution allows `package.json` main path traversal to bypass `--allow-read` restrictions

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.12, when Deno was run in BYONM mode nodeModulesDir: "manual", the module resolver did not validate that a package's resolved entrypoint stayed within its nodemodules// directory. A malicious package.json whose main field...

CVE-2026-54010

CVE-2026-54010 affects Open WebUI prior to version 0.9.6. An authenticated user could attach arbitrary file_id values to their own chat messages without ownership/read checks, and then leverage a forged chat-file link to access or delete the victim’s file via shared-chat authorization. The root c...

CVE-2026-54012

CVE-2026-54012 pertains to Open WebUI. Before version 0.9.6, a user with model-creation/update/import rights could attach forged meta.knowledge entries of type file to their model. The system then trusts these entries as authorization sources, enabling a cross-user read and deletion of private fi...

CVE-2026-54012 Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user who can create, update, or import workspace models store arbitrary meta.knowledge entries on their model without checking whether they own or can read the...

CVE-2026-48520

CVE-2026-48520 (Langflow) : Multiple sources confirm a vulnerability in the Shareable Playground/Public Flows feature prior to Langflow 1.10.0. An unauthenticated user can trigger public flow execution and supply a files list to the /api/v1/build_public_tmp endpoint, causing Langflow to read arbi...

CVE-2026-55447

Langflow’s BaseFileComponent family (including Read File, DoclingInlineComponent, DoclingServe, DoclingRemoteComponent, NvidiaIngestComponent, VideoFileComponent, UnstructuredComponent) is affected by CVE-2026-55447. The underlying issue is in base_file.py: _unpack_bundle TAR extraction does not ...

CVE-2026-44790

CVE-2026-44790 affects the n8n platform. An authenticated user with permission to create or modify workflows can inject CLI flags on the Git node’s Push operation, enabling reading of arbitrary files from the n8n server and potentially leading to full compromise. Public details confirm the issue ...

CVE-2026-44790 n8n: Arbitrary File Read via Git Node

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leadi...

CVE-2026-56692

Vulnerability summary (CVE-2026-56692): NanoClaw prior to 2.1.17 contains a symlink-following flaw in forwardAttachedFiles that can exfiltrate host-readable files. The host validates attachments with isSafeAttachmentName, then copies via fs.copyFileSync, which follows symlinks without containment...

CVE-2026-56701

Grav under 2.0.0-beta.2 is affected by an XML External Entity (XXE) vulnerability in SVG file upload handling. The issue arises because the application uses simplexml_load_string without disabling external entity loading, allowing authenticated attackers to inject XXE payloads via SVG files to ex...

CVE-2026-56301

Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server nuxt dev on Linux, binds the vite-node IPC server to an abstract-namespace Unix socket without permission restrictions, allowing local users to enumerate and connect. Unprivileged co-resident users can exploit t...

CVE-2026-56301

Nuxt CVE-2026-56301 affects Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7. When running the development server (nuxt dev) on Linux, the vite-node IPC server is bound to an abstract-namespace Unix socket without permission restrictions, allowing local users to enumerate and connect. Unprivilege...

CVE-2026-56301 Nuxt - Arbitrary File Read via World-Connectable vite-node IPC Socket on Linux

Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server nuxt dev on Linux, binds the vite-node IPC server to an abstract-namespace Unix socket without permission restrictions, allowing local users to enumerate and connect. Unprivileged co-resident users can exploit t...

WooCommerce Designer Pro <= 1.9.28 - Arbitrary File Read

WooCommerce Designer Pro theme for WordPress = 1.9.28 contains an arbitrary file read vulnerability caused by improper input validation, letting unauthenticated attackers read arbitrary files including sensitive configuration files, exploit requires no authentication. id: CVE-2025-10897 info: nam...

Eclipse Mojarra - Local File Read

Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. id: CVE-2020-6950 info: name: Eclipse Mojarra - Local File Read author: iamnoooob,pdresearch severity: medium description: | Directory traversal in Eclipse Mojarra...

Jan v0.4.12 'readFileSync' - Path Traversal

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface. id: CVE-2024-36857 info: name: Jan v0.4.12 'readFileSync' - Path Traversal author: Yusuf Amr severity: high description: | Jan v0.4.12 was discovered to contain an arbitrary file rea...

Apache CXF < 4.0.4 - Aegis DataBinding SSRF / Local File Read

Apache CXF before 4.0.4, 3.6.3 and 3.5.8 has a Server-Side Request Forgery SSRF vulnerability when using the Aegis DataBinding. The XOP Include mechanism in multipart SOAP requests can be abused to read local files or make server-side HTTP requests to arbitrary URLs. An attacker can use this to...

WP Responsive Images <= 1.0 - Arbitrary File Read

WP Responsive Images plugin for WordPress = 1.0 contains a path traversal caused by improper sanitization of the 'src' parameter, letting unauthenticated attackers read arbitrary files on the server. id: CVE-2026-1557 info: name: WP Responsive Images = 1.0 - Arbitrary File Read author: Shivam...

Blinko <= 1.8.3 - Path Traversal via /plugins

Blinko = 1.8.3 contains a path traversal caused by improper path concatenation without verification in the plugin file server endpoint, letting remote attackers access arbitrary files, exploit requires network access. id: CVE-2026-23483 info: name: Blinko = 1.8.3 - Path Traversal via /plugins...