Lucene search
K

19027 matches found

NVD
NVD
added 25 minutes ago2 views

CVE-2026-50135

Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made RootMappingFs.statRoot use Stat follows symlinks instead of Lstat , so a direct resources.Get of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount e.g. a...

6.9CVSS0.00024EPSS
Exploits0References3
NVD
NVD
added 1 hour ago2 views

CVE-2026-58403

Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...

5.9CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-50135 Hugo: Symlink confinement bypass in resources.Get

Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made RootMappingFs.statRoot use Stat follows symlinks instead of Lstat , so a direct resources.Get of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount e.g. a...

6.9CVSS0.00024EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-50135

Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made RootMappingFs.statRoot use Stat follows symlinks instead of Lstat , so a direct resources.Get of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount e.g. a...

6.9CVSS5.9AI score0.00024EPSS
Exploits0References4Affected Software1
CVE
CVE
added 1 hour ago11 views

CVE-2026-50135

Summary: Hugo up to v0.161.1 is affected by a symlink confinement bypass in the virtual filesystem used by Hugo’s resources.Get. Root cause: A regression in RootMappingFs.statRoot caused it to call Stat (which follows symlinks) instead of Lstat, allowing a symlink inside a mounted directory (e.g....

6.9CVSS5.9AI score0.00024EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-58403

Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...

5.9CVSS5.9AI score
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2 hours ago4 views

CVE-2026-58403 Hugo symlink confinement bypass in os.ReadFile

Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...

5.9CVSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-58403 Hugo symlink confinement bypass in os.ReadFile

Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...

5.9CVSS
Exploits0References4
CVE
CVE
added 2 hours ago4 views

CVE-2026-58403

Hugo (static site generator) vulnerable from v0.123.0 through v0.163.0. A regression in RootMappingFs.statRoot caused it to call Stat (which follows symlinks) instead of Lstat, enabling os.ReadFile on a symlink to read the target file outside the mount. This could let a symlink inside a theme or ...

5.9CVSS5.9AI score
Exploits0References4
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-41907

Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...

5.9CVSS
Exploits0References4
Github Security Blog
Github Security Blog
added 4 hours ago5 views

flyto-core has SSRF guard bypass via IPv6 transition addresses (IPv4-mapped / 6to4 / NAT64) in validate_url_ssrf

Summary flyto-core's SSRF protection validateurlssrf / isprivateip in src/core/utils.py blocks private and metadata destinations by resolving the host and testing the resulting IP for membership in a hardcoded PRIVATEIPRANGES list. That list contains only the native RFC 1918 / loopback / link-loc...

7.5CVSS6.9AI score0.01034EPSS
Exploits0References2Affected Software1
OSV
OSV
added 4 hours ago2 views

GHSA-794R-5RP2-FPG8 flyto-core has SSRF guard bypass via IPv6 transition addresses (IPv4-mapped / 6to4 / NAT64) in validate_url_ssrf

Summary flyto-core's SSRF protection validateurlssrf / isprivateip in src/core/utils.py blocks private and metadata destinations by resolving the host and testing the resulting IP for membership in a hardcoded PRIVATEIPRANGES list. That list contains only the native RFC 1918 / loopback / link-loc...

7.1CVSS
Exploits0References2
Github Security Blog
Github Security Blog
added 4 hours ago5 views

Scriban: Template Writes to Arbitrary CLR Properties via `TypedObjectAccessor` (Mass Assignment + `private` / `init` / `internal` Setter Bypass)

Description When a host pushes a CLR object into a Scriban TemplateContext via the standard, documented pattern — var so = new ScriptObject; so"user" = currentUser; // direct CLR reference context.PushGlobalso; — TypedObjectAccessor exposes every public-getter property for both reading and writin...

6AI score
Exploits0References2Affected Software1
OSV
OSV
added 4 hours ago2 views

GHSA-7JVP-HJ45-2F2M Scriban: Template Writes to Arbitrary CLR Properties via `TypedObjectAccessor` (Mass Assignment + `private` / `init` / `internal` Setter Bypass)

Description When a host pushes a CLR object into a Scriban TemplateContext via the standard, documented pattern — var so = new ScriptObject; so"user" = currentUser; // direct CLR reference context.PushGlobalso; — TypedObjectAccessor exposes every public-getter property for both reading and writin...

8.7CVSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 7 hours ago2 views

Security Bulletin: IBM Engineering Requirements Management DOORS and DOORS Web Access is affected by multiple vulnerabilities

Summary This release addresses multiple security vulnerabilities across various components of IBM Engineering Requirements Management DOORS and DOORS Web Access product. Many vulnerabilities are rated Critical CVSS ≥ 9.0,including Tomcat CLIENTCERT Improper Authentication CVE-2026-29145,...

9.8CVSS7.3AI score0.66537EPSS
Exploits9Affected Software2
SUSE Linux
SUSE Linux
added 12 hours ago3 views

Security update for cryptsetup, s390-tools

This update for cryptsetup, s390-tools fixes the following issue Security fixes: CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270185. Changes for s390-tools: Upgrade s390-tools to version 2.41.0 jscPED-15860 Automatically set...

8.3CVSS6.2AI score0.00298EPSS
Exploits0References16
OSV
OSV
added 15 hours ago3 views

OESA-2026-2869 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A...

9.8CVSS6.2AI score0.00595EPSS
Exploits2References46
Positive Technologies
Positive Technologies
added 21 hours ago3 views

PT-2026-55980

Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...

5.9CVSS
Exploits0References5
Debian
Debian
added yesterday3 views

[SECURITY] [DLA 4653-2] openvpn regression update

Debian LTS Advisory DLA-4653-2 [email protected] https://www.debian.org/lts/security/ Daniel Leidert July 06, 2026 https://wiki.debian.org/LTS Package : openvpn Version : 2.5.1-3+deb11u4 CVE ID : CVE-2026-12996 Debian Bug : 1141326 A regression has been discovered in the latest release ...

6.1CVSS5.9AI score0.00309EPSS
Exploits0
Nuclei
Nuclei
added 2 days ago74 views

Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure

Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true...

5CVSS7.2AI score0.53728EPSS
Exploits9References5
Rows per page
Query Builder