Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : Git LFS vulnerabilities (USN-7977-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7977-1 advisory. Ryota K discovered that Git LFS may leak login credentials in certain instances due to failing to check for...

Ubuntu: Security Advisory (USN-7977-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2026-5032

Name of the Vulnerable Software and Affected Versions Bun versions prior to 1.3.5 Description The default trusted dependencies list in Bun can be manipulated by a non-npm package if the package name matches an existing trusted dependency. This affects dependencies installed via file, link, or...

CVE-2026-24056

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

CVE-2026-24056

CVE-2026-24056 affects pnpm prior to 10.28.2: when installing file: or git: dependencies, symlinks are followed and their target contents read outside the package root, enabling possible leakage of local data (e.g., credentials) into node_modules. Root cause: store/cafs/src/addFilesFromDir.ts use...

CVE-2026-24056 pnpm has symlink traversal in file:/git dependencies

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

EUVD-2026-4658

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

CVE-2026-24056 pnpm has symlink traversal in file:/git dependencies

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

CVE-2026-24056

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

CVE-2026-24056 pnpm has symlink traversal in file:/git dependencies

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

CVE-2026-24056

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

Symlink Attack

Overview @pnpm/store.cafs is a content-addressable filesystem for the packages storage Affected versions of this package are vulnerable to Symlink Attack via the handling file: or git: dependencies, which follow symlinks without restricting access to the package root. An attacker can access and...

pnpm has symlink traversal in file:/git dependencies

Summary When pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd, /.ssh/idrsa causes pnpm to copy that file's contents...

GHSA-M733-5W8F-5GGW pnpm has symlink traversal in file:/git dependencies

Summary When pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd, /.ssh/idrsa causes pnpm to copy that file's contents...

USN-7977-1 git-lfs vulnerabilities

Ryota K discovered that Git LFS may leak login credentials in certain instances due to failing to check for URL-encoded characters. An attacker could possibly use this issue to learn sensitive information. CVE-2024-53263 It was discovered that Git LFS could have its git lfs checkout and git lfs...

PT-2026-4827

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.28.2 Description pnpm, a package manager, is affected by an issue where installing a file: or git: dependency allows it to follow symlinks and read their target contents without restricting them to the package root. A...

PT-2026-4840

Name of the Vulnerable Software and Affected Versions QGIS versions prior to commit 76a693cd91650f9b4e83edac525e5e4f90d954e9 Description The QGIS repository contained a GitHub Actions workflow named "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was susceptible ...

kernel security update

6.12.0-124.29.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

EUVD-2026-4264

Gitea does not properly validate repository ownership when deleting Git LFS locks...

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via improper validation of repository ownership in the delete process for Git LFS locks. An attacker can remove LFS locks from repositories they do not own by leveraging write access to a...