JLSEC-2026-603

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

CVE-2025-55205 Capsule tenant owners with "patch namespace" permission can hijack system namespaces label

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces kube-system, default, capsule-system, bypassing multi-tenant isolation...

GO-2024-3077 Capsule tenant owner with "patch namespace" permission can hijack system namespaces in github.com/projectcapsule/capsule

Capsule tenant owner with "patch namespace" permission can hijack system namespaces in github.com/projectcapsule/capsule...

Ubiquiti Inc.: UniFi Video v3.10.1 (Windows) Local Privileges Escalation to SYSTEM from arbitrary filedelete and DLL hijack vulnerabilities.

Summary: UniFi Video v3.10.1 for Windows 7/8/10 x64 Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the windows...