Updated libssh packages fix security vulnerabilities

CVE-2025-4877 Write beyond bounds in binary to base64 conversion functions CVE-2025-4878 Use of uninitialized variable in privatekeyfromfile CVE-2025-5318 Likely read beyond bounds in sftp server handle management CVE-2025-5351 Double free in functions exporting keys CVE-2025-5372 sshkdf returns ...

curl: SSH/SFTP connection reuse can bypass SSH key identity after ssh_config_matches removal

Summary: libcurl's SSH/SFTP connection reuse logic no longer binds a pooled SSH connection to the SSH key identity requested by the new transfer. After sshconfigmatches was removed, urlmatchprotoconfig again has no SSH-specific check for CURLOPTSSHPUBLICKEYFILE or CURLOPTSSHPRIVATEKEYFILE. An...

libssh: Use of uninitialized variable in privatekey_from_file()

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption...

Insufficiently Protected Credentials

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Insufficiently Protected Credentials with the credentialName filter parameter, over the credentials API endpoint. An attacker can access encryptedData, containing encrypted credential data such as API keys,...

CVE-2026-44225 Pulpy: Incomplete filesystem sandbox in pulpy.fs bridge allows packaged web apps to read arbitrary user files

Pulpy is a lightweight, cross-platform desktop application packager for web apps. Prior to 0.1.1, Pulpy injects a pulpy.fs JavaScript API into every packaged web application, giving it access to the host filesystem. A validateFsPath function is supposed to sandbox this access, but its blocklist i...

EUVD-2026-29085

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

GHSA-P58C-Q354-6C4F pgAdmin 4 contains local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

pgAdmin 4 contains local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

Directory Traversal

Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Directory Traversal via the apikeyfile and apiurl preferences in the LLM API configuration endpoints. An attacker can access arbitrary files on the server or induce the server to make requests to internal...

CVE-2026-7817

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

CVE-2026-7817

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

CVE-2026-7817

PgAdmin 4 LLM API configuration endpoints are affected by CVE-2026-7817, which exposes Local File Inclusion (LFI) and Server-Side Request Forgery (SSRF). An authenticated user can abuse api_key_file and api_url preferences to read arbitrary server-side files or trigger requests to internal target...

CVE-2026-7817 pgAdmin 4: Local file inclusion and server-side request forgery in LLM API configuration endpoints

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

Rapid7 Insight Agent 安全漏洞

Rapid7 Insight Agent is a lightweight software developed by Rapid7 Corporation in the United States. This software is capable of collecting data from IT assets. Rapid7 Insight Agent has a security vulnerability, which stems from improper permissions settings in the client key file. This...

pyload-ng: Authorization Bypass for SSL Certificate/Key Configuration Due to Option Name Mismatch in pyload-ng

Summary The ADMINONLYCOREOPTIONS authorization set in setconfigvalue uses incorrect option names sslcert and sslkey, while the actual configuration option names are sslcertfile and sslkeyfile. This name mismatch causes the admin-only check to always evaluate to False, allowing any user with...

PYSEC-2026-123

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the ADMINONLYCOREOPTIONS authorization set in setconfigvalue uses incorrect option names sslcert and sslkey, while the actual configuration option names are sslcertfile and sslkeyfile. This name mismatch...

CVE-2026-35586 Authorization Bypass for SSL Certificate/Key Configuration Due to Option Name Mismatch in pyload-ng

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the ADMINONLYCOREOPTIONS authorization set in setconfigvalue uses incorrect option names sslcert and sslkey, while the actual configuration option names are sslcertfile and sslkeyfile. This name mismatch...

PT-2026-30896

Name of the Vulnerable Software and Affected Versions pyLoad versions prior to 0.5.0b3.dev97 Description pyLoad, a download manager written in Python, had an authorization issue in the set config value function. The ADMIN ONLY CORE OPTIONS check used incorrect option names ssl cert and ssl key...

CVE-2026-5527

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...

Tenda AC10 安全漏洞

The Tenda AC10 is a wireless router produced by the Chinese company Tenda. The Tenda AC10 16.03.10.10multiTDE01 version has a security vulnerability. This vulnerability stems from the hardcoded encryption key present in the file/webroot-ro/pem/privkeySrv.pem of the RSA 2048-bit Private Key Handle...