CVE-2025-10908

Due to a lack of user account state validation during authentication, locked user accounts can be successfully authenticated using Magic Link or Pass Key methods. This bypasses the intended security control that should prevent access to accounts that have been locked. This vulnerability may allow...

Exploit for CVE-2026-26897

EcoOnline EHS Android — Deep Link Validation Bypass → WebVie...

CVE-2026-43899

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulnerable to an arbitrary protocol execution bypass RCE. While the patch correctly restricted...

PT-2026-39581

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A lack of user account state validation during authentication allows locked user accounts to be successfully accessed using Magic Link or Pass Key methods. This...

CVE-2026-31809 SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG checks href attributes for the javascript: prefix using strings.HasPrefix. However, inserting ASCII tab , newline , or carriage return characters inside the javascript: string bypasses this prefi...

MiracleLinux 9 : nodejs:18 (AXSA:2024-8778:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8778:01 advisory. node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import restrictio...

CVE-2025-7073

CVE-2025-7073 affects Bitdefender Total Security 27.0.46.231. The local privilege escalation stems from bdservicehost.exe deleting files in a user-writable directory (C:\ProgramData\Atc\Feedback) without proper symbolic-link validation. The issue is described as being chained with a file copy ope...

EUVD-2025-202416

A local privilege escalation vulnerability in Bitdefender Total Security 27.0.46.231 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory C:\ProgramData\Atc\Feedback without proper symbolic link validation,...

Roo Code 后置链接漏洞

Roo Code is an AI-based autonomous coding agent from Roo Code. A backlink vulnerability exists in Roo Code 3.25.23 and earlier versions, which stems from a symbolic link bypassing protection and could lead to the disclosure of sensitive information...

Linux Distros Unpatched Vulnerability : CVE-2010-2199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deleti...

Security update for python310

This update for python310 fixes the following issues: python310 was updated from version 3.10.16 to 3.10.18: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fix...

CVE-2025-31334

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary code may be execut...

WinRAR 安全漏洞

WinRAR is a file compressor from WinRAR. The product supports compression and decompression of files in RAR, ZIP, and other formats, among others. A security vulnerability exists in WinRAR versions prior to 7.11 that stems from a symbolic link bypassing the security warning feature, which could...

EulerOS 2.0 SP12 : rsync (EulerOS-SA-2025-1307)

According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many clie...

CVE-2024-12747

A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass...

Sorare: Mystery with a leaked token and Reusability of email confirmation link leading to Account Takeover

A vulnerability was discovered where leaked email confirmation links could be reused to gain access to a user's account without requiring a password. This was possible by modifying the token parameter in the URL of the expired confirmation link. An attacker who gains access to such a leaked link...

MGASA-2017-0115 Updated proftpd packages fix security vulnerability

ProFTPD before 1.3.5e controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks...

HackerOne: Vulnerability with the way \ escaped characters in <http://danlec.com> style links are rendered

Uh\ oh! Basic POC: Sequences like test\ are rendered as http://test Examples of what could be done with this: Obviously there's a whole variety of stuff that can be done when you can inject arbitrary HTML, even in spite of the CSP protection. We can put in elements we're not supposed to see above...

Discuz!X的一个链接限制绕过

简要描述： http://zone.wooyun.org/content/2903 详细说明： 在开启了URL限制的论坛里，是无法直接发URL链接的。当链接中出现了 http://+任意内容 后，就会提示无法发送。但是， /xx.com 却没有过滤，并且可以任意跳转。 漏洞证明： 直接发 http://smtp.yupage.com/301.php 如果发 http://msmtp.yupage.com/301.php 的话，请看这里 http://myhn.qq.com/forum.php?mod=viewthread&tid=116403&page=3pid1856745 ，成功跳出...

Microsoft Word 95/97/98/2000/2002 / Excel 2002 - INCLUDETEXT Document Sharing File Disclosure

source: https://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to, under some circumstances, present a security threat. If the INCLUDETEXT Field Code is...