Lucene search
+L

5 matches found

cvelist
cvelist
added 2026/06/24 7:17 p.m.18 views

CVE-2026-23879 py7zr: Arbitrary File Write Vulnerability

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, which allows symbolic links to be recreated outside the destination directory via crafted malicious...

8CVSS0.00404EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/03/09 10:48 p.m.3 views

CVE-2026-30916

...

5.8AI score0.00052EPSS
Exploits0
cve
cve
added 2026/03/09 10:48 p.m.25 views

CVE-2026-30916

CVE-2026-30916 relates to the Shescape JavaScript library. Prior to version 2.1.9, an attacker could bypass shell escaping when the configured shell pointed to a file that is a chain of symlinks, potentially exposing sensitive information depending on the shell used. A fix is available in 2.1.9. ...

5.8AI score0.00052EPSS
Exploits0
github
github
added 2026/03/07 2:31 a.m.10 views

Withdrawn Advisory: Shescape has possible misidentification of shell due to link chains

Withdrawn Advisory This advisory has been withdrawn because it falls outside the https://github.com/ericcornelissen/shescape/blob/a2544a1c78cae19d0e81a485b997bf0b0fcc2c12/SECURITY.mdthreat-model. This link is maintained to preserve external references. Original Description Impact This impacts use...

5.7AI score0.00052EPSS
Exploits0References7Affected Software1
osv
osv
added 2026/03/07 2:31 a.m.9 views

GHSA-6F6W-6J58-RQ76 Withdrawn Advisory: Shescape has possible misidentification of shell due to link chains

Withdrawn Advisory This advisory has been withdrawn because it falls outside the https://github.com/ericcornelissen/shescape/blob/a2544a1c78cae19d0e81a485b997bf0b0fcc2c12/SECURITY.mdthreat-model. This link is maintained to preserve external references. Original Description Impact This impacts use...

6.3CVSS5.7AI score0.00052EPSS
Exploits0References7
Rows per page
Query Builder