Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

136 matches found

OSV
OSVadded 2026/05/03 9:56 a.m.3 views

OESA-2026-2160 nano security update

Nano is a tiny GNU editor Security Fixes: A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which...

5.5CVSS5.7AI score0.00019EPSS
Exploits0References3
OSV
OSVadded 2026/04/29 12:0 a.m.0 views

UBUNTU-CVE-2026-40556

GNU nano creates the user\u2019s /.local directory with overly permis...

5.3AI score
Exploits0References2
NVD
NVDadded 2026/04/28 3:16 p.m.0 views

CVE-2026-40556

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
UbuntuCve
UbuntuCveadded 2026/04/28 3:16 p.m.1 views

CVE-2026-40556

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits0References1
Debian CVE
Debian CVEadded 2026/04/28 1:54 p.m.2 views

CVE-2026-40556

Removed by vendor...

5.2AI score
Exploits0
EUVD
EUVDadded 2026/04/28 1:54 p.m.0 views

EUVD-2026-26053

GNU nano creates the user’s /.local directory with overly permissive permissions when the directory does not exist yet. On first use of features requiring Cross-Desktop Group XDG data storage, nano explicitly requests directory mode 0777, making the directory world‑writable in environments where...

2.1CVSS5.3AI score
Exploits0References3
CVE
CVEadded 2026/04/28 1:54 p.m.2 views

CVE-2026-40556

In the connected Debian/CVE entry, GNU nano is affected by a local permission issue: when the user’s ~/.local directory does not exist, nano creates it with mode 0777, making it world‑writable in environments where the umask is lax. This creates a race window where an attacker could leverage the ...

5.3AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/04/28 1:54 p.m.4 views

CVE-2026-40556

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.2AI score
Exploits0References4
SUSE CVE
SUSE CVEadded 2026/04/28 1:45 a.m.3 views

SUSE CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.3AI score0.00012EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/04/28 12:0 a.m.2 views

PT-2026-35729

GNU nano creates the user’s /.local directory with overly permissive permissions when the directory does not exist yet. On first use of features requiring Cross-Desktop Group XDG data storage, nano explicitly requests directory mode 0777, making the directory world‑writable in environments where...

2.1CVSS5.3AI score
Exploits0References4
CNNVD
CNNVDadded 2026/04/28 12:0 a.m.5 views

GNU nano 安全漏洞

GNU nano is a lightweight terminal text editor from the GNU community in the United States. Versions of GNU nano prior to 9.0 contained security vulnerabilities. These vulnerabilities stemmed from overly permissive permissions when creating the user’s /.local directory. This could allow local...

5.8AI score
Exploits0References1
NVD
NVDadded 2026/04/22 8:16 a.m.2 views

CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS0.00012EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/22 7:34 a.m.2 views

CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.7AI score0.00012EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/22 12:0 a.m.3 views

PT-2026-34267

Name of the Vulnerable Software and Affected Versions nano affected versions not specified Description A flaw exists where incorrect directory permissions are applied to the /.local directory, setting them to 0777 instead of 0700 in environments with permissive umask settings. A local attacker ca...

2.5CVSS5.8AI score0.00012EPSS
Exploits0References17
CNNVD
CNNVDadded 2026/04/20 12:0 a.m.5 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.15 contained security vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on the local root directory of the tool’s result media path, allowing arbitra...

6.3CVSS5.9AI score0.00042EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:18 p.m.0 views

CVE-2025-66249

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Livy. This issue affects Apache Livy: from 0.3.0 before 0.9.0. The vulnerability can only be exploited with non-default Apache Livy Server settings. If the configuration value...

6.3CVSS5.7AI score0.00083EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/03/13 9:31 p.m.2 views

Apache Livy: Unauthorized directory access

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Livy. This issue affects Apache Livy: from 0.3.0 before 0.9.0. The vulnerability can only be exploited with non-default Apache Livy Server settings. If the configuration value...

6.3CVSS5.7AI score0.00083EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/03/13 9:31 p.m.2 views

EUVD-2025-208639

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Livy. This issue affects Apache Livy: from 0.3.0 before 0.9.0. The vulnerability can only be exploited with non-default Apache Livy Server settings. If the configuration value...

6.3CVSS5.7AI score0.00083EPSS
Exploits0References3
NVD
NVDadded 2026/03/13 7:53 p.m.0 views

CVE-2025-66249

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Livy. This issue affects Apache Livy: from 0.3.0 before 0.9.0. The vulnerability can only be exploited with non-default Apache Livy Server settings. If the configuration value...

6.3CVSS0.00083EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/03/13 3:21 p.m.1 views

CVE-2025-66249 Apache Livy: Unauthorized directory access

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Livy. This issue affects Apache Livy: from 0.3.0 before 0.9.0. The vulnerability can only be exploited with non-default Apache Livy Server settings. If the configuration value...

5.7AI score0.00083EPSS
Exploits0References1
Rows per page
Query Builder