24 matches found
GHSA-6JR7-99PF-8VGF @backstage/plugin-techdocs-node vulnerable to arbitrary code execution via MkDocs hooks
Impact When TechDocs is configured with runIn: local, a malicious actor who can submit or modify a repository's mkdocs.yml file can execute arbitrary Python code on the TechDocs build server via MkDocs hooks configuration. Patches Upgrade to @backstage/plugin-techdocs-node version 1.13.11, 1.14.1...
@backstage/plugin-techdocs-node vulnerable to possible Path Traversal in TechDocs Local Generator
Impact A path traversal vulnerability in the TechDocs local generator allows attackers to read arbitrary files from the host filesystem when Backstage is configured with techdocs.generator.runIn: local. When processing documentation from untrusted sources, symlinks within the docs directory are...
CVE-2026-25152
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, a path traversal vulnerability in the TechDocs local generator allow...
CVE-2026-25153
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with runIn: local, a malicious actor who...
CVE-2026-25153 @backstage/plugin-techdocs-node vulnerable to arbitrary code execution via MkDocs hooks
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with runIn: local, a malicious actor who...
CVE-2026-25153 @backstage/plugin-techdocs-node vulnerable to arbitrary code execution via MkDocs hooks
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with runIn: local, a malicious actor who...
EUVD-2026-5004
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with runIn: local, a malicious actor who...
Ollama 安全漏洞
Ollama is a large language model that can be started and run locally from the Ollama open source. A security vulnerability exists in Ollama v0.12.3 and prior versions that stems from an authentication bypass that could lead to unauthorized model management operations...
EUVD-2025-111618
Malicious code in local-run-script-ophiuchus-global npm...
The vulnerability of the TLS protocol implementation in the Illumina Local Run Manager software allows a perpetrator to compromise the confidentiality of protected information, including login credentials.
The vulnerability of the TLS protocol implementation in the Illumina Local Run Manager lies in the transmission of data in an open manner. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of protected information, including login credentials...
The vulnerability of the Illumina Local Run Manager software lies in the absence of an authentication process, which allows attackers to infiltrate, replicate, modify, and/or intercept confidential data.
The vulnerability of the Illumina Local Run Manager software lies in the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to remotely infiltrate, replicate, modify, and/or intercept sensitive data...
The vulnerability of the Illumina Local Run Manager software, related to improper code generation management, allows a malicious actor to execute arbitrary code, modify settings, configurations, software, or gain access to confidential data of the affected product.
The vulnerability of the Illumina Local Run Manager software is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code, modify settings, configurations, software, or gain access to confidential data of the affected product...
The vulnerability of the Illumina Local Run Manager software lies in the lack of restrictions on file downloads, which allows a hacker to execute arbitrary code.
The vulnerability of the Illumina Local Run Manager software lies in the lack of restrictions on file downloads. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Illumina Local Run Manager Path Traversal Vulnerability
Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager is vulnerable to a path traversal vulnerability that stems from an input validation error when...
Illumina Local Run Manager Information Disclosure Vulnerability
Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager contains an information disclosure vulnerability that could be exploited by remote attackers to...
Illumina Local Run Manager File Upload Vulnerability
Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager contains a file upload vulnerability that could be exploited by an attacker to upload any file typ...
Illumina Local Run Manager 代码问题漏洞
Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager contains a file upload vulnerability that could be exploited by an attacker to upload any file typ...
Illumina Local Run Manager 访问控制错误漏洞
Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager is vulnerable to an access control error that could be exploited by remote attackers to gain...
Illumina Local Run Manager 路径遍历漏洞
Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager is vulnerable to a path traversal vulnerability that stems from an input validation error when...
Illumina Local Run Manager
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Illumina Equipment: Local Run Manager LRM Vulnerabilities: Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Access Control, Cleartext Transmission of Sensitive Information 2...