Lucene search
+L

4 matches found

CVE
CVE
added 2026/07/06 7:25 p.m.22 views

CVE-2026-58403

Hugo (static site generator) vulnerable from v0.123.0 through v0.163.0. A regression in RootMappingFs.statRoot caused it to call Stat (which follows symlinks) instead of Lstat, enabling os.ReadFile on a symlink to read the target file outside the mount. This could let a symlink inside a theme or ...

6.5CVSS5.9AI score0.00318EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/16 8:12 p.m.7 views

GHSA-FW87-FV5R-9FPW Hugo: Symlink confinement bypass in resources.Get

Commit: f8b5fa09a6 — Fix prevention of direct symlink reads in resources.Get Affected versions: v0.123.0 through v0.161.1. Earlier versions are not affected. Fixed in: v0.162.0. Severity: Medium. Requires the attacker to be able to place or convince a site author to place a symlink inside a mount...

6.9CVSS5.6AI score0.00275EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.7 views

CVE-2026-31392

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix krb5 mount with username option Customer reported that some of their krb5 mounts were failing against a single server as the client was trying to mount the shares with wrong credentials. It turned out the client...

8.1CVSS5.7AI score0.00122EPSS
Exploits0References8
OSV
OSV
added 2025/10/24 10:10 a.m.6 views

SUSE-SU-2025:20913-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_5

This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretm...

7.8CVSS5.8AI score0.00528EPSS
Exploits1References19
Rows per page
Query Builder