Lucene search
K

9 matches found

OSV
OSV
added 2026/03/26 8:32 p.m.5 views

GO-2026-4707 SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write in github.com/siyuan-note/siyuan/kernel

SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write in github.com/siyuan-note/siyuan/kernel...

9.1CVSS5.9AI score0.00434EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/19 9:7 p.m.4 views

CVE-2026-32749 SiYuan importSY/importZipMd: Path Traversal via multipart filename enables arbitrary file write

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outsi...

7.6CVSS5.9AI score0.00434EPSS
Exploits1References3
OSV
OSV
added 2026/03/19 9:7 p.m.5 views

CVE-2026-32749 SiYuan importSY/importZipMd: Path Traversal via multipart filename enables arbitrary file write

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outsi...

7.6CVSS6.5AI score0.00434EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/03/19 5:46 p.m.10 views

Langflow has an Arbitrary File Write (RCE) via v2 API

Summary While reviewing the recent patch for CVE-2025-68478 External Control of File Name in v1.7.1, I discovered that the root architectural issue within LocalStorageService remains unresolved. Because the underlying storage layer lacks boundary containment checks, the system relies entirely on...

9.9CVSS6AI score0.01417EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/16 6:47 p.m.7 views

SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write

Summary POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outside the temp directory - including system paths that enable RCE. Details...

9.1CVSS6AI score0.00434EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/03/16 6:47 p.m.3 views

GHSA-QVVF-Q994-X79V SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write

Summary POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outside the temp directory - including system paths that enable RCE. Details...

7.6CVSS6AI score0.00434EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.12 views

PT-2026-25824

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and below Description SiYuan, a personal knowledge management system, contains a flaw in the handling of file uploads through the '/api/import/importSY' and '/api/import/importZipMd' API endpoints. These endpoints write...

9.1CVSS6.1AI score0.00434EPSS
Exploits1References9
OSV
OSV
added 2026/03/15 5:53 a.m.3 views

OESA-2026-1554 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ excepti...

7.5CVSS5.6AI score0.00602EPSS
Exploits3References4
Vulnrichment
Vulnrichment
added 2026/03/07 4:8 p.m.3 views

CVE-2026-29076 cpp-httplib: Stack Overflow Denial of Service (DoS) via std::regex in multipart filename parsing

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS5.6AI score0.00602EPSS
Exploits1References3
Rows per page
Query Builder