6 matches found
CVE-2026-24053
Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...
CVE-2025-64402 Apache OpenOffice: Remote documents loaded without prompt via OLE objects
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...
EUVD-2025-24141
Malicious code in bioql PyPI...
CVE-2025-8672
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application...
PT-2025-32540 · Gimp · Gimp
Name of the Vulnerable Software and Affected Versions: GIMP versions prior to 3.1.4.2 Description: The MacOS version of GIMP includes a Python interpreter that inherits Transparency, Consent, and Control TCC permissions granted to the main application. An attacker with local access can use this...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Monterey prior to version 12.7.6, which stems from a shortcut that may be able to use sensitive data without prompting the user through certain actions...