Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to path-traversal in golang os module [CVE-2026-27139]

Summary IBM Watson Speech Services Cartridge is vulnerable to path-traversal in golang os module, due to ability of a FileInfo action to reference a file outside of the Root in which the File was opened. CVE-2026-27139. Golang os module is used in our speech utilities. This vulnerabilitiy has bee...

CVE-2026-45227

Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspection primitives. Attackers can use Python introspection techniques to recover the unrestricted...

PT-2026-40064

The superduper project thru v0.10.0 contains a critical remote code execution vulnerability in its query parsing component. The parse op part function in query.py uses the unsafe eval function to dynamically evaluate user-supplied query operands without proper sanitization or restriction. Althoug...

Wireshark MCP Server 命令注入漏洞

Wireshark MCP Server is a network packet capture and analysis tool developed by AG Personal Developers. Wireshark MCP Server has a command injection vulnerability, which stems from a issue with the quickcapture function in the pysharkmcp.py file. This vulnerability may lead to command injection v...

CVE-2022-38992

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2022-38996

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-38993

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-38988

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2022-38997

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2022-38979

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...

EUVD-2021-27213

Malware in sbrugna...

EUVD-2011-4155

Malware in sbrugna...

EUVD-2021-33445

Malicious code in bioql PyPI...

EUVD-2022-41525

Malicious code in bioql PyPI...

EUVD-2022-51194

Malicious code in bioql PyPI...

EUVD-2022-41535

Malicious code in bioql PyPI...

EUVD-2022-41538

Malicious code in bioql PyPI...

EUVD-2022-41540

Malicious code in bioql PyPI...

EUVD-2022-41536

Malicious code in bioql PyPI...

EUVD-2022-51188

Malicious code in bioql PyPI...