PT-2026-5027

Name of the Vulnerable Software and Affected Versions RAGFlow versions prior to 0.23.1 Description RAGFlow, an open-source RAG Retrieval-Augmented Generation engine, contains a “Zip Slip” issue in the MinerU parser. This allows an attacker to overwrite arbitrary files on the server, potentially...

PT-2026-5035

Name of the Vulnerable Software and Affected Versions Meshtastic versions prior to 2.7.6.834c3c5 Description Meshtastic is a mesh networking solution where nodes are identified by their NodeID, derived from the MAC address, rather than their public key. This design flaw allows an attacker to forg...

Linux Distros Unpatched Vulnerability : CVE-2026-24137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sigstore framework is a common go library shared across sigstore services and clients. In versions 1.10.3 and below, the legacy TUF client pkg/tuf/client.go...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005109)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005109 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually...

RAGFlow path traversal vulnerability

RAGFlow is an open-source RAG engine based on deep document understanding, developed by InfiniFlow. Versions of RAGFlow prior to 0.23.1 contained a path traversal vulnerability. This vulnerability stemmed from an arbitrary file overwrite vulnerability in the MinerU parser, which could lead to...

A malicious rsh server can overwrite arbitrary files in a directory on the rcp client machine

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

CVE-2026-23890

pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's bin linking allows malicious npm packages to create executable shims or symlinks outside of nodemodules/.bin. Bin names starting with @ bypass validation, and after scope normalization, path traversal...

EUVD-2026-4656

pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's bin linking allows malicious npm packages to create executable shims or symlinks outside of nodemodules/.bin. Bin names starting with @ bypass validation, and after scope normalization, path traversal...

EUVD-2026-4657

pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's tarball extraction allows malicious packages to write files outside the package directory on Windows. The path normalization only checks for ./ but not .. On Windows, backslashes are directory separators...

Untrusted Search Path

Overview @pnpm/fetching.binary-fetcher is a fetcher for binary archives Affected versions of this package are vulnerable to Untrusted Search Path via the extractZipToTarget function and the use of unvalidated prefix values. An attacker can overwrite arbitrary files on the file system by supplying...

Directory Traversal

Overview @pnpm/store.cafs is a content-addressable filesystem for the packages storage Affected versions of this package are vulnerable to Directory Traversal via improper path normalization during tarball extraction on Windows. An attacker can overwrite files outside the intended directory by...

PT-2026-4824

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.28.1 Description A path traversal flaw exists in pnpm's tarball extraction process on Windows systems. The vulnerability stems from incomplete path normalization, specifically failing to account for . in addition to ....

PT-2026-4825

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.28.1 Description pnpm is susceptible to a path traversal issue in its bin linking mechanism. Malicious npm packages can exploit this to create executable shims or symlinks outside of the node modules/.bin directory. T...

openSUSE 16 Security Update : podman (openSUSE-SU-2026:20072-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20072-1 advisory. - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files...

SUSE CVE-2025-71161

In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...

Security update for podman (important)

openSUSE security update: security update for podman ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20072-1 Rating: important References: bsc1249154 bsc1252376 Cross-References: CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 CVE-2025-9566 CVSS scores...

CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

CVE-2026-1386 Arbitrary Host File Overwrite via Symlink in Firecracker Jailer

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

CVE-2026-1386

The CVE-2026-1386 issue affects Firecracker’s jailer component. A local user who has write access to pre-created jailer directories could abuse a UNIX symlink vulnerability during jailer startup to overwrite arbitrary host files when the jailer runs with root privileges. Affected versions include...

CVE-2026-1386 Arbitrary Host File Overwrite via Symlink in Firecracker Jailer

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...