node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

A flaw was found in node-tar, a library for Node.js. This race condition vulnerability occurs due to incomplete handling of Unicode path collisions within the path-reservations system on case-insensitive filesystems, such as macOS APFS. A remote attacker can exploit this by providing a specially...

CVE-2026-45402

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, multiple endpoints accept a user-supplied fileid and attach the referenced file to a resource the caller controls folder knowledge, knowledge-base contents without verifying that the...

PT-2026-41960

Summary Alice runs zrok2 copy from a WebDAV or zrok drive controlled by Bob into a local filesystem target. Bob returns a DAV href such as /../outside.txt. The sync pipeline stores that path in the source inventory and passes it to FilesystemTarget.WriteStream, which joins it with the target root...

RHEL 9 : linux-sgx (RHSA-2026:18868)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18868 advisory. The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX...

RHEL 10 : podman (RHSA-2026:18289)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18289 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

ALSA-2026:18480 Important: linux-sgx security update

The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++. Security Fixes: qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-ta...

RHEL 9 : podman (RHSA-2026:18722)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18722 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

RHEL 10 : linux-sgx (RHSA-2026:18480)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18480 advisory. The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SG...

ALSA-2026:18868 Important: linux-sgx security update

The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++. Security Fixes: qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-ta...

Directory Traversal

Overview @joplin/onenote-converter is an Used to import a OneNote archive into Joplin Affected versions of this package are vulnerable to Directory Traversal via the OneNote importer. An attacker can overwrite arbitrary files on disk by supplying a crafted .one file containing specially crafted...

CVE-2026-22810

Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows overwriting arbitrary files on disk. The OneNote converter does not sanitize the names of embedded...

Out-of-bounds Write

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the JP2 encoder. An attacker can cause a single-byte heap buffer overwrite by specifying certain options. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Advisory -...

CVE-2026-22810 Joplin: Path traversal in OneNote importer allows overwriting arbitrary files

Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows overwriting arbitrary files on disk. The OneNote converter does not sanitize the names of embedded...

CVE-2026-22810

Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows overwriting arbitrary files on disk. The OneNote converter does not sanitize the names of embedded...

OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers

Summary OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log injection is enabled, a crafted multi-segment writev call can make OBI read and overwrite memory beyond the first segment. Details In...

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

Docker: Race condition in docker cp allows bind mount redirection to host path

Summary A race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. Details When copying files into a container, the daemon sets up a temporary filesystem vie...