SUSE-SU-2026:21413-1 Security update for sed

This update for sed fixes the following issue: - CVE-2026-5958: TOCTOU race allows write of user-controlled content to unintended files and can lead to arbitrary file overwrite bsc1262144...

SUSE-SU-2026:21448-1 Security update for sed

This update for sed fixes the following issue: - CVE-2026-5958: TOCTOU race allows write of user-controlled content to unintended files and can lead to arbitrary file overwrite bsc1262144...

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

PT-2026-35552

OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sandbox tar upload that allows remote attackers to write arbitrary files. Attackers can exploit this by uploading tar archives containing symlinks to escape the sandbox and overwrite files on the remote host...

CVE-2018-25263

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log...

CVE-2018-25263

Faleemi Desktop Software 1.8.2 contains a local buffer overflow in the Device alias field of the Managing Log interface that allows an attacker with local access to trigger a structured exception handler (SEH) overwrite and execute arbitrary code (PoC shows calculator). The vulnerability is trigg...

CVE-2026-41433

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...

CVE-2026-41433

OpenTelemetry eBPF Instrumentation (OpenTelemetry OBI) has a local impact flaw in the Java agent injection path for versions 0.4.0–0.7.x (before 0.8.0). A compromised Java workload can cause arbitrary host file overwrites when Java injection is enabled and OBI runs with elevated privileges. The r...

CVE-2026-41433 OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...

EUVD-2026-25620

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...

CVE-2026-41433 OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...

CVE-2026-41326

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...

EUVD-2026-25592

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...

CVE-2026-33662 OP-TEE: RSASSA EMSA- PKCS1-v1_5 underflow in emsa_pkcs1_v1_5_encode()

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...

CVE-2026-31616 usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fphonet: fix skb frags overflow in pnrxcomplete A broken/bored/mean USB host can overflow the skbsharedinfo-frags array on a Linux gadget exposing a Phonet function by sending an unbounded sequence of full-page OUT...

CLSA-2026-1777040413 dmidecode: Fix of CVE-2023-30630

CVE-2023-30630: do not let --dump-bin overwrite an existing file...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the --persist-lint-results process. An attacker can overwrite arbitrary JSON files on the filesystem by supplying a crafted APK with manipulated .PKGINFO fields containing path traversal sequences. This is only...

EUVD-2026-25380

Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowin...

CVE-2026-33318

CVE-2026-33318 affects Actual, a local-first personal finance tool. Prior to version 26.4.0, any authenticated session could escalate to ADMIN on OpenID-migrated servers due to a three‑part chain: 1) missing authorization on POST /account/change-password allows overwriting the password hash; 2) a...

PT-2026-35062

Name of the Vulnerable Software and Affected Versions Kata Containers versions 3.4.0 through 3.28.0 Description An oversight in the CopyFile policy and potentially the CopyFile handler allows untrusted hosts to write to arbitrary locations within the guest workload image. This flaw can be exploit...