Lucene search
K

153 matches found

CVE
CVE
added 4 days ago8 views

CVE-2026-40009

CVE-2026-40009 describes an Authenticated user privilege escalation issue in Apache IoTDB (versions 2.0.8–before 2.0.10). The vulnerability arises from improper privilege management and access control, allowing an authenticated user to escalate to full tree-path access by renaming themselves to _...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 4 days ago8 views

CVE-2026-40009

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-40009 Apache IoTDB: Authenticated users can escalate to full tree-path access by renaming themselves to __internal_auditor

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...

0.00209EPSS
Exploits0References1
CVE
CVE
added 5 days ago12 views

CVE-2026-39246

The connected documents confirm a concrete vulnerability in the decompression tool: before v4.2.2, symlink entries (type === 'symlink') pass the archive’s x.linkname directly to fs.symlink() without validation. The existing preventWritingThroughSymlink check only applies to file entries, not syml...

7.5CVSS6.1AI score0.00485EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/06/30 11:16 a.m.8 views

CVE-2026-49877

Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/ paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ: before 5.19.8, from...

8.1CVSS0.0051EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 1:3 p.m.16 views

EUVD-2026-33305

WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded...

6.9CVSS6AI score0.00455EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/28 4:41 p.m.36 views

CVE-2026-44543 Local Path Provisioner: HelperPod Template Injection

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

8.7CVSS0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 2:12 a.m.15 views

CVE-2026-41937

Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows superadmin users to execute arbitrary PHP code by uploading a malicious plugin ZIP file. Attackers can craft a ZIP containing a plugin.php with a valid Slug header and a...

8.6CVSS6.2AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 12:48 p.m.51 views

CVE-2026-29518 Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write

Rsync versions before 3.4.3 contain a time-of-check to time-of-use TOCTOU race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path ca...

7.3CVSS0.00152EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: Added the handle of the event to the path. The handle is essential for retrieving the AUXEVENT of each CPU and is required in perf mode. It has been added to the coresightpath so that dependent devices can access ...

5.7AI score0.00155EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.11 views

PT-2026-42153

Name of the Vulnerable Software and Affected Versions rsync versions prior to 3.4.3 Description A time-of-check to time-of-use TOCTOU race condition exists in the daemon file handling. This occurs when an rsync daemon is configured with the chroot setting set to false. A local attacker with write...

7.8CVSS5.9AI score0.00152EPSS
Exploits0References71
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.13 views

CVE-2026-42213

SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, the inc "filename" directive in GPPL postprocessor files is resolved by GpplDocumentLinkHandler into a clickable link VS Code textDocument/documentLin...

5.1CVSS5.9AI score0.00454EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/21 2:32 p.m.11 views

OpenMage LTS: Phar Deserialization leads to Remote Code Execution

PHP functions such as getimagesize, fileexists, and isreadable can trigger deserialization when processing phar:// stream wrapper paths. OpenMage LTS uses these functions with potentially controllable file paths during image validation and media handling. An attacker who can upload a malicious ph...

8.1CVSS6.4AI score0.00539EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/04/20 6:16 p.m.12 views

CVE-2026-41389

OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...

6.3CVSS0.00264EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/20 5:48 p.m.4 views

CVE-2026-41389 OpenClaw 2026.4.7 < 2026.4.15 - Arbitrary File Read via Unvalidated Tool-Result Media Paths

OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...

6.3CVSS5.9AI score0.00264EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.4 views

CVE-2026-32008

OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files readable by the...

7.1CVSS5.8AI score0.00403EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.8 views

Astro 输入验证错误漏洞

Astro is a content-driven website framework developed by Astro OpenSource. Versions of Astro from 2.10.10 to 5.18.1 had a vulnerability related to input validation errors. This vulnerability stemmed from defects in the path matching logic of remotePatterns, which could allow access to paths that...

6.3CVSS5.8AI score0.00325EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/03/19 12:44 p.m.9 views

Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass

Details A Path Traversal and Access Control Bypass vulnerability was discovered in the salvo-proxy component of the Salvo Rust framework v0.89.2. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g., protected...

7.5CVSS5.8AI score0.00565EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/03/16 6:47 p.m.5 views

Files or Directories Accessible to External Parties

Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties through the importStdMd import process in kernel/api/import.go. An attacker can import data from sensitive or unintended local paths and potentially access or expose local files by...

8.2CVSS5.8AI score0.00431EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/10 9:2 p.m.8 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.2CVSS5.8AI score0.00108EPSS
Exploits0References3
Rows per page
Query Builder