Lucene search
K

102 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/29 6:0 p.m.20 views

CVE-2026-7397

A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function checksensitivepath of the file tools/filetools.py. The manipulation results in symlink following. Attacking locally is a requirement. The exploit has been released to the public and may be used for...

4.8CVSS4.8AI score0.00138EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/04/29 9:21 a.m.9 views

CLSA-2026-1777454474 plexus-utils: Fix of CVE-2025-67030

CVE-2025-67030: fix Zip Slip / directory traversal in Expand.extractFile canonical path check...

8.8CVSS5.8AI score0.00663EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 1:42 p.m.36 views

CLSA-2026-1777038119 plexus-utils: Fix of CVE-2025-67030

CVE-2025-67030 fix zip slip via canonical path check in Expand...

8.8CVSS5.8AI score0.00663EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 4:7 p.m.19 views

CVE-2026-35349

CVE-2026-35349 affects the rm utility in uutils coreutils . The root cause is a path-string check used to identify the root directory instead of comparing device/inode numbers, allowing a symbolic link that resolves to "/" (e.g., "/tmp/rootlink -> /") to bypass --preserve-root. This can lead t...

7.7CVSS5.8AI score0.00184EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34485

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description A flaw in the rm utility allows a bypass of the --preserve-root protection. The system uses a path-string check instead of comparing device and inode numbers to identify the root...

7.7CVSS6AI score0.00184EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 2026/04/10 8:19 p.m.5 views

CVE-2026-40191 ClearanceKit has a policy bypass via dual-path Endpoint Security events checking only source path

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.4-beta-1f46165, ClearanceKit's Endpoint Security event handler only checked the source path of dual-path file operations against File Access Authorization FAA rules and App Jail...

6.8CVSS5.8AI score0.00115EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/04/07 12:24 p.m.5 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow bsc1259447...

8.8CVSS6.1AI score0.00401EPSS
Exploits0References60
Github Security Blog
Github Security Blog
added 2026/04/03 4:4 a.m.7 views

Signal K Server: Arbitrary Prototype Read via `from` Field Bypass

Summary The /signalk/v1/applicationData/... JSON-patch endpoint allows users to modify stored application data. To prevent Prototype Pollution, the developers implemented an isPrototypePollutionPath guard. However, this guard only checks the path property of incoming JSON-patch objects. It...

6.5CVSS6.5AI score0.00308EPSS
Exploits1References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/31 11:27 p.m.9 views

SUSE CVE-2026-32716

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the sa...

6.5CVSS5.8AI score0.00389EPSS
Exploits1References3
OSV
OSV
added 2026/03/31 10:51 p.m.3 views

GHSA-W8FP-G9RH-34JH SciTokens has an Authorization Bypass via Incorrect Scope Path Prefix Checking

Summary The Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the same prefix e.g., /johnathan, /johnny, which is an Authorization Bypass. Details File:...

8.1CVSS5.9AI score0.00389EPSS
Exploits1References5
NVD
NVD
added 2026/03/31 10:16 p.m.13 views

CVE-2026-34451

Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.81.0, the local filesystem memory tool in the Anthropic TypeScript SDK validated model-supplied paths using a string prefix check that did no...

6.3CVSS0.00292EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 5:19 p.m.3 views

CVE-2026-33490

H3 is a minimal HTTP framework. In versions 2.0.0-0 through 2.0.1-rc.16, the mount method in h3 uses a simple startsWith check to determine whether incoming requests fall under a mounted sub-application's path prefix. Because this check does not verify a path segment boundary i.e., that the next...

3.7CVSS5.9AI score0.00239EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.5 views

CVE-2026-23942

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.4 views

PT-2026-26177

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and below Description SiYuan, a personal knowledge management system, has an issue where the /api/lute/html2BlockDOM endpoint on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace...

9.9CVSS5.8AI score0.00414EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.11 views

PT-2026-26413

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22 Description OpenClaw versions prior to 2026.2.22 contain an arbitrary shell execution issue in the shell environment fallback mechanism. This occurs because the software trusts the unvalidated SHELL path fr...

7.8CVSS6.3AI score0.00127EPSS
Exploits0References9
NVD
NVD
added 2026/02/19 7:22 p.m.5 views

CVE-2026-23621

GFI MailEssentials AI versions prior to 22.4 contain an arbitrary directory existence enumeration vulnerability in the ListServer.IsPathExist web method exposed at /MailEssentials/pages/MailSecurity/ListServer.aspx/IsPathExist. An authenticated user can supply an unrestricted filesystem path via...

5.3CVSS0.00244EPSS
Exploits0References2
OSV
OSV
added 2026/02/19 7:22 p.m.3 views

CVE-2026-23621

GFI MailEssentials AI versions prior to 22.4 contain an arbitrary directory existence enumeration vulnerability in the ListServer.IsPathExist web method exposed at /MailEssentials/pages/MailSecurity/ListServer.aspx/IsPathExist. An authenticated user can supply an unrestricted filesystem path via...

4.3CVSS5.9AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/18 6:45 p.m.3 views

CVE-2026-22860 Rack has a Directory Traversal via Rack:Directory

Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, Rack::Directory’s path check used a string prefix match on the expanded path. A request like /../rootexample/ can escape the configured root if the target path starts with the root string, allowing directory...

7.5CVSS5.5AI score0.00665EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/02/10 7:5 p.m.6 views

CVE-2026-0964

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

5.9CVSS7AI score0.58204EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.8 views

RHEL 9 : kernel-rt (RHSA-2026:1443)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1443 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

7.8CVSS7.4AI score0.00319EPSS
Exploits0References30
Rows per page
Query Builder