PT-2026-50532

Name of the Vulnerable Software and Affected Versions Punto Switcher affected versions not specified Description An unquoted-path flaw allows the execution of attacker-placed code at the user's privilege level. This issue occurs during a call made by a signed Windows binary at launch, enabling...

CVE-2026-45564

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions////save interpolates the URL-path configver parameter directly into a config-version path that ends up at os.systemf"dos2unix -q cfg". configver is not run...

CVE-2026-42535

CVE-2026-42535 affects Apache httpd’s mod_dav_fs in versions 2.4.67 and earlier. A path handling issue lets a WebDAV content author directly manipulate trusted DAV property databases, with the practical impact described as potential child process crashes. The recommended remediation is upgrading ...

CVE-2026-10211

A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Affected by this issue is the function normalizerwpath of the file astrbot/core/tools/computertools/fs.py. This manipulation causes incorrect authorization. It is possible to initiate the attack remotely. The exploit has been publicly...

PT-2026-46308

This vulnerability exists in Nuclio Dashboard's project management API, allowing any authenticated user without membership in the target project to bypass OPA authorization checks on write paths PUT /api/projects/id, DELETE /api/projects and modify or delete any project along with all its...

CVE-2026-1784

The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration...

CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

EUVD-2026-30559

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...

HWPX MCP Server 路径遍历漏洞

HWPX MCP Server is an enhanced version of the HWPX document editing MCP server by Kim dayoun individual developer. A path traversal vulnerability exists in HWPX MCP Server version 0.2.0, which stems from an improper operation of the savedocument/exporttotext/exporttohtml functions of the...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in google.golang.org/grpc-v1.62.0

Summary IBM Watson Discovery Cartridge affected by vulnerability in google.golang.org/grpc-v1.62.0 Vulnerability Details CVEID:CVE-2026-33186 DESCRIPTION: gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input...

EUVD-2026-25150

PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.4.3, the upload PATCH flow under /files/:uploadId validates the mounted request path using the still-encoded req.path, but the downstream tus handler later writes using the decoded req.params.uploadId. In...

i-PRO IP Setting Software 代码问题漏洞

i-PRO IP Setting Software is a management tool developed by the Japanese company i-PRO, designed for discovering devices and configuring network parameters in bulk. The i-PRO IP Setting Software has a code vulnerability related to the DLL search path. This vulnerability may lead to the insecure...

CVE-2026-4913

CVE-2026-4913 involves Ivanti N-ITSM prior to 2025.4, where an improper protection of an alternate path could let a remote authenticated attacker retain access even after their account is disabled. The CVSS 3.1 base metrics reflect a Network attack vector with low attack complexity and required p...

CVE-2026-40188

goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...

CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

Exposure of Resource to Wrong Sphere

Overview apache-airflow-providers-keycloak is a Provider package apache-airflow-providers-keycloak for Apache Airflow Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere due to improper handling of the session token cookie path. An attacker can gain unauthoriz...

CVE-2026-25866

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

CVE-2026-25191

The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privileg...

CVE-2026-25191

The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privileg...