GHSA-8GGJ-J522-H5QF Apache Polaris has an Improper Input Validation Issue

Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...

CVE-2026-32604 Spinnaker vulnerable to RCE when using gitrepo artifact types due to improper sanitization of user input on branch and paths

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions...

CVE-2026-32604

CVE-2026-32604 affects Spinnaker before the patched releases 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2. The vulnerability arises in clouddriver components when handling gitrepo artifacts, allowing a bad actor to execute arbitrary commands on the pod (RCE) by exploiting improper input handling on...

CVE-2026-29791

CVE-2026-29791 affects Agentgateway, an open source data plane for agentic AI connectivity. Before version 0.12.0, MCP tools/call requests converted to OpenAPI requests did not sanitize input path, query, and header values, enabling parameter injection. The issue is patched in version 0.12.0. Imp...

USN-7984-1: Pagure vulnerabilities

Thomas Chauchefoin discovered that Pagure incorrectly handled symbolic links in Git repositories. A remote attacker could possibly use this issue to cause Pagure to expose files outside the intended repository boundaries. CVE-2024-4981 Thomas Chauchefoin discovered that Pagure did not properly...

CVE-2025-34350

UnForm Server versions 10.1.15 contain an unauthenticated arbitrary file read and SMB coercion vulnerability in the Doc Flow feature’s 'arc' endpoint. The Doc Flow module uses the 'arc' handler to retrieve and render pages or resources specified by the user-supplied 'pp' parameter, but it does so...

Advantech DeviceOn/iEdge Cross-Site Scripting Vulnerability

Advantech DeviceOn/iEdge is a remote management and operation and maintenance platform for edge devices from Advantech, Taiwan, China. A cross-site scripting vulnerability exists in Advantech DeviceOn/iEdge, which stems from insufficient cleanup of dashboard labels or path inputs, and can be...

Privilege Escalation

github.com/nektos/act is vulnerable to Privilege Escalation. The vulnerability exists in multiple functions of server.go because the path inputs are not sanitized which allows an attacker to download and overwrite arbitrary files on the host...

CVE-2023-22726

act is a project which allows for local running of github actions. The artifact server that stores artifacts from Github Action runs does not sanitize path inputs. This allows an attacker to download and overwrite arbitrary files on the host from a Github Action. This issue may lead to privilege...

USN-5283-1: Tar for Node.js vulnerability

It was discovered that Tar for Node.js did not properly sanitize path inputs. An attacker could possibly use this issue to read arbitrary files, resulting in a directory traversal attack...