Lucene search
K

33 matches found

CVE
CVE
added 3 days ago6 views

CVE-2026-59807

CVE-2026-59807 affects Composio SDK prior to 0.2.32-beta.283. A path validation bypass in readFileFromDisk (tool-file-uploads.ts) can enable an attacker to read and exfiltrate sensitive files by manipulating file_uploadable parameters via prompt injection, referencing sensitive paths such as SSH ...

8.9CVSS6AI score0.00289EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-59807 Composio SDK < 0.2.32-beta.283 - Sensitive File Upload via tool-file-uploads.ts

Composio SDK before 0.2.32-beta.283 contains a path validation bypass vulnerability that allows attackers to read and exfiltrate sensitive files by exploiting a missing assertSafeFileUploadPath check in the readFileFromDisk function within tool-file-uploads.ts. Attackers can exploit prompt...

8.9CVSS0.00289EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/20 2:29 a.m.14 views

SUSE CVE-2026-48617

A flaw in Node.js Permission Model enforcement allows Bypass via process.report.writeReport Path Misvalidation. This can lead to confidentiality impact or bypass of the intended security boundary under affected configurations. This vulnerability affects all supported release lines: Node.js 22,...

2.9CVSS5.9AI score0.00208EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/02 10:52 p.m.14 views

CVE-2026-2614

A flaw was found in mlflow. An unauthenticated remote attacker can exploit a vulnerability in the createmodelversion handler by including a specific tag, mlflow.prompt.isprompt, in a CreateModelVersion request. This bypasses source path validation, allowing the attacker to specify an arbitrary...

7.5CVSS7.1AI score0.00696EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/29 10:31 p.m.26 views

PraisonAI has an Arbitrary File Write in Python API

Bug Report: Arbitrary File Write in Python API Summary Hidden metadata in a webpage causes PraisonAI agents to write attacker-controlled content to arbitrary paths. writefile skips path validation when workspace=None always None in production. Affected PraisonAI outputfile: /tmp/flag.txt...

6AI score0.00051EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/11 9:31 p.m.9 views

GHSA-42H5-H8QH-VV9V MLflow allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem

A vulnerability in the createmodelversion handler of mlflow/server/handlers.py in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem. The issue arises when a CreateModelVersion request includes the tag...

7.5CVSS7.3AI score0.00696EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/22 8:51 p.m.6 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the serveExport process. An attacker can access and exfiltrate sensitive files, including databases and logs, by sending specially crafted requests with double URL encoding to bypass path validation. Details A...

7.1CVSS6.3AI score0.00313EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 6:31 p.m.28 views

GHSA-4WRP-79M8-9M9P uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output files using their file paths before initiating the split operation. However, the utility subsequently...

6.3CVSS5.8AI score0.00074EPSS
Exploits0References3
CVE
CVE
added 2026/04/21 8:57 p.m.23 views

CVE-2026-40931

CVE-2026-40931 affects the node module compressing up to versions 2.1.0 and 1.10.4/2.0.1 patching CVE-2026-24884. The root cause is a string-based path check in isPathWithinParent that validates resolved paths without accounting for filesystem state, enabling a Directory Poisoning bypass via pre-...

8.4CVSS5.7AI score0.00334EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2026/04/16 5:56 p.m.5 views

USN-8181-1 libowasp-esapi-java vulnerabilities

Jaroslav Lobačevski discovered that ESAPI incorrectly validated directory paths during path verification. An attacker could possibly use this issue to bypass directory validation checks, leading to control-flow bypass. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,...

9.8CVSS5.8AI score0.02674EPSS
Exploits4References4
Snyk
Snyk
added 2026/04/01 11:40 p.m.4 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview onnx is an Open Neural Network Exchange Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through the saveexternaldata function. An attacker can overwrite arbitrary files or inject data into sensitive locations by exploiting a race...

7.1CVSS6.1AI score
Exploits0References4
OSV
OSV
added 2026/03/30 4:33 p.m.6 views

GHSA-M8P8-53VF-8357 Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation

Summary The nginx-ui configuration improperly handles URL-encoded traversal sequences. When specially crafted paths are supplied, the backend resolves them to the base Nginx configuration directory and executes the operation on the base directory /etc/nginx. In particular, this allows an...

6.9CVSS5.8AI score0.00397EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/26 6:35 p.m.3 views

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via incomplete validation in the isLikelyLocalPath and isValidMedia functions. An attacker can access sensitive files outside the intended application sandbox by...

8.7CVSS6.5AI score0.00688EPSS
Exploits1References2
OSV
OSV
added 2026/03/26 6:31 p.m.4 views

GHSA-HGGM-X7R9-MM7V OpenClaw is vulnerable to Path Traversal through path validation bypass

OpenClaw through 2026.3.23 fixed in commit 4797bbc contains a path traversal vulnerability in media parsing that allows attackers to read arbitrary files by bypassing path validation in the isLikelyLocalPath and isValidMedia functions. Attackers can exploit incomplete validation and the...

8.7CVSS6AI score0.00688EPSS
Exploits1References6
Veracode
Veracode
added 2026/03/23 8:54 a.m.13 views

Directory Traversal

Keras is vulnerable to Directory Traversal. The vulnerability is due to unsafe extraction of tar archives in keras.utils.getfile without proper filtering during extraction, which allows an attacker to bypass path validation and write files outside the intended directory...

8CVSS7.3AI score0.00592EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/19 10:6 p.m.8 views

EUVD-2026-13281

OpenClaw versions prior to 2026.2.22 on macOS contain a path validation bypass vulnerability in the exec-approval allowlist mode that allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Attackers can execute same-name local binaries ./echo withou...

7.3CVSS5.9AI score0.00122EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.9 views

OpenClaw 代码问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code issue vulnerability caused by a path validation bypass flaw in the exec approval distribution list pattern on macOS. An attacker can exploit the vulnerability to execute arbitrary commands on th...

7.8CVSS6.2AI score0.00122EPSS
Exploits0References3
NVD
NVD
added 2026/03/02 5:16 p.m.8 views

CVE-2026-28286

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in the frontend/UI to prevent users from creating files or folders in internal OS paths. However, when interacting directly with the API, th...

9.9CVSS0.0041EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2026/03/02 4:28 p.m.3 views

CVE-2026-28286 ZimaOS: Unauthorized Creation of Files/Folders in Restricted System Directories via API

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in the frontend/UI to prevent users from creating files or folders in internal OS paths. However, when interacting directly with the API, th...

8.5CVSS6AI score0.0041EPSS
Exploits2References1
CVE
CVE
added 2026/03/02 4:28 p.m.19 views

CVE-2026-28286

ZimaOS 1.5.2-beta3 is affected: the UI blocks file/folder creation in internal paths, but the API bypasses this validation, allowing arbitrary file/directory creation in sensitive dirs (e.g., /etc, /usr) via crafted requests. Root cause is improper API path validation, enabling path traversal-lik...

9.9CVSS6AI score0.0041EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder