5686 matches found
CVE-2026-50003 OFFIS DCMTK Toolkit Path Traversal
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...
EUVD-2026-40352
Vibe-Trading before 0.1.10 constructs the swarm run directory by joining a caller-supplied run identifier onto the runs base directory without validation in rundir agent/src/swarm/store.py. A crafted run identifier supplied through the MCP swarm tools causes the application to read arbitrary...
CVE-2026-6556 @fastify/express vulnerable to middleware bypass via non-string mount paths in prefixed plugins
@fastify/express versions 4.0.6 and earlier only rewrite the plugin prefix for middleware mount paths when the path argument is a string. Non-string mount paths arrays of paths and regular expressions are left unprefixed inside prefixed plugin scopes, so middleware registered with those forms doe...
CVE-2026-6556
The CVE concerns @fastify/express 4.0.6 and earlier, where non-string mount paths (arrays/regex) are not prefixed inside prefixed plugin scopes. This causes middleware registered with those forms to not match the actual prefixed request path, potentially bypassing path-scoped security middleware ...
DEBIAN-CVE-2026-49877
Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/ paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ: before 5.19.8, from...
CVE-2026-49877
Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/ paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ: before 5.19.8, from...
CVE-2026-49877
CVE-2026-49877 documents an Improper Authorization vulnerability in Apache ActiveMQ. An authenticated, low-privilege Web Console user can access "/admin/*" paths because Jetty default settings fail to restrict those paths to admins. Affected versions are before 5.19.8 and before 6.2.7 (i.e., 6.0....
PT-2026-53878
Name of the Vulnerable Software and Affected Versions @fastify/express versions prior to 4.0.7 Description A middleware scoping flaw exists where plugin prefixes are not applied to middleware mount paths when the mount path is provided as an array or a regular expression. This occurs due to...
PT-2026-53840
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.8 Apache ActiveMQ versions 6.0.0 through 6.2.6 Description An improper authorization issue exists where an authenticated user with low privileges can access the /admin/ endpoints in the Web Console. This...
Bridging the Visibility Gap: A Unified Security Operating Model for Hybrid Cloud Teams
Move beyond chasing vulnerabilities to a unified hybrid risk strategy. The Sensor Workload Scanner is now GA and extends our risk prioritization engine to on-premise environments to identify the critical attack paths across your hybrid cloud...
CVE-2026-53632
A flaw was found in launch-editor. This component, used in Node.js to open files, can be tricked into accessing arbitrary paths, including Windows Universal Naming Convention UNC paths. When a malicious UNC path is opened, Windows automatically attempts NTLM authentication to a remote server...
Linux Distros Unpatched Vulnerability : CVE-2026-53156
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlyi...
CVE-2026-12404
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...
SUSE CVE-2026-55092
Trivy is a security scanner. Prior to 0.71.1, when Trivy downloads an OCI artifact, it uses the org.opencontainers.image.title annotation from the artifact manifest as the destination filename without validation. An attacker who can make Trivy fetch an attacker-controlled artifact can supply a...
EUVD-2026-39923
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...
EUVD-2026-38068
gonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the host...
CVE-2026-28701
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...
CVE-2026-48935
A flaw was found in Node.js. The Permission API allows a local user to modify file metadata on paths that have been explicitly set as read-only. This can lead to unauthorized changes in file properties, impacting the integrity of the file system. Mitigation Mitigation for this issue is either not...
CVE-2026-28701
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...
CVE-2026-28701 Daktronics Controller Firmware Path Traversal
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...