226 matches found
CVE-2026-58252
creationtimestamp| type| source ---|---|--- 2026-07-11 10:25:12+00:00| seen| https://bsky.app/profile/potato.software/post/3mqeh4vd2652t 2026-07-11 10:25:12+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqeh4uf44y27 2026-07-11 10:25:13+00:00| seen|...
CVE-2026-56044
creationtimestamp| type| source ---|---|--- 2026-07-07 07:16:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mq22p3vtqu2n 2026-07-07 07:25:29+00:00| seen| https://bsky.app/profile/potato.software/post/3mq237t753r2y...
CVE-2026-11405
creationtimestamp| type| source ---|---|--- 2026-07-07 04:31:58+00:00| seen| https://bsky.app/profile/securityonline.bsky.social/post/3mpzrjkh5ga2f 2026-07-07 04:31:59+00:00| seen| https://bsky.app/profile/potato.software/post/3mpzrjlnff724 2026-07-07 08:15:44+00:00| seen|...
CVE-2026-13015
creationtimestamp| type| source ---|---|--- 2026-07-04 09:15:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mpspx567d22e 2026-07-04 09:15:08+00:00| seen| https://bsky.app/profile/potato.software/post/3mpspx5mi4n2r...
CVE-2026-58523
creationtimestamp| type| source ---|---|--- 2026-07-03 21:49:12+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mprjmlunko2x 2026-07-03 21:49:13+00:00| seen| https://bsky.app/profile/potato.software/post/3mprjmmwam72h 2026-07-03 21:49:17+00:00| seen|...
CVE-2011-3417
creationtimestamp| type| source ---|---|--- 2026-06-28 13:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpe24giui52l 2026-06-28 13:07:07+00:00| seen| https://bsky.app/profile/potato.software/post/3mpe24hdv4e2t...
CVE-2024-48509
creationtimestamp| type| source ---|---|--- 2026-06-22 09:07:07+00:00| seen| https://bsky.app/profile/potato.software/post/3moujvrjoc22f 2026-06-22 09:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3moujvqbawm2i...
CVE-2026-24187
creationtimestamp| type| source ---|---|--- 2026-06-11 04:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mnydz7e3co2o 2026-06-11 04:07:09+00:00| seen| https://bsky.app/profile/potato.software/post/3mnydzaulpn2f...
CVE-2026-11306
creationtimestamp| type| source ---|---|--- 2026-06-05 03:01:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnj5jnm4ks2s 2026-06-05 03:01:09+00:00| seen| https://bsky.app/profile/potato.software/post/3mnj5jpel2f2s 2026-06-05 13:24:44+00:00| seen|...
CVE-2026-40290
creationtimestamp| type| source ---|---|--- 2026-06-03 19:25:43+00:00| seen| https://bsky.app/profile/potato.software/post/3mnftjm7jzc2i 2026-06-04 02:00:35+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mngjoiq3fh25...
CVE-2026-4081
creationtimestamp| type| source ---|---|--- 2026-06-03 10:18:04+00:00| seen| https://bsky.app/profile/potato.software/post/3mneuvbjsee2f...
CVE-2026-9642
creationtimestamp| type| source ---|---|--- 2026-05-26 22:00:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmryk2eogi2k 2026-05-26 22:15:19+00:00| seen| https://bsky.app/profile/potato.software/post/3mmrzeclokg26 2026-05-29 22:07:08+00:00| seen|...
CVE-2026-6690
creationtimestamp| type| source ---|---|--- 2026-05-16 06:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlx7yjc64q2l 2026-05-16 06:32:07+00:00| seen| https://bsky.app/profile/potato.software/post/3mlx7yjq5xq27...
GHSA-Q9M2-FHV9-3JCF `potato-annotation` has a Project-Boundary Bypass
Summary validatepathsecurity uses string-prefix containment startswith for boundary checks. This allows paths that are outside the intended project directory but share its prefix string e.g., /tmp/potatoprojdemoevil/... vs /tmp/potatoprojdemo to be accepted. Details Affected source location root...
Directory Traversal
Overview potato-annotation is an A flexible, stand-alone, web-based platform for text annotation tasks Affected versions of this package are vulnerable to Directory Traversal via the validatepathsecurity function. An attacker can gain unauthorized access to files outside the intended project...
`potato-annotation` has a Project-Boundary Bypass
Summary validatepathsecurity uses string-prefix containment startswith for boundary checks. This allows paths that are outside the intended project directory but share its prefix string e.g., /tmp/potatoprojdemoevil/... vs /tmp/potatoprojdemo to be accepted. Details Affected source location root...
CVE-2026-6229
creationtimestamp| type| source ---|---|--- 2026-05-06 02:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3ml5nxwigtp2q 2026-05-06 02:33:09+00:00| seen| https://bsky.app/profile/potato.software/post/3ml5nxwwnu32t...
CVE-2026-27960
creationtimestamp| type| source ---|---|--- 2026-05-05 19:19:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4vpud3o42r 2026-05-05 19:21:58+00:00| seen| https://bsky.app/profile/potato.software/post/3ml4vuza7cx2l 2026-05-05 21:58:42+00:00| seen|...
CVE-2026-33318
creationtimestamp| type| source ---|---|--- 2026-04-23 20:22:56+00:00| published-proof-of-concept| https://github.com/actualbudget/actual/security/advisories/GHSA-prp4-2f49-fcgp 2026-04-24 03:56:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk7n2kb7sz2z 2026-04-24...
CVE-2024-43028
creationtimestamp| type| source ---|---|--- 2026-04-07 09:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mivicunecn2a 2026-04-07 10:00:56+00:00| seen| https://bsky.app/profile/potato.software/post/3mivjhz5lhn2n...