Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 6 days ago7 views

CVE-2026-54097 File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, a low-privileged authenticated user of filebrowser with create + delete permissions in their own isolated scope can silently destroy share-link...

7.2CVSS5.8AI score0.00411EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 5:10 p.m.6 views

GHSA-RCVQ-M9J9-6F4G @hapi/inert has a static-file confinement bypass via sibling-prefix path

Impact @hapi/inert serves static files from a directory configured with path in the directory / file handlers or relativeTo for h.file, with confinement enforced by the confine option default true. Before the patch, the confinement check compared the resolved absolute path against the confine...

5.3CVSS5.6AI score0.00062EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.9 views

CVE-2026-49738

The path allowance check in GeneralUtility::isAllowedAbsPath performed a plain string prefix comparison without requiring a directory separator boundary, causing a path like /var/www/html-other/secret.yaml to be incorrectly accepted as valid when the project root was /var/www/html. Administrator...

2.1CVSS5.4AI score0.00356EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/19 7:36 p.m.115 views

Caddy: Remote Admin Authorization Bypass on PKI Endpoints via Prefix-Based Path Matching

AI Disclosure I used an LLM to help review the source code, reason about attack surface, and help draft and refine this report. I manually validated the finding by reproducing it locally, confirming the vulnerable code path, and verifying the HTTP behavior with curl -v. Summary Caddy's remote adm...

5.8AI score
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/21 7:34 p.m.11 views

CVE-2026-40876

CVE-2026-40876 (goshs) describes an SFTP jail-escape due to a prefix-based path validation bug in the sftpserver.helper.go sanitizePath implementation. The code uses a raw string-prefix check to validate the target path against the configured root, which allows a sibling path (e.g., /tmp/goshsroo...

8.8CVSS5.8AI score0.00439EPSS
Exploits1References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/31 11:27 p.m.6 views

SUSE CVE-2026-32716

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the sa...

6.5CVSS5.8AI score0.00389EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.3 views

PT-2026-29184

Name of the Vulnerable Software and Affected Versions SciTokens versions prior to 1.9.6 Description SciTokens is a library for generating and using SciTokens. The Enforcer component incorrectly validates scope paths using a simple prefix match, allowing a token with access to a specific path to...

9.8CVSS5.9AI score0.00516EPSS
Exploits3References15
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.5 views

CVE-2026-23942

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/03/03 12:28 p.m.4 views

jenkins: Missing permission check for paths with specific prefix

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not correctly match requested URLs to the list of always accessible paths, allowing attackers without Overall/Read permission to access some URLs as if they did have Overall/Read permission...

5.3CVSS5.8AI score0.01307EPSS
Exploits0References4
Rows per page
Query Builder