CVE-2026-44849 Portainer: Endpoint security bypass via Swarm service create/update

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

EUVD-2026-33063

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

USN-8288-1 bubblewrap vulnerability

It was discovered that Bubblewrap incorrectly handled the sandbox setup phase when installed in setuid mode. A local attacker could possibly use this issue to bypass sandbox restrictions...

ALPINE-CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

CVE-2024-2007

A vulnerability was found in OpenBMB XAgent 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Privileged Mode. The manipulation leads to sandbox issue. The attack needs to be approached locally. The exploit has been disclosed to t...

CLSA-2025-1761326171 Fix CVE(s): CVE-2019-18276

SECURITY UPDATE: privilege escalation vulnerability in privileged mode - debian/patches/CVE-2019-18276.patch: fix setuid/setgid handling when bash is running in privileged mode, use setresuid/setresgid over setuid/setgid when available - CVE-2019-18276...

EUVD-2021-25378

Malware in sbrugna...

EUVD-2016-2677

Malware in sbrugna...

EUVD-2023-25837

Malicious code in bioql PyPI...

EUVD-2023-38884

Malicious code in bioql PyPI...

EUVD-2024-47459

Malicious code in bioql PyPI...

EUVD-2024-26977

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2014-2886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GKSu 2.0.2, when sudo-mode is not enabled, uses double quote characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in...

CVE-2024-6347

Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima 2022 allows attackers to trigger denial-of-service DoS by unauthorized access to the ECU's programming session. No preconditions implemented for ECU management functionality...

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode...

PT-2024-37556 · Nissan · Nissan Altima

Name of the Vulnerable Software and Affected Versions: Nissan Altima 2022 Description: The issue concerns unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware, allowing attackers to trigger denial-of-service DoS by unauthorized access to the ECU's...

CVE-2024-2007

A vulnerability was found in OpenBMB XAgent 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Privileged Mode. The manipulation leads to sandbox issue. The attack needs to be approached locally. The exploit has been disclosed to t...

CVE-2024-2007

A vulnerability was found in OpenBMB XAgent 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Privileged Mode. The manipulation leads to sandbox issue. The attack needs to be approached locally. The exploit has been disclosed to t...

OpenBMB XAgent 安全漏洞

XAgent is an open source experimental Large Language Model LLM-driven autonomous agent from OpenBMB. A security vulnerability exists in OpenBMB XAgent version 1.0.0 that stems from the component Privileged Mode that causes sandboxing issues...