35 matches found
CVE-2026-55433
Coder: Devcontainer recreate endpoint lacked ActionUpdate authorization, allowing read-only workspace roles to trigger destructive rebuilds. Affected versions prior to 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusted by the endpoint; fix adds ActionUpdate check before dialing the agent, mirroring the d...
CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...
CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...
GO-2026-5922 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder
Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder...
Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers
Summary The devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, performed no ActionUpdate check before triggering the destructive rebuild. Note: Exploitation requires an existing low-privilege role with...
GHSA-JQJ2-X4C5-JFXM Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers
Summary The devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, performed no ActionUpdate check before triggering the destructive rebuild. Note: Exploitation requires an existing low-privilege role with...
PT-2026-56077
Name of the Vulnerable Software and Affected Versions Coder versions prior to 2.29.17 Coder versions prior to 2.32.7 Coder versions prior to 2.33.8 Coder versions prior to 2.34.2 Description An authorization bypass exists in the devcontainer recreate endpoint. The endpoint relied on route...
wetfish_pentest
sv Everything you need to build a Svelte project, powered by...
CVE-2026-3779
The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...
PYSEC-2026-27
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-32018
OpenClaw versions prior to 2026.2.19 contain a race condition vulnerability in concurrent updateRegistry and removeRegistryEntry operations for sandbox containers and browsers. Attackers can exploit unsynchronized read-modify-write operations without locking to cause registry updates to lose data...
CVE-2026-32018
OpenClaw vulnerability CVE-2026-32018 affects the openclaw npm package prior to 2026.2.19, caused by a race condition in concurrent updateRegistry and removeRegistryEntry writes for sandbox containers and browsers. The issue can lead to lost updates, resurrected removed entries, or corrupted sand...
CVE-2026-32018 OpenClaw < 2026.2.19 - Race Condition in Sandbox Registry Write Operations
OpenClaw versions prior to 2026.2.19 contain a race condition vulnerability in concurrent updateRegistry and removeRegistryEntry operations for sandbox containers and browsers. Attackers can exploit unsynchronized read-modify-write operations without locking to cause registry updates to lose data...
CVE-2026-31970
HTSlib is a library for reading and writing bioinformatics file formats. GZI files are used to index block-compressed GZIP BGZF files. In the GZI loading function, bgzfindexloadhfile, it was possible to trigger an integer overflow, leading to an under- or zero-sized buffer being allocated to stor...
CVE-2026-31970 HTSlib BGZF index file reader has a heap buffer overflow
HTSlib is a library for reading and writing bioinformatics file formats. GZI files are used to index block-compressed GZIP BGZF files. In the GZI loading function, bgzfindexloadhfile, it was possible to trigger an integer overflow, leading to an under- or zero-sized buffer being allocated to stor...
Linux Distros Unpatched Vulnerability : CVE-2026-31970
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTSlib is a library for reading and writing bioinformatics file formats. GZI files are used to index block-compressed GZIP BGZF files. In the GZI loading...
OpenClaw's serialize sandbox registry writes to prevent races and delete-rollback corruption
Impact Concurrent updateRegistry/removeRegistryEntry operations for sandbox containers and browsers could lose updates or resurrect removed entries under race conditions. The registry writes were read-modify-write in a window with no locking and permissive fallback parsing, so concurrent registry...
PT-2026-26399
Impact Concurrent updateRegistry/removeRegistryEntry operations for sandbox containers and browsers could lose updates or resurrect removed entries under race conditions. The registry writes were read-modify-write in a window with no locking and permissive fallback parsing, so concurrent registry...
BIT-GRAFANA-2026-21725 Authorization Bypass via TOCTOU in Grafana Datasource Deletion by Name
A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...
EUVD-2026-8637
A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...