Lucene search
K

7766 matches found

OSV
OSV
added 2026/06/18 1:56 p.m.4 views

GHSA-VXGJ-XG5C-P4H7 praisonaiagents: SSRF guard validates literal IPs only and never resolves DNS

praisonaiagents: SSRF guard validates literal IPs only and never resolves DNS Researcher: Kai Aizen — SnailSploit @SnailSploit, Adversarial & Offensive Security Research Target: https://github.com/MervinPraison/PraisonAI Weakness: CWE-918 Server-Side Request Forgery SSRF. --- Summary The SSRF gua...

8.5CVSS5.4AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 1:48 p.m.20 views

CVE-2026-12039 Docker Sandboxes network egress allowlist bypass via unfiltered DNS resolution

Docker Sandboxes sbx enforces an HTTP/S-only egress allowlist but does not apply it to DNS resolution: the per-network embedded DNS server forwards any queried name to the host resolver whenever the network is internet-connected, without consulting the policy. A workload inside a sandbox, which t...

5.7CVSS0.00103EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 9:47 a.m.5 views

BIT-DOTNET-2026-45491 .NET Tampering Vulnerability

Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally...

6.2CVSS5.2AI score0.00388EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 9:47 a.m.6 views

BIT-DOTNET-SDK-2026-45491 .NET Tampering Vulnerability

Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally...

6.2CVSS5.2AI score0.00388EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 6:43 p.m.20 views

CVE-2026-10696

CVE-2026-10696 affects Devolutions UniGetUI 2026.2.0 and earlier. The root cause is an incorrectly resolved name/reference in the pinget backend, which can allow a WinGet community catalog contributor to cause an installed application to be correlated to an unrelated, attacker-controlled catalog ...

7.5CVSS5.5AI score0.00268EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/17 6:43 p.m.10 views

EUVD-2026-37781

Use of an incorrectly resolved name or reference in the pinget backend in Devolutions UniGetUI 2026.2.0 and earlier allows a WinGet community catalog contributor to cause an installed application to be correlated to an unrelated, attacker-controlled catalog package and to execute an...

7.5CVSS5.4AI score0.00268EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.10 views

netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS...

10CVSS5.2AI score0.00224EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.13 views

PT-2026-50524

Name of the Vulnerable Software and Affected Versions Devolutions UniGetUI versions prior to 2026.2.1 Description The pinget backend contains an issue where names or references are incorrectly resolved. This allows a WinGet community catalog contributor to correlate an installed application with ...

7.5CVSS5.8AI score0.00268EPSS
Exploits0References5
OSV
OSV
added 2026/06/16 7:11 p.m.4 views

GHSA-968W-XFQW-VP9Q Deno: BYONM module resolution allows `package.json` main path traversal to bypass `--allow-read` restrictions

Summary When Deno was run in BYONM mode nodeModulesDir: "manual", the module resolver did not validate that a package's resolved entrypoint stayed within its nodemodules// directory. A malicious package.json whose main field contained .. segments was able to resolve to an arbitrary path on disk,...

5.5CVSS5.9AI score0.00135EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/16 7:4 p.m.27 views

Deno: WebSocket API sandbox bypass via missing post-DNS check

Summary When a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially crafted domain name that passes the hostname check yet resolves to a...

5.2CVSS5.4AI score0.00101EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/16 7:2 p.m.8 views

Deno: `fetch()` API sandbox bypass via missing DNS resolution check

Summary When fetch was called, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially crafted domain name that passes the hostname check yet resolves to a denied IP,...

5.2CVSS5.4AI score0.00101EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/16 7:2 p.m.4 views

GHSA-CPGJ-F7G3-2PP2 Deno: `fetch()` API sandbox bypass via missing DNS resolution check

Summary When fetch was called, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially crafted domain name that passes the hostname check yet resolves to a denied IP,...

5.2CVSS5.5AI score0.00101EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 3:3 p.m.28 views

LangChain: Path traversal and sandbox escape in LangChain file-search middleware and loaders

Summary Several LangChain components that resolve filesystem paths or expand search patterns do not consistently confine the resolved path to the intended root directory. Affected behaviors include: a file-search agent middleware that validates a starting directory but not the search pattern or t...

5.5CVSS5.4AI score0.00157EPSS
Exploits0References4Affected Software2
Snyk
Snyk
added 2026/06/16 3:3 p.m.13 views

Symlink Attack

Overview langchain-anthropic is an Integration package connecting Claude Anthropic APIs and LangChain Affected versions of this package are vulnerable to Symlink Attack via the file-search middleware and loaders that resolve filesystem paths and search patterns without confining the resolved path...

6.9CVSS5.9AI score0.00157EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 2:33 p.m.9 views

EUVD-2026-35675

Microsoft Security Advisory CVE-2026-45491 – .NET Tampering Vulnerability...

6.2CVSS5.1AI score0.00388EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.20 views

PT-2026-49775

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.2 Description An environment variable injection exists where the STATE DIRECTORY variable in a workspace .env file can influence bundled runtime dependency roots. This allows attackers to manipulate STATE...

7.1CVSS5.6AI score0.00124EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-50153

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.8.1 Description When the fetch function is called, the runtime validates the destination hostname against --deny-net rules but fails to re-verify the IP addresses that the hostname resolves to. This allows an...

5.2CVSS5.9AI score0.00101EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36785

A Server-Side Request Forgery SSRF in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl...

5.2AI score0.00287EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 5:35 p.m.43 views

Nodemailer jsonTransport bypasses disableFileAccess and disableUrlAccess during message normalization

Summary Nodemailer's disableFileAccess and disableUrlAccess options are intended to prevent message content and attachments from reading local files or fetching URLs. The normal MIME streaming path enforces those options in MimeNode.getStream. However, jsonTransport serializes messages by calling...

5.5AI score
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/15 5:30 p.m.10 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion during the JSON conversion. An attacker can exhaust the call stack and cause the application to crash by supplying crafted protobuf binary data containing deeply nested Any values that are expanded during...

8.7CVSS5.9AI score0.00324EPSS
Exploits0References2
Rows per page
Query Builder