GHSA-67CG-CPJ7-QGC9 File Browser discloses text file content via /api/resources endpoint bypassing Perm.Download check

Summary The resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other content-serving endpoints /api/raw, /api/preview, /api/subtitle correctly verify this permission before serving content. A user with download: fals...

CVE-2026-26336

Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories like WEB-INF via the "/share/page/resource/" endpoint, thus leading to the disclosure of sensitive configuration files...

CVE-2026-26336

CVE-2026-26336 affects Hyland Alfresco. Unauthenticated attackers can read arbitrary files from protected directories (e.g., WEB-INF) via the /share/page/resource/ endpoint, causing disclosure of sensitive configuration files. The issue stems from improper access control on the resource endpoint,...

CVE-2026-26336 Hyland Alfresco Improper Authorization Arbitrary File Read

Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories like WEB-INF via the "/share/page/resource/" endpoint, thus leading to the disclosure of sensitive configuration files...

PT-2026-20869

Name of the Vulnerable Software and Affected Versions Hyland Alfresco affected versions not specified Description An unauthenticated attacker can read arbitrary files from protected directories, such as WEB-INF, by accessing the /share/page/resource/ API endpoint. This can lead to the disclosure ...

WeKan 访问控制错误漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.20 contained a security vulnerability related to access control. This vulnerability stemmed from an unknown function in the models/boards.js file within the component’s REST endpoint, which had improper...

CVE-2026-24748

Kargo manages and automates the promotion of software artifacts. Prior to versions 1.8.7, 1.7.7, and 1.6.3, a bug was found with authentication checks on the GetConfig API endpoint. This allowed unauthenticated users to access this endpoint by specifying an Authorization header with any non-empty...

CVE-2026-24748 Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access

Kargo manages and automates the promotion of software artifacts. Prior to versions 1.8.7, 1.7.7, and 1.6.3, a bug was found with authentication checks on the GetConfig API endpoint. This allowed unauthenticated users to access this endpoint by specifying an Authorization header with any non-empty...

EUVD-2025-31401

Malicious code in bioql PyPI...

PT-2025-36654

Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos...

CVE-2025-56760

When Memos 0.22 is configured to store objects locally, an attacker can create a file via the CreateResource endpoint containing a path traversal sequence in the name, allowing arbitrary file write on the server...

Memos Vulnerable to Path Traversal via the CreateResource Endpoint

When Memos 0.22 is configured to store objects locally, an attacker can create a file via the CreateResource endpoint containing a path traversal sequence in the name, allowing arbitrary file write on the server...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the filepathTemplate parameter in the CreateResource endpoint, when objects are stored locally. An authenticated attacker can write arbitrary files to the server filesystem by submitting a crafted filename...

CVE-2025-56760

CVE-2025-56760 affects Memos 0.22 when configured to store objects locally. The vulnerability arises from a path traversal sequence in the CreateResource endpoint name, enabling arbitrary file writes on the server. CVSSv3.1 metrics indicate Network access, Low attack complexity, and Low privilege...

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to stored cross-site scriptingXSS attacks. The vulnerability exists due to unchecked file uploads via the Resource endpoint, allowing an attacker to inject and execute malicious javascript...

PT-2022-24495 · Casdoor · Casdoor

Name of the Vulnerable Software and Affected Versions: Casdoor version 1.97.3 Description: The issue is related to an arbitrary file write vulnerability. This vulnerability can be exploited via the fullFilePath parameter at the "/api/upload-resource" API endpoint. Recommendations: For Casdoor...

keycloak: path traversal in resources

A flaw was found in keycloak. A path traversal, using URL-encoded path segments in a request, is possible due to transformation of the URL path to a file path at the resource endpoint. The highest threat from this vulnerability is to data confidentiality...