Lucene search
K

109 matches found

Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.14 views

PT-2026-29499

Summary @tinacms/graphql uses string-based path containment checks in FilesystemBridge: - path.resolvepath.joinbaseDir, filepath - startsWithresolvedBase + path.sep That blocks plain ../ traversal, but it does not resolve symlink or junction targets. If a symlink/junction already exists under the...

7.1CVSS5.9AI score0.00372EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/27 12:49 a.m.29 views

CVE-2026-33747 BuildKit vulnerable to malicious frontend causing file escape outside of storage root

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

8.4CVSS0.00498EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.9 views

Small Http Server 路径遍历漏洞

Small Http Server is a small HTTP server developed by Max Feoktistov. Version 3.06.36 of Small Http Server contains a path traversal vulnerability. This vulnerability stems from an authenticated path traversal exploit, which could allow remote users to bypass SecurityManager’s restrictions and...

8.7CVSS5.9AI score0.00613EPSS
Exploits0References1
OSV
OSV
added 2026/03/23 4:35 p.m.3 views

SUSE-SU-2026:0977-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to go 1.25.8 bsc1244485, jscSLE-18320: - CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

10CVSS5.9AI score0.00765EPSS
Exploits1References12
CVE
CVE
added 2026/03/21 12:42 a.m.14 views

CVE-2026-32054

OpenClaw versions prior to 2026.2.25 are affected by a symlink traversal vulnerability in browser trace and download output path handling, allowing a local attacker to escape the managed temp root and overwrite files outside the intended directory. The issue stems from how symlinks are resolved w...

7.8CVSS5.9AI score0.00126EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/21 12:42 a.m.29 views

CVE-2026-32054 OpenClaw < 2026.2.25 - Symlink Traversal in Browser Trace/Download Path Handling

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in browser trace and download output path handling that allows local attackers to escape the managed temp root directory. An attacker with local access can create symlinks to route file writes outside the intended temp...

6.5CVSS0.00126EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.5 views

PT-2026-26736

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in browser trace and download output path handling that allows local attackers to escape the managed temp root directory. An attacker with local access can create symlinks to route file writes outside the intended temp...

6.5CVSS5.9AI score0.00126EPSS
Exploits0References4
CVE
CVE
added 2026/03/18 1:34 a.m.16 views

CVE-2026-22180

OpenClaw is affected in versions prior to 2026.3.2 by a path-confinement bypass in browser output handling that allows writing outside intended root directories. The issue arises from insufficient canonical path-boundary validation in file write operations, enabling writes to arbitrary locations ...

5.3CVSS5.9AI score0.0013EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/18 1:34 a.m.4 views

CVE-2026-22180

OpenClaw versions prior to 2026.3.2 contain a path-confinement bypass vulnerability in browser output handling that allows writes outside intended root directories. Attackers can exploit insufficient canonical path-boundary validation in file write operations to escape root-bound restrictions and...

5.3CVSS5.9AI score0.0013EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/03/17 8:1 a.m.5 views

SFTP root escape via component-agnostic prefix check in ssh_sftpd

...

5.4CVSS5.8AI score0.00363EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/13 9:11 a.m.27 views

CVE-2026-23942 SFTP root escape via component-agnostic prefix check in ssh_sftpd

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...

5.3CVSS0.00363EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.21 views

TinaCMS 路径遍历漏洞

TinaCMS is an open-source headless CMS developed by Tina for Markdown, MDX, and JSON formats. Versions of TinaCMS prior to 2.1.2 contained a path traversal vulnerability. This vulnerability stemmed from the use of path.join to combine paths without verifying that the resolved path remained within...

6.3CVSS5.8AI score0.00426EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/09 12:31 p.m.3 views

EUVD-2025-208408

By default, jailed processes cannot mount filesystems, including nullfs4. However, the allow.mount.nullfs option enables mounting nullfs filesystems, subject to privilege checks. If a privileged user within a jail is able to nullfs-mount directories, a limitation of the kernel's path lookup logic...

5.8AI score0.00112EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/07 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-27139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root ...

2.5CVSS7.7AI score0.00201EPSS
Exploits0References4
OSV
OSV
added 2026/03/06 10:16 p.m.1 views

DEBIAN-CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS8AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2026/03/06 10:16 p.m.3 views

UBUNTU-CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS5.9AI score0.00201EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/03/06 9:28 p.m.4 views

CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS8.1AI score0.00201EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/06 9:28 p.m.3 views

CVE-2026-27139 FileInfo can escape from a Root in os

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

5.9AI score0.00201EPSS
Exploits0References4
CVE
CVE
added 2026/03/06 9:28 p.m.59 views

CVE-2026-27139

CVE-2026-27139 : On Unix, when listing a directory with the Go File.ReadDir/File.Readdir APIs, the returned FileInfo could reference a file outside the Root in which the File was opened. The impact is limited to reading metadata via lstat from arbitrary filesystem locations; it does not permit re...

2.5CVSS5.9AI score0.00201EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/06 9:3 p.m.3 views

GO-2026-4602 FileInfo can escape from a Root in os

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS5.9AI score0.00201EPSS
Exploits0References3
Rows per page
Query Builder