Fiber has an Arbitrary File Read in Static Middleware on Windows

Summary Description A Path Traversal CWE-22 vulnerability in Fiber allows a remote attacker to bypass the static middleware sanitizer and read arbitrary files on the server file system on Windows. This affects Fiber v3 through version 3.0.0. This has been patched in Fiber v3 version 3.1.0. Detail...

UBUNTU-CVE-2026-26066

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with IPTCTEXT. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

CVE-2026-27129 Cloud Metadata SSRF Protection Bypass via IPv6 Resolution

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4 addresses. When a hostname has only AAAA IPv6 records, the function returns the...

EUVD-2026-7402

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use TOCTOU vulnerability enables DNS rebindi...

CVE-2026-27126 Craft CMS has Stored XSS in Table Field via "HTML" Column Type

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, a stored Cross-site Scripting XSS vulnerability exists in the editableTable.twig component when using the html column type. The application fails to sanitize the input, allowing an attack...

DEBIAN-CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

CVE-2026-25988

CVE-2026-25988 affects ImageMagick. The issue is a memory leak caused by a defect in the MSL code path: msl.c can fail to update the stack index, causing an image to be stored in a wrong slot and never freed on error. Vendor advisories confirm patches exist in versions 7.1.2-15 and 6.9.13-40, wit...

EUVD-2026-7463

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters e.g., %00 into the supi parameter, triggering internal URL parsing errors net/url:...

CVE-2025-69252

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 have a NULL Pointer Dereference vulnerability. Remote unauthenticated attackers can trigger a service panic Denial of Service by...

CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

PT-2026-21593

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option

Summary When yt-dlp's --netrc-cmd command-line option or netrccmd Python API parameter is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously crafted URL. Impact yt-dlp maintainers assume the impact of this vulnerability to be high for anyone who us...

CVE-2026-2974

A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file sharedprefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/keyderivationparams/authmethods leads to...

CVE-2026-2861 Foswiki Changes/Viewfile/Oops information disclosure

A vulnerability was detected in Foswiki up to 2.1.10. The affected element is an unknown function of the component Changes/Viewfile/Oops. The manipulation results in information disclosure. It is possible to launch the attack remotely. The exploit is now public and may be used. Upgrading to versi...

CVE-2026-26329

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, authenticated attackers can read arbitrary files from the Gateway host by supplying absolute paths or path traversal sequences to the browser tool's upload action. The server passed these paths to Playwright's setInputFiles APIs...

CLSA-2026-1771597308 Fix CVE(s): CVE-2025-15366

SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366...

ROOT-APP-PYPI-CVE-2023-46215 CVE-2023-46215 in rootio-apache-airflow - Patched by Root

Root has patched CVE-2023-46215 in the rootio-apache-airflow package for Root:PyPI. Multiple fixed versions available...

CVE-2026-26994

uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. In versions 1.6.7 and below, uTLS did not implement the TLS 1.3 downgrade protection mechanism specified in RFC 8446 Section 4.1.3 when using a uTLS ClientHello spe...

CVE-2026-24745

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting XSS vulnerability occurs in the upload Login Logo functions of InvoicePlane version 1.7.0. In the Upload Login Logo, the application allows uploading svg files. Althou...

CVE-2026-26967

PJSIP Vulnerability CVE-2026-26967: In 2.16 and earlier, the H.264 unpacketizer can overflow the heap when processing malformed SRTP packets, due to reading a 2-byte NAL unit size without validating bounds within the payload. Affected: PJSIP-based applications handling H.264 video streams. Impact...