389 matches found
SUSE CVE-2026-46527
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::settrustedproxies with a non-empty trusted-proxy list, an attacker can send an HTTP request that includes an X-Forwarded-For header whose value parses to no valid ...
PT-2026-45727
A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the get os path function within jupyter server/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...
CVE-2026-46115
A flaw was found in the Linux kernel's block subsystem. The biovecphysmergeable function, which combines physically contiguous memory segments, lacked a check to ensure these segments belonged to the same device page map devpagemap. This omission could result in the incorrect identification of th...
PT-2026-44488
DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in new ui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /full path:path endpoint. Attackers can bypass Starlette...
Improper Encoding or Escaping of Output
Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the UrlGenerator due to incorrectly encoding chained dot-segments ../ or ./. The legacy...
Path Traversal
Open WebUI is vulnerable to Path Traversal. The vulnerability is due to improper validation and sanitization of uploaded file names derived from HTTP upload requests, which allows an attacker to upload files with crafted dot-segments and traverse outside the intended uploads directory, potentiall...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fixed the double-free of the elf header buffer. After the patch provided by b3e34a47f989 “x86/kexec: fix memory leak of elf header buffer”, the use of image-elfheaders in the error path of crashloadsegments is no longe...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xsk: Validate the MTU against the usable frame size when binding. The AFXDP binding currently accepts zero-copy pool configurations without verifying that the device’s MTU fits within the usable frame space provided by the UMEM...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: The kexecbuf structure was previously declared without initialization. The commit bf454ec31add “kexecfile: allow to place kexecbuf randomly” added a field that is always read but not consistently populated by all...
CVE-2026-44565
CVE-2026-44565 affects Open WebUI prior to 0.6.10. The upload API derives the target path from the original HTTP upload filename without validation, enabling dot-segment path traversal and arbitrary file writes to locations the web server user can access. This is fixed in 0.6.10. Mitigation guida...
Open WebUI 路径遍历漏洞
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.1.124 contained a path traversal vulnerability. This vulnerability occurred when files were attached in messages, where the file names originated from the original...
SUSE CVE-2026-43331
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after loadsegments The loadsegments function changes segment registers, invalidating GS base which KCOV relies on for per-cpu data. When CONFIGKCOV is enabled, any subsequent instrumented C...
NPM: Kysely: JSON-path traversal injection via unsanitized path-leg metacharacters in `JSONPathBuilder.key()` / `.at()`
NPM: Kysely: JSON-path traversal injection via unsanitized path-leg metacharacters in JSONPathBuilder.key / .at vulnerability discovered by ? in WordPress Npm kysely versions = 0.26.0, 0.28.17...
CVE-2026-42882 oxyno-zeta/s3-proxy: Security Issues in Resource Path Matching
oxyno-zeta/s3-proxy is an aws s3 proxy written in go. Prior to 5.0.0, s3-proxy contains an authentication bypass caused by inconsistent URL path interpretation between the authentication middleware and the bucket handler. The authentication middleware evaluates resource path patterns against the...
CVE-2026-42882
CVE-2026-42882 affects oxyno-zeta/s3-proxy (Go). Prior to version 5.0.0, an authentication bypass arises from a mismatch between the auth middleware and bucket handler when parsing resource paths. The auth layer uses the percent-encoded request URI (r.URL.RequestURI()) while the bucket handler bu...
GHSA-Q3J6-QGPJ-74H6 fast-uri vulnerable to path traversal via percent-encoded dot segments
Impact fast-uri v3.1.0 and earlier decodes percent-encoded path separators %2F and dot segments %2E before applying dot-segment removal in normalize and equal. This makes encoded path data behave like real / and .., so distinct URIs collapse onto the same normalized path. For example,...
EUVD-2026-27129
fast-uri vulnerable to path traversal via percent-encoded dot segments...
NPM: fast-uri vulnerable to path traversal via percent-encoded dot segments
NPM: fast-uri vulnerable to path traversal via percent-encoded dot segments vulnerability discovered by ? in WordPress Npm fast-uri versions = 3.1.0...
fast-uri vulnerable to path traversal via percent-encoded dot segments
Impact fast-uri v3.1.0 and earlier decodes percent-encoded path separators %2F and dot segments %2E before applying dot-segment removal in normalize and equal. This makes encoded path data behave like real / and .., so distinct URIs collapse onto the same normalized path. For example,...
EUVD-2026-28615
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after loadsegments The loadsegments function changes segment registers, invalidating GS base which KCOV relies on for per-cpu data. When CONFIGKCOV is enabled, any subsequent instrumented C...