2 matches found
PT-2026-60316
Name of the Vulnerable Software and Affected Versions Wekan versions prior to 9.31 Description A logged-in board member can perform arbitrary file reads and cause a denial of service by inserting an attachment document through the '/attachments/insert' DDP method. The issue occurs because the...
EUVD-2026-9987
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file...