CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CVE-2026-11414

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

10CVSS5.6AI score0.00079EPSS

Exploits0References2

OSV•added 2026/03/27 6:39 p.m.•1 views

GO-2026-4858 BuildKit's Malicious frontend can cause file escape outside of storage root in github.com/moby/buildkit

BuildKit's Malicious frontend can cause file escape outside of storage root in github.com/moby/buildkit...

9.8CVSS5.8AI score0.00063EPSS

Exploits0References2

CVE•added 2026/03/27 12:49 a.m.•21 views

CVE-2026-33747

CVE-2026-33747 affects BuildKit prior to v0.28.1. When using a custom BuildKit frontend, an untrusted frontend can craft an API message to cause files to be written outside the BuildKit state directory for the execution context, potentially enabling local privilege escalation or unauthorized file...

9.8CVSS6AI score0.00063EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/03/27 12:49 a.m.•25 views

CVE-2026-33747 BuildKit vulnerable to malicious frontend causing file escape outside of storage root

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

8.4CVSS0.00063EPSS

Exploits0References2

OSV•added 2026/03/27 12:49 a.m.•3 views

CVE-2026-33747 BuildKit vulnerable to malicious frontend causing file escape outside of storage root

8.4CVSS6AI score0.00063EPSS

Exploits0References4

EUVD•added 2026/03/26 6:26 p.m.•3 views

EUVD-2026-16518

BuildKit's Malicious frontend can cause file escape outside of storage root...

8.4CVSS5.8AI score0.00063EPSS

Exploits0References2

Github Security Blog•added 2026/03/26 6:26 p.m.•9 views

BuildKit's Malicious frontend can cause file escape outside of storage root

Impact When using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for the execution context. Patches The issue has been fixed in v0.28.1+ Workarounds Issue requires using an untrusted BuildKit frontend set...

9.8CVSS5.9AI score0.00063EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/03/23 12:0 a.m.•2 views

Rails 路径遍历漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. Versions of Rails Active Storage prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1 contained a path traversal vulnerability. This vulnerability stemmed from the lack of verificatio...

9.8CVSS5.8AI score0.00037EPSS

Exploits0References8