esm.sh: Legacy Route Path Traversal Can Lead to RCE

Impact - Arbitrary File Write – An attacker can cause the server to write data to any file path it has write permission for. - Privilege Escalation / RCE – By overwriting critical binaries or scripts, the attacker can execute arbitrary code with the server’s privileges. Exploit The legacy router...

EUVD-2026-20996

bsv-sdk and bsv-wallet persist unverified certifier signatures in acquirecertificate direct and issuance paths...

PT-2025-34141

Name of the Vulnerable Software and Affected Versions: Directus versions 10.8.0 through 11.9.2 Description: Directus is a real-time API and App dashboard for managing SQL database content. A vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing...

CVE-2025-31489

Affected product: MinIO object storage server. Vulnerability: incomplete/signature validation for unsigned-trailer uploads allows a client with an existing bucket WRITE permission and knowledge of an access-key and bucket name to upload arbitrary objects by using any secret. Impact (as stated): p...

A Storage Write Removal Bug in contracts

Lines of code Vulnerability details Summary In fallbackLSP17Extendable, Calling functions that conditionally terminate the external EVM call using the assembly statements return... may result in incorrect removals of prior storage writes. Impact In LSP17Extendable.sol, fallbackLSP17Extendable is...

CVE-2022-45140

The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise...