80 matches found
CVE-2026-39405
The vulnerability CVE-2026-39405 affects Frappe LMS. In versions 2.50.0 and earlier, a user with a course editing role could upload a SCORM ZIP package that allowed writing files outside the intended directory, constituting a path traversal risk. The issue has been fixed in version 2.50.1. The av...
EUVD-2026-31177
Frappe Learning Management System LMS is a learning system that helps users structure their content. In versions 2.50.0 and below, a user with course editing role could upload a SCORM ZIP package to write files outside the intended directory. This issue has been resolved in version 2.50.1...
CLSA-2026-1778269628 libssh: Fix of CVE-2026-0964
CVE-2026-0964: SCP path traversal via crafted filenames in sshscppullrequest allowing files to be written outside the intended directory...
Astra Linux - уязвимость в targetcli-fb
The Open-iSCSI TargetCLI-fb version up to 2.1.52 has weak permissions for the /etc/target directory as well as for the backup directory and backup files...
CVE-2026-3087
If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...
CVE-2026-3087
If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...
EUVD-2026-25922
If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...
CVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...
CVE-2026-3087
If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...
EUVD-2026-25022
A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms e.g., ln SOURCE... DIRECTORY. While GNU ln treats filenames as raw bytes and creates the links correctly, the uutils implementation...
uutils coreutils has an Improper Handling of Unicode Encoding Issue
A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms e.g., ln SOURCE... DIRECTORY. While GNU ln treats filenames as raw bytes and creates the links correctly, the uutils implementation...
GHSA-XH5H-P8C5-4W4X uutils coreutils has an Improper Handling of Unicode Encoding Issue
A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms e.g., ln SOURCE... DIRECTORY. While GNU ln treats filenames as raw bytes and creates the links correctly, the uutils implementation...
Directory Traversal
PraisonAI is vulnerable to Directory Traversal. The vulnerability is due to unsafe extraction of archive files without validating member paths, which allows an attacker to overwrite arbitrary files outside the intended directory...
CLSA-2026-1774528630 openssh: Fix of 3 CVEs
CVE-2018-20685: fix a vulnerability scp client where a malicious server could bypass intended access restrictions and modify target directory permissions via crafted filenames - CVE-2019-6109: fix scp client where a malicious server could manipulate the client's progress display output due to...
CVE-2025-66945
A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution...
CVE-2026-27008
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a bug in download skill installation allowed targetDir values from skill frontmatter to resolve outside the per-skill tools directory if not strictly validated. In the admin-only skills.install flow, this could write files outside t...
CVE-2026-27008
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a bug in download skill installation allowed targetDir values from skill frontmatter to resolve outside the per-skill tools directory if not strictly validated. In the admin-only skills.install flow, this could write files outside t...
OpenClaw hardened the skill download target directory validation
Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.14 - Fixed in: planned release 2026.2.15 Impact A bug in download skill installation allowed targetDir values from skill frontmatter to resolve outside the per-skill tools directory if not strictly validated. In th...
GHSA-H7F7-89MM-PQH6 OpenClaw hardened the skill download target directory validation
Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.14 - Fixed in: planned release 2026.2.15 Impact A bug in download skill installation allowed targetDir values from skill frontmatter to resolve outside the per-skill tools directory if not strictly validated. In th...
External Control of File Name or Path
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to External Control of File Name or Path via improper validation of the targetDir parameter in the skill installation. An attacker can write files outside the intended installation sandbox b...