Lucene search
K

380 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-24994

install -D: symlink race in directory creation allows arbitrary file overwrite...

6.3CVSS6AI score0.00107EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 6 days ago3 views

CVE-2026-12374

Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week32 views

CVE-2026-10546 DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 2:9 a.m.13 views

CVE-2026-14160

Technical details about CVE-2026-14160 are not publicly provided in the supplied documents. Monitor for updates from Samsung Escargot advisories and NVD entries.

5.9CVSS5.8AI score0.0009EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-54370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by...

7.2CVSS6.1AI score0.00091EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 2:16 p.m.4 views

UBUNTU-CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 12:38 p.m.7 views

EUVD-2026-40086

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/29 12:38 p.m.38 views

CVE-2026-54370 acl < 2.4.0 TOCTOU Symlink Traversal via getfacl/setfacl/chacl

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS0.00091EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/29 10:15 a.m.43 views

CVE-2026-41991 Predictable Temporary File in GNU gzip

GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely on the process ID PID. This predictable filename is created without...

2CVSS0.00105EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/28 2:45 p.m.8 views

EUVD-2026-40000

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xsk: cache csumstart/csumoffset to fix TOCTOU in xskskbmetadata The TX metadata area resides in the UMEM buffer which is memory-mapped and concurrently writable...

7.8CVSS6.1AI score0.00145EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

EulerOS 2.0 SP15 : libcap (EulerOS-SA-2026-2446)

According to the versions of the libcap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function...

7CVSS7.1AI score0.00188EPSS
Exploits1References2
OSV
OSV
added 2026/06/25 5:41 p.m.3 views

JLSEC-2026-626 Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in...

Rsync versions before 3.4.3 contain a time-of-check to time-of-use TOCTOU race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path ca...

7.3CVSS6AI score0.00152EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:39 a.m.15 views

CVE-2026-53250

CVE-2026-53250 : In the Linux kernel, the xsk_skb_metadata() path is vulnerable to a TOCTOU race in which csum_start and csum_offset are read from shared UMEM and then read again for skb assignment. A malicious userspace process can overwrite values between reads, bypassing bounds checks and caus...

7.8CVSS5.9AI score0.00145EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53214

The CVE-2026-53214 entry concerns the Linux kernel IPv6 code. The vulnerability occurs when addrconf_get_prefix_route() can return the fib6_null_entry sentinel, which has a NULL fib6_table pointer. Before setting a route’s expiration time, the code must verify that it is not operating on the fib6...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52163

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.3 Description A Server-Side Request Forgery SSRF issue exists in the URL component located at src/lfx/src/lfx/components/data source/url.py. This is caused by a Time-of-Check/Time-of-Use TOCTOU race...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References5
NVD
NVD
added 2026/06/23 1:16 p.m.8 views

CVE-2026-56258

Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...

9.2CVSS0.00656EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 9:9 p.m.12 views

GHSA-JC38-X7X8-2XC8 PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks

Summary JWSVerifier::getAlgorithm in src/Library/Signature/JWSVerifier.php line 144 merges protected and unprotected headers using PHP's spread operator: php $completeHeader = ...$signature-getProtectedHeader, ...$signature-getHeader; In PHP, when spreading arrays with duplicate string keys, the...

9.1CVSS5.5AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.7 views

RockyLinux 8 : rsync (RLSA-2026:26408)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26408 advisory. rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding CVE-2026-43618 rsync: TOCTOU symlink race condition allowing...

8.1CVSS5.5AI score0.0078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 2:45 p.m.6 views

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

7.8CVSS5.3AI score0.00152EPSS
Exploits0References4
Rows per page
Query Builder