Lucene search
K

10 matches found

ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-55448

mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credentialcommand from local project config before any trust decision, then executes that value with sh -c when resolving a GitHub token. An attacker who can place a .mise.toml in a...

6.3CVSS6AI score0.00159EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/23 8:16 p.m.14 views

CVE-2026-45792

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK Rust Token Killer improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An...

6.9CVSS0.00078EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 8:32 p.m.5 views

GHSA-GHQ2-5C67-FPRM PDM: Project-Local State and Config Writes Follow Symlinks

Summary PDM writes several project-local state or configuration files without symlink protection. If a malicious repository places those files as symlinks, local PDM operations can overwrite the symlink targets. This creates an arbitrary file clobber primitive relative to the privileges of the...

6.8CVSS5.9AI score0.00024EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/02 1:41 p.m.9 views

CVE-2026-32685 Path Traversal in gleam docs build via documentation.pages Allows Arbitrary File Read and Write

Path traversal vulnerability in Gleam's handling of custom documentation pages allows arbitrary file read and file write outside the intended documentation output directory. The documentation.pages entries from gleam.toml are incorporated into filesystem paths without sufficient validation or...

4.6CVSS5.9AI score0.00152EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/07 9:1 p.m.20 views

CVE-2026-35533 mise has a local settings bypass config trust checks

mise manages dev tools like node, python, cmake, and terraform. From 2026.2.18 through 2026.4.5, mise loads trust-control settings from a local project .mise.toml before the trust check runs. An attacker who can place a malicious .mise.toml in a repository can make that same file appear trusted a...

7.7CVSS0.00154EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.8 views

Fedora: Security Advisory for golang-github-pelletier-toml-2 (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/07/30 2:0 a.m.13 views

[SECURITY] Fedora 36 Update: golang-github-pelletier-toml-2-2.0.0~beta.8-5.fc36

Go library for the TOML file format...

1.8AI score
Exploits0
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.12 views

Fedora: Security Advisory for golang-github-pelletier-toml-2 (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/17 1:16 a.m.23 views

[SECURITY] Fedora 35 Update: golang-github-pelletier-toml-2-2.0.0~beta.8-4.fc35

Go library for the TOML file format...

9.3CVSS1.8AI score0.05994EPSS
Exploits4
OpenVAS
OpenVAS
added 2022/07/06 12:0 a.m.11 views

Fedora: Security Advisory for golang-github-pelletier-toml-2 (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Rows per page
Query Builder