Docling: Unsafe URI and Path Handling in HTML Backend

Impact The HTML backend did not perform sufficient validation during resource handling: - Accepted file:// URIs enabling local file system access when enablelocalfetch=True - Path resolution allowed traversal outside intended directories via ../ sequences and absolute paths - Did not block intern...

Mockoon < 9.2.0 - Path Traversal

Mockoon before 9.2.0 contains a path traversal and local file inclusion caused by unsafe templating of server filenames from user input, letting attackers read arbitrary files on the mock server filesystem, exploit requires crafted request. id: CVE-2025-59049 info: name: Mockoon 9.2.0 - Path...

JSONPath Plus < 10.3.0 - Remote Code Execution

Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. Note: This is caused by an incomplete fix for...

NestJS DevTools Integration - Remote Code Execution

Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...

CVE-2026-10692

A weakness has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the function issaferegexpattern of the component searchcodeadvanced. Executing a manipulation of the argument regex can lead to inefficient regular expression complexity. It is possible to launch the attack...

Linux Distros Unpatched Vulnerability : CVE-2026-28907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe...

CVE-2026-10692

The CVE-2026-10692 affects johnhuang316 code-index-mcp up to version 2.14.0, specifically the is_safe_regex_pattern function in the search_code_advanced component. Manipulating the regex argument can cause inefficient regex processing (potentially a denial-of-service), with remote attack potentia...

CVE-2026-45676

CVE-2026-45676 affects OpenTelemetry eBPF Instrumentation (OBI). Before version 0.9.0, OBI’s replacement ELF parser trusts section offsets, counts, and string offsets from the executable, allowing a crafted local ELF to trigger invalid dereferences or out-of-bounds slicing in the parser. The vuln...

CVE-2026-45676 OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

CVE-2026-45676 OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

camel-infinispan: camel-infinispan: Remote Code Execution via Unsafe Deserialization

A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the ProtoStream remote aggregation repository. A remote attacker with low privileges could exploit this by sending specially crafted data, leading to arbitrary code execution. This allows the attacker to...

CVE-2026-46718

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache Calcite. This issue affects Apache Calcite: from 1.5.0 before 1.42. Users are recommended to upgrade to version 1.42, which fixes the issue...

CVE-2026-46718 Apache Calcite: A user-controled model can load arbitrary classes, leading to code execution

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache Calcite. This issue affects Apache Calcite: from 1.5.0 before 1.42. Users are recommended to upgrade to version 1.42, which fixes the issue...

EUVD-2026-33906

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache Calcite. This issue affects Apache Calcite: from 1.5.0 before 1.42. Users are recommended to upgrade to version 1.42, which fixes the issue...

CVE-2026-46718

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache Calcite. This issue affects Apache Calcite: from 1.5.0 before 1.42. Users are recommended to upgrade to version 1.42, which fixes the issue...

CVE-2026-46718

Apache Calcite is affected by CVE-2026-46718: Unsafe Reflection via a user-controlled model can load arbitrary classes, enabling code execution. Affected: 1.5.0 up to

CVE-2026-46718 Apache Calcite: A user-controled model can load arbitrary classes, leading to code execution

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache Calcite. This issue affects Apache Calcite: from 1.5.0 before 1.42. Users are recommended to upgrade to version 1.42, which fixes the issue...

CVE-2026-10105

agno 2.6.5 contains a SQL injection vulnerability in the ClickHouse vector database backend that allows attackers to inject arbitrary SQL expressions by supplying malicious metadata keys and values to the deletebymetadata method. Attackers can exploit the unsafe f-string interpolation in...

📄 Samba Print Command Injection

This Python proof of concept framework analyzes Samba printing configurations for unsafe print command usage involving the %J variable and demonstrates how command injection conditions could arise in vulnerable setups. It's written to target versions 4.22.10, 4.23.8 and 4.24.3...

Samba Print Configuration Checker

This Python script is a lightweight configuration analysis tool designed to inspect Samba smb.conf printing settings and identify potentially unsafe print command configurations associated with command injection risks. It's written to target versions 4.22.10, 4.23.8 and 4.24.3...