3 matches found
CVE-2026-32274
Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...
PT-2026-25073
Name of the Vulnerable Software and Affected Versions Black versions prior to 26.3.1 Description Black, a Python code formatter, prior to version 26.3.1, improperly sanitizes user-supplied input when constructing the filename for a cache file. Specifically, the value provided to the...
Mikaelbr Node-notifier Operating System Command Injection Vulnerability
Mikaelbr Node-notifier is a Javascript-based codebase for sending rulers for Mac, Windows, and Linux by the individual developer Mikaelbr. A security vulnerability exists in node-notifier versions prior to 9.0.0, which allows an attacker to exploit the vulnerability to run arbitrary commands on a...