48 matches found
CVE-2026-BetterSQLCipher-RCE
CVE-2026-XXXXX: better-sqlcipher loadExtension Remote Code E...
CVE-2026-31156
A path injection vulnerability exists in OpenPLC v3 2c82b0e79c53f8c1f1458eee15fec173400d6e1a as the binary program compiled from gluegenerator.cpp does not perform any validation on the file path parameters passed via the command line. The user-controlled input parameters are directly passed to t...
CVE-2026-43989
CVE-2026-43989 affects JunoClaw: prior to 0.x.y-security-1, the upload_wasm MCP tool could accept a filesystem path from the agent and upload whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. The issue is fixed in 0.x.y-security-1. Fro...
CVE-2026-43989 JunoClaw: upload_wasm accepted arbitrary filesystem paths without validation
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the uploadwasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. This vulnerability is...
Audiobookshelf 路径遍历漏洞
Audiobookshelf is an open-source, self-hosted server for audio books and podcasts. Versions of Audiobookshelf prior to 2.32.2 contained a path traversal vulnerability. This vulnerability stemmed from the podcast creation endpoint accepting user-controlled file paths without adequate boundary...
WWBN AVideo 访问控制错误漏洞
WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 29.0 contained an access control vulnerability. This vulnerability stemmed from the objects/users.json.php file exposing unvalidated paths, which could allow attackers to...
PT-2026-34040
Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.215 Description The module installation feature extracts ZIP archives without validating file paths. This allows an authenticated administrator to write files arbitrarily on the server filesystem by using a...
CVE-2026-35582 Emissary has an OS Command Injection via Unvalidated IN_FILE_ENDING / OUT_FILE_ENDING in Executrix
Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand is vulnerable to OS command injection because it interpolates temporary file paths into a /bin/sh -c shell command string without any escaping or input validation. The INFILEENDING and...
DriveLock Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of DriveLock. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 4568 by default. The issue results from the...
LangChain 安全漏洞
LangChain is an open-source framework developed by LangChain for creating applications powered by large language models LLMs. Versions of LangChain prior to 1.2.22 contained security vulnerabilities. These vulnerabilities stemmed from multiple functions in langchaincore.promptsloading that read...
CVE-2026-32903
...
Unraid 路径遍历漏洞
Unraid is a set of operating systems developed by Unraid Corporation, primarily intended for individuals and small businesses. Unraid has a path traversal vulnerability; this issue stems from the lack of validation for the paths provided by users in the auth-request.php file, which may lead to pa...
CVE-2026-25605
A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The affected application performs file deletion without properly validating the file path or target. An attacker could delete files or sockets that the affected process has permission to remove, potentially resulting in...
EUVD-2026-10351
A vulnerability in the filestring function of the nltk.util module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by...
CVE-2026-0846
The CVE concerns nltk 3.9.2, specifically the filestring() function in nltk.util, which opens user-supplied file paths without proper sanitization. This allows arbitrary file read by passing absolute or traversal paths, enabling access to sensitive system files. Exploitation can occur locally or ...
OpenClaw Vulnerable to Local File Exfiltration via MCP Tool Result MEDIA: Directive Injection
Summary A malicious or compromised MCP Model Context Protocol tool server can exfiltrate arbitrary local files from the host system by injecting MEDIA: directives into tool result text content. OpenClaw's tool result processing pipeline extracts file paths from MEDIA: tokens without source-level...
CVE-2026-2033
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific fla...
CVE-2026-2033 MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific fla...
CVE-2026-21878
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...
CVE-2026-21878
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...