EUVD-2026-28812

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path...

paicoding 访问控制错误漏洞

paicoding is an open source community system for individual developers at itwanger. An access control error vulnerability exists in paicoding version 1.0.3, which originates from an incorrect operation of the file /user/home?userId=1&homeSelectType=read that results in information disclosure...