GHSA-PH8X-4JFV-V9V8 Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG

The fix for CVE-2026-27598 commit e2ed589, PR 1691 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE path. The remaining API endpoints - GET, DELETE, RENAME, EXECUTE - all pass the fileName URL path parameter to locateDAG without...

GHSA-479M-364C-43VC validateSignature Loop Variable Capture Signature Bypass in goxmldsig

Details The validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version, there is a loop variable capture issue. The code takes the address of the...

Incomplete List of Disallowed Inputs

Overview pyspector is an A high-performance, security-focused static analysis tool for Python, powered by Rust. Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the validateplugincode function. An attacker can execute arbitrary system commands by...

GHSA-V3XV-8VC3-H2M6 PySpector has a Plugin Sandbox Bypass leads to Arbitrary Code Execution

Summary PySpector versions = 0.1.6 are affected by a security validation bypass in the plugin system. The validateplugincode function in pluginsystem.py, performs static AST analysis to block dangerous API calls before a plugin is trusted and executed. However, the internal resolvename helper onl...

PT-2026-25669

Identity based authorization bypass vulnerability IDOR that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete control of other...

Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006188)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006188 advisory. A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the exec.Command function via the compressionalgorithm parameter in API calls to the image and backup endpoints. An attacker can execute arbitrary commands as the LXD daemon by sending specially crafted...

CLSA-2026-1773047921 kernel: Fix of 70 CVEs

wifi: iwlwifi: mvm: guard against invalid STA ID on removal CVE-2024-36921 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - net/sched: actmirred: don't override retval if we already lost the skb CVE-2024-26739 - drivers: base: Free devm resources when unregistering a device...

Unspecified vulnerability in Discourse (CNVD-2026-17486)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability that stems from a lack of validatebeforecreate authorization in Data Explorer's...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the ValidateStdioConfig process. An attacker can execute arbitrary commands with application privileges by bypassing argument validation using the -p flag in npx node. This allows full system compromise through...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the ValidateStdioConfig process. An attacker can execute arbitrary commands with application privileges by bypassing argument validation using the -p flag in npx node. This allows full system compromise through...

Incorrect Behavior Order: Validate Before Canonicalize

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize via the boundary validation process for @-prefixed absolute paths when tools.fs.workspaceOnly is set to true. An attacker can access...

CVE-2025-15598

A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing a manipulation results in improper verification of cryptographic signature. The attack can be...

CVE-2025-15598

A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing a manipulation results in improper verification of cryptographic signature. The attack can be...

EUVD-2025-208227

A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing a manipulation results in improper verification of cryptographic signature. The attack can be...

Dataease SQLBot 数据伪造问题漏洞

Dataease SQLBot is a robot plugin developed by Dataease as open source. Versions of Dataease SQLBot 1.5.1 and earlier contained a data manipulation vulnerability. This vulnerability stemmed from improper verification of the encrypted signature for the validateEmbedded function in the JWT Token...

CVE-2025-30062 SQL injection in CheckUnitCodeAndKey.pl

In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit" function is vulnerable to SQL injection...

CVE-2025-30062

In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit" function is vulnerable to SQL injection...

EUVD-2025-208149

In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit" function is vulnerable to SQL injection...

PT-2026-22576

In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit" function is vulnerable to SQL injection...