PT-2026-48992

Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization when saving credentials. An authenticated user can access plaintext values of secrets stored in external vaults by referencing a secret's external name in a credential, bypassing intended permission checks. Note:...

Linux Distros Unpatched Vulnerability : CVE-2025-54121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Starlette is a lightweight ASGI Asynchronous Server Gateway Interface framework/toolkit, designed for building async web services in Python. In versions 0.47.1...

DEBIAN-CVE-2025-54121

Starlette is a lightweight ASGI Asynchronous Server Gateway Interface framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files greater than the default max spool size starlette will block the main thread t...