CVE-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

CVE-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

CVE-2026-41220

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212, Acronis Cyber Protect Cloud Agent Windows before build 42183...

Important: Red Hat Security Advisory: OpenJDK 21.0.11 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Important: Red Hat Security Advisory: OpenJDK 11.0.31 ELS Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

EUVD-2026-18424

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image Windows before build 42902...

CVE-2026-28722

Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...

CVE-2026-28712

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...

CVE-2025-11792

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent Windows before build 41124...

CVE-2026-28722

CVE-2026-28722 : Local privilege escalation in Acronis Cyber Protect 17 (Windows) prior to build 41186 due to improper soft link handling . Affected component/condition: local context with low privileges required and user interaction. CVSSv3.0 metrics indicate a high impact (C/H, I/H, A/H) with L...

CVE-2026-28711

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...

[SECURITY] Fedora 43 Update: mingw-libsoup-2.74.3-17.fc43

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

[SECURITY] Fedora 43 Update: mingw-libsoup-2.74.3-16.fc43

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

Important: Red Hat Security Advisory: OpenJDK 17.0.18 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

curl: Path Traversal in curl file:// Protocol Handler Allows Unauthorized File Access

Summary During my manual review of the file path handling logic in curl's source code, I noticed the absence of proper validation for directory traversal sequences, which I then verified through practical testing. I discovered that curl allows unauthorized access to arbitrary files through the...

Moderate: Red Hat Security Advisory: OpenJDK 11.0.29 ELS Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Moderate: Red Hat Security Advisory: OpenJDK 17.0.17 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

EUVD-2018-0741

Malware in sbrugna...

Privilege Escalation

github.com/kubernetes-sigs/image-builder is vulnerable to privilege escalation. The vulnerability is due to default root credentials being enabled during the Windows image build process with Nutanix or VMware OVA providers, which allows an attacker with access to the build VM to modify the image...

CVE-2024-49383

Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...