1677 matches found
EUVD-2026-37820
Steeltoe: TLS private keys written to /tmp with default permissions, never deleted...
CVE-2026-46406
A flaw was found in Claude Code. The /copy command created responses in a predictable, world-readable temporary file without proper isolation or symlink protection. This allowed a local unprivileged user to read sensitive information from a privileged user's Claude response, potentially containin...
CVE-2026-46406
Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...
CVE-2026-46406
Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...
EUVD-2026-40116
Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...
CVE-2026-46406 Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write
Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...
CVE-2026-45407
Technical details about CVE-2026-45407 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-45407 Dokku: Git Credentials in .netrc Stored World-Readable Due to Premature touch
Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKUROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the netrc binary's built-in 0600 permission setting, leaving git credentials readable by any local user wh...
@anthropic-ai/claude-code has an Insecure Temporary File in /copy Command that Enables Response Disclosure and Symlink-Based File Write
The Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable directory 0755, allowing any local user to read a privileged user's Clau...
PT-2026-52581
Name of the Vulnerable Software and Affected Versions @anthropic-ai/claude-code versions 2.1.59 through 2.1.127 Description The /copy command writes responses to a hardcoded and predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The resulting file i...
CVE-2026-32315 motionEye: World-Readable Configuration File Exposes Admin Password Hash
motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...
CVE-2026-32315
motionEye prior to 0.44.0 creates /etc/motioneye/motion.conf with 644 permissions (-rw-r--r--) and per-camera camera-.conf with identical permissions, making the admin password hash and camera credentials readable by any local user. The SHA1 admin password hash can be cracked offline to plaintext...
GHSA-RHGP-6WQ6-9J67 motionEye's World-Readable Configuration File Exposes Admin Password Hash
Security Advisory: World-Readable Configuration File Exposes Admin Password Hash in motionEye Summary motionEye v0.43.1 and prior versions create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contai...
PT-2026-51431
Name of the Vulnerable Software and Affected Versions motionEye versions prior to 0.44.0 Description Configuration files /etc/motioneye/motion.conf and camera-.conf are created with 644 permissions, making them readable by any local user on the system. The motion.conf file contains sensitive data...
CVE-2026-56236
Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary files or expose credentials with world-readable permissions...
Astra Linux – Vulnerability in cloud-init
Sensitive data may have been exposed in cloud-init logs that are readable to the world before version 22.3, when schema failures were reported. This leakage could involve hashed passwords...
Astra Linux – Vulnerability in guava-libraries
There is a vulnerability related to the creation of temporary directories in all versions of Guava. An attacker with access to the system can potentially access data stored in temporary directories created by the Guava API com.google.common.io.Files.createTempDir. By default, on Unix-like systems...
CVE-2026-50267
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Abstractions 4.0.0 through 4.1.0, when MySQL or PostgreSQL service bindings from VCAPSERVICES include TLS client credentials, the Connectors libra...
CVE-2026-53870
Hermes Agent before 0.16.0 creates responsestore.db and webhooksubscriptions.json with world-readable permissions mode 0o644, exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain sensitive data including...
PT-2026-50567
Name of the Vulnerable Software and Affected Versions Steeltoe.Configuration.Abstractions versions 4.0.0 through 4.1.0 Description When MySQL or PostgreSQL service bindings from VCAP SERVICES include TLS client credentials, the Connectors library writes these credentials to temporary files in...