Lucene search
K

1415 matches found

CVE
CVE
added 2026/05/05 6:55 p.m.382 views

CVE-2026-31893

CVE-2026-31893 describes a symlink-following vulnerability in Tunnelblick on macOS. From versions 3.3beta26 through 9.0beta01, a local user can cause tunnelblick-helper to read a root-owned file by leveraging a symlink to a target file via the world-accessible tunnelblickd Unix socket (mode 0666)...

6.8CVSS5.9AI score0.00242EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/05 6:55 p.m.36 views

CVE-2026-31893 Tunnelblick arbitrary file read via symlink following in tunnelblickd

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

6.8CVSS0.00242EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/04/29 10:28 p.m.32 views

Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool

The BetaLocalFilesystemMemoryTool in the Anthropic TypeScript SDK created memory files and directories using the Node.js default modes 0o666 for files, 0o777 for directories, leaving them world-readable on systems with a standard umask and world-writable in environments with a permissive umask su...

4.8CVSS5.3AI score0.00119EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/28 3:16 p.m.7 views

CVE-2026-40556

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
OSV
OSV
added 2026/04/28 3:16 p.m.3 views

DEBIAN-CVE-2026-40556

Bulletin has no description...

2.1CVSS4.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/28 1:54 p.m.7 views

CVE-2026-40556

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.2AI score
Exploits0References4
Cvelist
Cvelist
added 2026/04/28 1:54 p.m.33 views

CVE-2026-40556

...

Exploits0
CVE
CVE
added 2026/04/28 1:54 p.m.11 views

CVE-2026-40556

In the connected Debian/CVE entry, GNU nano is affected by a local permission issue: when the user’s ~/.local directory does not exist, nano creates it with mode 0777, making it world‑writable in environments where the umask is lax. This creates a race window where an attacker could leverage the ...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/04/28 1:54 p.m.6 views

EUVD-2026-26053

GNU nano creates the user’s /.local directory with overly permissive permissions when the directory does not exist yet. On first use of features requiring Cross-Desktop Group XDG data storage, nano explicitly requests directory mode 0777, making the directory world‑writable in environments where...

2.1CVSS5.3AI score
Exploits0References3
Debian CVE
Debian CVE
added 2026/04/28 1:54 p.m.4 views

CVE-2026-40556

Removed by vendor...

5.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/04/28 9:34 a.m.13 views

Spring AI's ONNX model cache defaults to world-writable predictable /tmp directory

In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

6.1CVSS5.8AI score0.00105EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/28 9:34 a.m.8 views

GHSA-R5HP-3CGJ-J6XV Spring AI's ONNX model cache defaults to world-writable predictable /tmp directory

In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

6.1CVSS5.8AI score0.00105EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.8 views

PT-2026-35729

Name of the Vulnerable Software and Affected Versions GNU nano versions prior to 9.0 Description GNU nano creates the user's /.local directory with overly permissive permissions when it does not already exist. During the first use of features requiring Cross-Desktop Group XDG data storage, the...

2.1CVSS5.8AI score
Exploits0References19
Spring Security Advisories
Spring Security Advisories
added 2026/04/27 12:0 a.m.8 views

ONNX model cache defaults to world-writable predictable /tmp directory

In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Only applications that use TransformersEmbeddingModel and have the cache enabled, using the default location, are affected...

6.1CVSS5.9AI score0.00105EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/22 7:34 a.m.4 views

CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.8AI score0.00085EPSS
Exploits0References3
OSV
OSV
added 2026/04/16 11:44 p.m.4 views

BIT-MLFLOW-2025-10279 Privilege Escalation in mlflow/mlflow

In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions 0o777. This vulnerability allows an attacker with write access to the /tmp directory to exploit a race condition and overwrite .py files in the virtual...

7CVSS7.3AI score0.00215EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/13 9:30 p.m.6 views

EUVD-2026-22053

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

9.8CVSS6.2AI score0.00484EPSS
Exploits1References3
NVD
NVD
added 2026/04/13 7:16 p.m.6 views

CVE-2026-40044

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

9.8CVSS0.00484EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/13 6:11 p.m.5 views

CVE-2026-40044

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

9.8CVSS6.2AI score0.00484EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/13 6:11 p.m.20 views

CVE-2026-40044 Pachno 1.0.6 FileCache Deserialization Remote Code Execution

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

9.8CVSS0.00484EPSS
Exploits1References2
Rows per page
Query Builder