Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2026/03/13 3:40 p.m.10 views

Magic Wormhole: "wormhole receive" allows arbitrary local file overwrite

Impact What kind of vulnerability is it? Who is impacted? Receiving a file wormhole receive from a malicious party could result in overwriting critical local files, including /.ssh/authorizedkeys and .bashrc. This could be used to compromise the receiver's computer. Only the sender of the file th...

8.2CVSS5.7AI score0.0035EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/13 3:40 p.m.9 views

GHSA-4G4C-MFQG-PJ8R Magic Wormhole: "wormhole receive" allows arbitrary local file overwrite

Impact What kind of vulnerability is it? Who is impacted? Receiving a file wormhole receive from a malicious party could result in overwriting critical local files, including /.ssh/authorizedkeys and .bashrc. This could be used to compromise the receiver's computer. Only the sender of the file th...

8.2CVSS5.7AI score0.0035EPSS
Exploits0References3
OSV
OSV
added 2026/03/12 5:40 p.m.4 views

CVE-2026-32116 Magic Wormhole: "wormhole receive" allows arbitrary local file overwrite

Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. From 0.21.0 to before 0.23.0, receiving a file wormhole receive from a malicious party could result in overwriting critical local files, including /.ssh/authorizedkeys and .bashrc. This cou...

8.2CVSS5.8AI score0.0035EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/12 5:40 p.m.4 views

CVE-2026-32116 Magic Wormhole: "wormhole receive" allows arbitrary local file overwrite

Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. From 0.21.0 to before 0.23.0, receiving a file wormhole receive from a malicious party could result in overwriting critical local files, including /.ssh/authorizedkeys and .bashrc. This cou...

8.2CVSS5.8AI score0.0035EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/12 5:40 p.m.26 views

CVE-2026-32116 Magic Wormhole: "wormhole receive" allows arbitrary local file overwrite

Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. From 0.21.0 to before 0.23.0, receiving a file wormhole receive from a malicious party could result in overwriting critical local files, including /.ssh/authorizedkeys and .bashrc. This cou...

8.2CVSS0.0035EPSS
Exploits0References1
Rows per page
Query Builder