Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005568)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005568 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atom...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992704 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atom...

CVE-2025-36730

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

CVE-2025-36730

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

CVE-2025-36730

Windsurf/Windsurft CVE-2025-36730 is a prompt-injection vulnerability affecting Windsurf/Windsurft version 1.10.7 when operating in Write mode with the SWE-1 model. The issue arises from a crafted file name that becomes appended to the user prompt, causing Windsurf to follow its instructions. Doc...

CVE-2025-36730 Windsurf Prompt Injection via Filename

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

CVE-2025-36730 Windsurf Prompt Injection via Filename

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

PT-2025-41975

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

Windsurf 安全漏洞

Windsurf is an AI programming software from Windsurf. A security vulnerability exists in Windsurf version 1.10.7, which stems from the possibility of creating filenames appended to user prompts when using the SWE-1 model in Write mode, causing Windsurf to execute its commands...

EUVD-2022-5673

Malicious code in bioql PyPI...

CVE-2025-55345

Using Codex CLI in workspace-write mode inside a malicious context repo, directory, etc could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory...

CVE-2025-55345

Using Codex CLI in workspace-write mode inside a malicious context repo, directory, etc could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory...

PT-2025-32971 · Codex Cli · Codex Cli

Name of the Vulnerable Software and Affected Versions: Codex CLI affected versions not specified Description: Using Codex CLI in workspace-write mode within a malicious context repository, directory, etc. may lead to arbitrary file overwrite and potentially remote code execution. This occurs...

SUSE CVE-2024-47740

In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...

DEBIAN-CVE-2024-47740

In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a pre-refresh issue when attaching to a file in direct write mode...

BIT-DRUPAL-2020-13665

Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the readonly set to FALSE under jsonapi.settings config are vulnerable. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.x...

GHSA-QV37-MFJF-42H8 Plaintext storage of tokens in pulp_ansible

The collection remote for pulpansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API instead of marking it as write only...

CVE-2022-3644

The collection remote for pulpansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API instead of marking it as write only...

Design/Logic Flaw

The collection remote for pulpansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API instead of marking it as write only...