CVE-2026-34748

Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/next, a stored Cross-Site Scripting XSS vulnerability existed in the admin panel. An authenticated user with write access to a collection could save content that, when viewed by another...

DEBIAN-CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

MyPortIO-Exploit

MyPortIO-Exploit Local privilege escalation via arbitrary phy...

EUVD-2026-17957

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this...

CVE-2026-34603

Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the...

CVE-2026-20174

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this...

CVE-2026-34159

llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...

CVE-2026-34159 llama.cpp: Unauthenticated RCE via GRAPH_COMPUTE buffer=0 bypass in llama.cpp RPC backend

llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...

CVE-2026-34159

The CVE-2026-34159 entry for llama.cpp describes an unauthenticated RCE via the RPC backend: prior to v.b8492, deserialize_tensor() omits bounds validation when tensor.buffer == 0, enabling an attacker to read/write arbitrary process memory through crafted GRAPH_COMPUTE messages. Combined with AL...

CVE-2026-20174 Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this...

CVE-2026-20174 Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this...

CVE-2026-20174

Cisco Nexus Dashboard Insights metadata update feature is vulnerable to arbitrary file write. The issue arises from insufficient validation of the metadata update file, allowing an authenticated attacker with admin credentials to craft a metadata update file and upload it to an affected device, p...

CVE-2026-34603 @tinacms/graphql's Media Endpoints Can Escape the Media Root via Symlinks or Junctions

Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the...

CVE-2026-34603

Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the...

Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this...

EUVD-2026-17961

Tina is a headless content management system. Prior to version 2.2.2, a path traversal vulnerability in @tinacms/graphql allows unauthenticated users to write and overwrite arbitrary files within the project root. This is achieved by manipulating the relativePath parameter in GraphQL mutations. T...

CVE-2026-33949

CVE-2026-33949 concerns TinaCMS’s GraphQL package, where vulnerable versions prior to 2.2.2 expose a path traversal weakness in @tinacms/graphql. The root cause is insufficient path validation (notably handling of backslashes) in getValidatedPath, allowing unauthenticated users to write/overwrite...

CVE-2026-33949 @tinacms/graphql has Path Traversal that leads to overwrite of arbitrary files

Tina is a headless content management system. Prior to version 2.2.2, a path traversal vulnerability in @tinacms/graphql allows unauthenticated users to write and overwrite arbitrary files within the project root. This is achieved by manipulating the relativePath parameter in GraphQL mutations. T...

SUSE-SU-2026:20992-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125...

OPENSUSE-SU-2026:20458-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125...