Lucene search
K
GithubRecent

33225 matches found

Github Security Blog
Github Security Blog
added yesterday3 views

TSDProxy: Internal proxy auth token forwarded to backend services enables management API escalation

Description A vulnerability was discovered in TSDProxy where it forwards its internal per-process authentication token to all proxied backend services. When identityHeaders is enabled the default, tsdproxy injects x-tsdproxy-auth-token into every upstream HTTP request alongside user identity...

6.4AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

melange: Incomplete package integrity verification allows data section substitution

Previously, Apko verified the control section hash .PKGINFO etc. against the signed APKINDEX, but never verified the data section hash the actual package files that get installed. An attacker who could compromise a mirror, poison a cache, or MITM a package fetch could substitute arbitrary file...

6.2AI score0.00036EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added yesterday3 views

Excon does not redact additional sensitive/risky headers when following redirects

Impact The redirect follower middleware previously failed to strip a number of headers that are known to be sensitive and did not provide a way to provide a custom list of headers to strip. What kind of vulnerability is it? Who is impacted? This could cause inadvertent leakage of sensitive data f...

6.1AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added yesterday3 views

Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enabled is unset

Summary A Clauster instance bound to a non-loopback address e.g. 0.0.0.0 or a LAN IP can serve the entire dashboard and its API without any authentication — even when the operator has configured a password — if auth.enabled is left at its default false. The operator believes the instance is...

6.5AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday3 views

Secure Headers: CSP directive injection via sandbox, plugin_types, and report_to when given untrusted input

Summary secureheaders builds the Content-Security-Policy value by stitching every configured directive together with ; separators. Three directive builders buildsandboxlistdirective, buildmediatypelistdirective, buildreporttodirective interpolate caller-supplied strings into that value without...

6.2AI score0.00031EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added yesterday3 views

SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content

SiYuan v3.6.5 and earlier versions contain a stored cross-site scripting XSS vulnerability in the Attribute View database asset cell renderer that escalates to remote code execution RCE in the Electron desktop client. This is a neighbor-bug of CVE-2026-44588: the fix for -44588 used escapeAriaLab...

9.9CVSS6.5AI score0.0044EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

prestashop/ps_facetedsearch: PHP Object Injection in faceted search cache allows unauthenticated RCE

Impact A PHP Object Injection vulnerability affects the PrestaShop module psfacetedsearch. The module rebuilds the selected search filters from the request URL. The value of a slider filter price or weight is taken from the URL without sufficient validation, then stored in an internal filter-bloc...

6.2AI score0.00092EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML()

Summary The attribute-view database cell renderer genAVValueHTML interpolates cell content raw in four of its branches: text, url, phone, and mAsset. A cell value like or " breaks out of its surrounding tag and runs arbitrary JavaScript in the renderer when the victim opens the block-attribute...

9.9CVSS6.2AI score0.00289EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday3 views

mcp-atlassian: Arbitrary file read via missing path validation in confluence_upload_attachment

Summary confluenceuploadattachment passes filepath directly to openfilepath, "rb" with no path validation. Any authenticated MCP client — or an AI agent manipulated via prompt injection — can read any file the server process can access and exfiltrate it to Confluence as an attachment. Details Roo...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday3 views

mcp-atlassian: Arbitrary server-side file read via attachment upload

Summary A client that can invoke MCP tools can read arbitrary files from the server host and exfiltrate them as Atlassian attachments. The attachment-upload tools take a client-supplied filepath and open it on the server's filesystem. The upload tools are meant to attach a file from the caller's...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday2 views

SafeInstall agent guard shell parsing can miss raw package execution

Summary SafeInstall CLI through 0.10.1 can fail to recognize some package-manager and registry-runner commands in its agent guard. Case-variant launcher names, leading file-descriptor redirections, and supported shell wrappers with options can cause a raw install command to receive no guard...

6.3AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

NotrinosERP: Authenticated arbitrary file upload leads to remote code execution via HRM employee "Documents" (doc_file)

Summary An authenticated user with the HR "Manage Employees" permission SAEMPLOYEE can upload a file with an arbitrary extension through the employee Documents tab. The handler writes the raw client-supplied filename — extension intact — into a web served directory with no extension, MIME, or...

6.5AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

BabelDOC: Arbitrary Code Execution via CMap Pickle Deserialization in babeldoc/pdfminer/cmapdb.py

Arbitrary Code Execution via CMap Pickle Deserialization in babeldoc/pdfminer/cmapdb.py Summary BabelDOC's vendored PDF parser babeldoc/pdfminer/cmapdb.py deserializes untrusted pickle data when loading CMap files. The loaddata method strips only NUL bytes from a PDF-controlled CMap name, then...

6.6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)

Overview The Hook Authentication feature in File Browser allows administrators to delegate login verification to an external shell command. User-supplied credentials username and password are interpolated into this command string using os.Expand without sanitization. An unauthenticated remote...

9.3CVSS6.5AI score0.00533EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday3 views

`exploration` was removed from crates.io for malicious code

A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Rustsec to Kirill...

6.2AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

Windmill: Resource-scoped API tokens can read script contents outside their allowed path via scripts/list_search

Summary A resource-scoped API token can read script contents outside its allowed path scope via GET /api/w/workspace/scripts/listsearch. This appears to be a remaining variant of the scoped-token authorization class previously addressed for other endpoints. The route-level scope middleware...

6.1AI score0.00022EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

SiYuan: Stored XSS in Bazaar marketplace via package README event handlers

Summary renderPackageREADME in kernel/bazaar/readme.go renders a Bazaar package README from Markdown to HTML with the lute engine and SetSanitizetrue. The lute sanitizer is an event-handler blocklist: allowAttr rejects only attribute names present in a fixed eventAttrs map copied from the w3schoo...

7.1CVSS6.3AI score0.0018EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

File Browser: Authentication Bypass via Proxy Auth Header Forgery

Summary When FileBrowser is configured with proxy authentication auth.method=proxy, any unauthenticated attacker who can reach the server directly can impersonate any user - including admin - by sending a single forged HTTP header. No credentials are required. Additionally, specifying a...

9.1CVSS6.2AI score0.00337EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist

Summary SiYuan Note's kernel HTTP server unconditionally trusts all chrome-extension:// origins, granting RoleAdministrator access to every installed browser extension without any authentication. Combined with the default empty AccessAuthCode on desktop installs, any Chrome/Chromium extension --...

9.2CVSS6.1AI score0.00607EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday5 views

SiYuan: Unauthenticated SQLite Data Exfiltration via Template Injection in /api/icon/getDynamicIcon

Summary The /api/icon/getDynamicIcon endpoint is explicitly excluded from authentication in SiYuan's kernel router router.go, "不需要鉴权" -- no auth needed. When called with type=8 and a valid block id parameter, this endpoint invokes RenderDynamicIconContentTemplate, which executes a Go template tha...

5.9CVSS6.3AI score0.00239EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday3 views

CredSweeper: Recursive archive size-limit bypass in deep scanner allows crafted compressed inputs to exhaust resources

Summary CredSweeper's deep scanner does not enforce recursivelimitsize as a hard limit. Several recursive scanners fully decompress or fully read attacker-controlled content before the remaining budget is validated, and AbstractScanner.recursivescan continues processing even when the residual...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday3 views

Excelize: Unbounded Row Index Allocation in Worksheet Parser (checkSheet OOM/Panic DoS)

Unbounded Row Index Allocation in Worksheet Parser checkSheet OOM/Panic DoS Summary The checkSheet function in github.com/xuri/excelize/v2 uses an attacker-controlled XML attribute value directly as the length argument to makexlsxRow, row without validating it against the Excel row limit TotalRow...

7.5CVSS6.2AI score0.0007EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

Authorizer: Unvalidated redirect_uri in /authorize leaks OAuth2 tokens to attacker-controlled URL

Summary The /authorize endpoint accepts any redirecturi without validating it against AllowedOrigins. When responsetype=token or responsetype=idtoken, the server appends accesstoken, idtoken, and refreshtoken as query parameters and issues a 302 redirect to the attacker-supplied URL. An...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

SiYuan: Stored XSS to RCE via CSS-snippet <style> breakout in renderSnippet()

Summary A CSS snippet body containing breaks out of its surrounding tag when renderSnippet interpolates it via insertAdjacentHTML. A payload like runs arbitrary JavaScript in the renderer. On Electron desktop builds the renderer runs with nodeIntegration:true, so require'childprocess' is reachabl...

9.9CVSS6.2AI score0.00307EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday5 views

SiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read), Incomplete fix of CVE-2026-41894

Summary The patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint, default port 6808, an unauthenticated remote attacker can read arbitrary...

7.5CVSS6.2AI score0.01892EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

MCP Atlassian: DNS-rebinding TOCTOU bypass of the SSRF fix (CVE-2026-27826)

Summary GHSA-7r34-79r5-rcc9's fix added validateurlforssrf, which resolves the attacker-controlled X-Atlassian-Jira,Confluence-Url header host once at middleware time and trusts the result. But the outbound request is later built with the raw hostname and re-resolves at connect time with no IP...

8.2CVSS6.2AI score0.14958EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

tarteaucitron: data-cookie attribute can be used to delete arbitrary cookies

Summary tarteaucitron provides a list of cookies and buttons to delete them. If an attacker can write HTML with data attributes, they could create an element that silently deletes a cookie when clicked and trick a user to delete this cookie. Details tarteaucitron.cookie.purge is called on any...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday5 views

libp2p: CPU DoS via oversized IHAVE and IWANT control message arrays

Summary gossipsub processes IHAVE and IWANT control messages by iterating every received message ID synchronously before doing anything with the results. There is no cap on how many IDs a single frame may contain. The default LP frame limit is 4MB, which fits roughly 180,000 message IDs. Iteratin...

7.5CVSS6.2AI score0.00446EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

Kimai has Server-Side Request Forgery in Invoice PDF Rendering via Markdown Image URLs

Summary Kimai 2.56.0 contains a server-side request forgery vulnerability in its invoice PDF preview and generation workflow. If an attacker can control Markdown content that is later rendered into an invoice PDF, such as Customer.invoiceText, the server-side PDF renderer will fetch remote image...

6.2AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday7 views

morgan vulnerable to Log Forging via unneutralized control characters in :remote-user

Impact Morgan's :remote-user token extracts the Basic auth username from the Authorization header and writes it to the log stream without neutralizing control characters. An attacker can send a crafted Authorization: Basic header containing CR/LF characters to inject forged log lines, corrupting...

5.3CVSS6.1AI score0.00246EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added yesterday5 views

API Platform Core vulnerable to cross-user attribute leak in JSON:API and HAL item normalizers due to missing isCacheKeySafe gate

Impact ApiPropertysecurity: ... is evaluated per request to decide whether a property is exposed. The componentsCache arrays in ApiPlatform\JsonApi\Serializer\ItemNormalizer and ApiPlatform\Hal\Serializer\ItemNormalizer are keyed on $context'cachekey', which is set unconditionally before delegati...

5.9CVSS6.1AI score0.00197EPSS
Exploits0References3Affected Software3
Github Security Blog
Github Security Blog
added yesterday6 views

Tesla vulnerable to multipart part smuggling via unescaped `content-disposition` values

Summary Tesla.Multipart.partheadersfordisposition/1 interpolates Content-Disposition parameter values field name, filename, and other opts verbatim into the part header line without encoding or escaping any special characters. An attacker who controls a filename, field name, or other disposition...

2.1CVSS6.1AI score0.00143EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added yesterday7 views

Tesla vulnerable to atom exhaustion via untrusted URL scheme

Summary In the Mint adapter for the Tesla HTTP client library, Tesla.Adapter.Mint.openconn/2 passes the URL scheme of every outgoing request through String.toatom/1 with no allow-list validation. Because BEAM atoms are permanent never garbage-collected and the atom table is bounded at roughly...

8.2CVSS6AI score0.00301EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

Tesla: Authorization header leaks on cross-origin redirect via case-sensitive filtering

Summary Tesla.Middleware.FollowRedirects is meant to strip the Authorization header when following a cross-origin redirect, but performs the check with a case-sensitive comparison against the lowercase string "authorization". Because Tesla preserves header keys exactly as supplied by the caller,...

8.2CVSS6AI score0.00396EPSS
Exploits2References6Affected Software1
Github Security Blog
Github Security Blog
added yesterday6 views

Tesla has decompression bomb on response body

Summary Any Tesla client pipeline that includes Tesla.Middleware.DecompressResponse or Tesla.Middleware.Compression eagerly decompresses HTTP response bodies with no size limit. A server under attacker control or reached via a redirect can return a tiny gzip-encoded payload that expands into...

8.2CVSS6AI score0.00329EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added yesterday4 views

Tesla has CRLF injection in request `Content-Type` header via `add_content_type_param`

Summary Tesla.Multipart.addcontenttypeparam/2 appends caller-supplied strings to the multipart Content-Type header with no validation. A param value containing \r\n splits the header line, allowing an attacker who controls any content-type parameter charset, boundary parameter, etc. to inject...

2.1CVSS6.1AI score0.0017EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago6 views

Mistune: Potential DoS via quadratic-time parsing in parse_link_text

Summary Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. A relatively small input consisting of repeated characters causes significant parsing slowdown. Affected component mistune/inlineparser.py → parselinktext Description When parsing...

8.7CVSS7.1AI score0.0035EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago6 views

GoBGP confederation validation panics on empty AS_PATH attribute

Found through variant analysis based on CVE-2026-41643 Summary GoBGP accepts a zero-length ASPATH during UPDATE decoding and later panics while validating that attribute for a confederation eBGP peer. The vulnerable path is in the BGP UPDATE validator: a malformed UPDATE that should be rejected a...

7.5CVSS6.5AI score0.00503EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago7 views

GoBGP: BGP OPEN capability parser may read capability values outside declared CapLen boundaries

Summary GoBGP contains a BGP OPEN capability parsing issue where several concrete capability decoders may parse data from the full remaining capability buffer instead of the slice bounded by the declared capability length, CapLen. A malformed BGP OPEN message can cause bytes from a following...

6.4AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago4 views

psd-tools vulnerable to arbitrary file write via smart-object filename

psd-tools: arbitrary file write/read via smart-object path traversal Summary In psd-tools all releases exposing the SmartObject API through v1.17.0, SmartObject.save writes an embedded smart object to a path taken verbatim from the PSD file. Because that name is attacker-controlled and unsanitise...

6.6AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago6 views

sigstore-go has a multi-log threshold bypass via single compromised log

Impact What kind of vulnerability is it? Who is impacted? A verifier configured with WithTransparencyLogN1 or WithSignedCertificateTimestampsN1 expected defense-in-depth against the compromise of a single log instance. However, threshold counting counted verified witnesses per-entry or...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago6 views

Rattler vulnerable to package cache path traversal via conda package build string

rattlercache and py-rattler were vulnerable to package-cache path traversal when handling package metadata from conda channels. During cache materialization, the rattercache code used the package record build string as part of a cache key that was joined into a filesystem path. A malicious or...

6AI score0.00033EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2 days ago5 views

OpenRun: Redirect URL validation bypass using  //host  paths leads to Open Redirect

Summary The restrictions on redirect URLs in openrun can be bypassed by attackers, leading to open redirect attacks. Details In the current project, the referrer header value is used for subsequent redirects, so there is currently a validation for this redirect value. The current validation logic...

5.9AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago6 views

mint: Unbounded streams map growth via PUSH_PROMISE without follow-up HEADERS

Summary Mint's HTTP/2 client accepts PUSHPROMISE frames from any server it connects to and inserts every promised stream into a per-connection map without consulting maxconcurrentstreams. A malicious or compromised HTTP/2 server can flood the client with PUSHPROMISE frames and withhold the matchi...

8.2CVSS6AI score0.00384EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago5 views

mint: Unbounded CONTINUATION/HEADERS frame accumulation (CONTINUATION flood)

Summary Mint's HTTP/2 client accumulates CONTINUATION header-block fragments into a per-connection buffer with no cap on size or frame count. A malicious or compromised HTTP/2 server can drive the client's memory to arbitrary size by streaming an endless chain of CONTINUATION frames after a HEADE...

8.2CVSS6.2AI score0.00384EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago4 views

mint: Content-Length header accepts non-RFC "+" sign prefix

Summary Mint's HTTP/1 client accepts Content-Length header values with a leading + sign e.g. +0, +123, which RFC 7230 forbids Content-Length = 1DIGIT. On a connection shared with a strict fronting proxy or load balancer, this parser disagreement is a response-smuggling primitive: the proxy frames...

6.3CVSS6.1AI score0.00301EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago4 views

mint has potential CRLF injection in its HTTP request line via unvalidated `method`/`target`

Summary Mint's HTTP/1 request encoder splices the caller-supplied method and target directly into the request line without character validation. An application that forwards attacker-controlled input as the HTTP method or the target to Mint.HTTP.request/5 is exposed to request-line CRLF injection...

2.1CVSS6AI score0.00166EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago6 views

pypdf: Possible infinite loop when processing threads/articles in writer

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. Patches This has been fixed in pypdf==6.13.1. Workarounds If users cannot upgrade yet, consider applying the changes from PR 3839...

6.9CVSS5.8AI score0.00111EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago6 views

Sylius: IDOR on Shop Payment Request API endpoints

Impact The GET /api/v2/shop/payment-requests/hash and PUT /api/v2/shop/payment-requests/hash endpoints look up the payment request solely by the hash from the URL. No ownership check is performed against the authenticated customer or the underlying order. An attacker who obtains a payment request...

6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2 days ago5 views

Sylius: Channel-based payment method restriction bypass on shop account orders API endpoint

Impact An authorization bypass vulnerability exists in the shop account API. The PATCH /api/v2/shop/account/orders/tokenValue/payments/paymentId endpoint, used by an authenticated shop customer to change the payment method of an order that has been placed but not yet paid state STATENEW, does not...

5.9AI score
Exploits0References2Affected Software1
Total number of security vulnerabilities33225