33100 matches found
sigstore's `certificateOIDs` verification constraints are silently dropped and never enforced
Summary The documented certificateOIDs option in sigstore.verify is accepted by the public API but discarded before verification, so required certificate extension OIDs are never checked. Details The public verify options include certificateOIDs and the documentation says those OID/value pairs...
sigstore-js has Insufficient Verification of Data Authenticity
sigstore-js derives a transparency-log timestamp from tlogEntries.integratedTime and uses it to validate certificate validity windows and satisfy timestampThreshold. For bundle v0.2, a tlog entry can be inclusionProof-only no signed inclusionPromise/set, and the inclusion proof path does not...
CrateDB's Blob HTTP handler bypasses authorization
Component: io.crate.protocols.http.HttpBlobHandler Affected: verified against CrateDB 6.2.7 latest at time of report; the bug has existed since the blob HTTP handler was introduced Impact: any authenticated user can read or delete any blob whose SHA-1 digest they know, and can plant new blobs...
Kimai Password Reset Link Remains Valid After Password Change
Summary The LoginLink signature used for password reset URLs covers only the user's id — it does not include the password hash. After a user clicks a reset link and successfully changes their password, the same link remains valid for up to 2 additional uses within a 1-hour window. Anyone who...
repomix: attach_packed_output can bypass file-read secret scanning for supported local files
attachpackedoutput can register arbitrary .json/.txt/.md/.xml files and bypass the MCP file-read safety check Summary Repomix's MCP server exposes a normal filesystemreadfile tool that reads absolute paths only after running the project's secret check. However, the attachpackedoutput plus...
Concourse login flow has an open redirect issue
Impact An attacker is able to craft and send a user a URL that will redirect the user from the Concourse web server to any other site. This could be used in a phishing attack to steal user's credentials. Patches This has been fixed in 8.2.3 Workarounds None. Exploit Vulnerable code was in:...
repomix Vulnerable to Command Injection (RCE) via `--remote-branch` Argument Injection
Vulnerability Metadata | Field | Detail | | --- | --- | | Affected Component | src/core/git/gitCommand.ts execGitShallowClone | | Impact | Arbitrary Command Execution / Security Control Bypass | Summary The --remote-branch CLI option in repomix is vulnerable to argument injection. User-supplied...
pay-rails/pay: non-constant-time HMAC comparison in Paddle Billing webhook signature verifier
Summary Pay::Webhooks::PaddleBillingControllervalidsignature? app/controllers/pay/webhooks/paddlebillingcontroller.rb verifies the Paddle Billing webhook signature by computing OpenSSL::HMAC.hexdigest... and comparing it to the attacker-supplied header value using Ruby's String==. Ruby's == is...
Twig: Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders for a cached `Template`
Description The per-template filter, tag and function allow-list check is compiled into the checkSecurity method of each Template subclass and was invoked once from the constructor, gated by SandboxExtension::isSandboxed$source. Template instances are then cached on the Environment in...
Constrata's coordinator transit engine `ciphertextContainer.UnmarshalJSON` panics on attacker-controlled short ciphertexts
Summary ciphertextContainer.UnmarshalJSON decodes the third :-separated component of a vault:vX:base64... ciphertext and then unconditionally takes a 12-byte prefix slice for the AES-GCM nonce: c.nonce = fullCiphertext:aesGCMNonceSize. If the decoded blob is shorter than 12 bytes, the slice...
Contrast's Imagepuller registryFor uses unanchored suffix matching, leaking auth credentials and trusted CA configuration to sibling-domain registries
Summary Config.registryFor selected a per-registry credential / CA / mirror block by checking strings.HasSuffixname, fqdn after stripping a single trailing dot. The match has no boundary between the configured FQDN and any preceding characters in the request hostname. A registry configured as...
Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR`
Untrusted Project Bootstrap Code Execution via CLAUDEPROJECTDIR Summary The Cortex MCP server neuro-cortex-memory treats the CLAUDEPROJECTDIR environment variable — automatically set by Claude Code to the currently open project directory — as a trusted Cortex developer checkout. When the...
Schema.org has cross-site scripting (XSS) via script break-out in toScript() output
Schema.org has a cross-site scripting XSS vulnerability via script break-out in toScript output...
wetty vulnerable to DOM XSS via file-download filename
Summary The wetty client decodes a base64 filename from the file-download escape sequence and interpolates it raw into a Toastify HTML string escapeMarkup: false. Any output the victim renders - a cat'd file, a tailed log, an SSH MOTD, a curl response - that contains \x1b5i...:...\x1b4i runs scri...
EasyAdminBundle has path traversal and reflected XSS in Flag and Icon Twig components
EasyAdminBundle ships two public Twig components — and — that load SVG files from disk using a path built directly from a public component property, and then render the resulting markup with the Twig |raw filter. When an application binds either of those properties to data that is influenced by a...
auth-fetch-mcp has SSRF Protection Bypass via IPv4-mapped IPv6 Loopback
SSRF Protection Bypass via IPv4-mapped IPv6 Loopback Summary auth-fetch-mcp v3.0.1 implements SSRF protection in assertSafeUrl src/security.ts to block requests to private and loopback addresses. However, the isPrivateV6 function fails to detect IPv4-mapped IPv6 loopback addresses in their...
@jshookmcp/jshook: ICMP probe and traceroute skip local-network SSRF authorization
Summary The network domain has a central SSRF authorization policy that blocks private, loopback, link-local, and reserved targets unless an explicit authorization object allows private network access. The policy is enforced by raw HTTP/TCP/TLS RTT tools, but the ICMP probe and traceroute tools...
GeoNetwork has ACL bypass on Elasticsearch search when request body omits query field
Summary GeoNetwork's Elasticsearch-backed search API is responsible for injecting access-control and visibility filters into every request before it reaches the underlying Elasticsearch index. Under certain request conditions, that filtering step does not run, allowing an unauthenticated user to...
GeoNetwork has reflected XSS through client-side template injection
Summary It is possible to craft a URL that causes GeoNetwork to reflect attacker-controlled content into an error page in a way that gets evaluated as a client-side template expression. Combined with known AngularJS sandbox-escape techniques, this can be used to execute arbitrary JavaScript in th...
Open Babel has out-of-bounds write in MSI translationVectors[]
Summary A memory-safety vulnerability in Open Babel's MSI parser allowed an out-of-bounds write into the translationVectors array when reading a crafted input file. Details The MSI reader stored cell translation vectors into a fixed-size translationVectors array. A malformed input could push more...
Open Babel has out-of-bounds write in MOPAC IN translationVectors[] (Tv atom)
Summary A memory-safety vulnerability in Open Babel's MOPAC input parser allowed an out-of-bounds write into the translationVectors array when reading Tv translation-vector atoms from a crafted input file. Details The MOPAC IN reader stored Tv-atom translation vectors into a fixed-size...
Open Babel has out-of-bounds write in MOPAC translationVectors[] (FINAL POINT)
Summary A memory-safety vulnerability in Open Babel's MOPAC output parser allowed an out-of-bounds write into the translationVectors array when reading the "FINAL POINT" block of a crafted input file. Details The MOPAC output reader stored translation vectors from the FINAL POINT block into a...
Open Babel has out-of-bounds write in Gaussian translationVectors[]
Summary A memory-safety vulnerability in Open Babel's Gaussian output parser allowed an out-of-bounds write into the translationVectors array when reading a crafted input file. Details The Gaussian reader stored periodic-cell translation vectors into a fixed-size translationVectors array. A...
Open Babel has out-of-bounds write in ORCA nAtoms parser (second variant)
Summary A memory-safety vulnerability in Open Babel's ORCA parser allowed an out-of-bounds write when reading a crafted input file. Details A second variant of the nAtoms out-of-bounds write in the ORCA reader: a different malformed-input path produced the same class of write past the end of the...
Open Babel has out-of-bounds write in ORCA nAtoms parser
Summary A memory-safety vulnerability in Open Babel's ORCA parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the nAtoms handling of the ORCA reader. A malformed input caused the parser to write past the end of its destination buffer. Impact Open Babe...
Open Babel has uninitialized pointer dereference in PQS pFormat
Summary A memory-safety vulnerability in Open Babel's PQS parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the pFormat handling of the PQS reader. A malformed input caused the parser to dereference a format pointer that had never been...
Open Babel has uninitialized pointer dereference in MSI atom parser
Summary A memory-safety vulnerability in Open Babel's MSI parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the atom handling of the MSI reader. A malformed record caused the parser to dereference an atom pointer that had never been...
Open Babel has out-of-bounds write in MOL2 attribute/value parser
Summary A memory-safety vulnerability in Open Babel's MOL2 parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the attribute/value parsing path of the MOL2 reader. An over-long attribute or value caused the parser to write past the end of a fixed-size...
Open Babel has out-of-bounds write in PQS coord_file parser
Summary A memory-safety vulnerability in Open Babel's PQS parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the coordfile parsing path of the PQS reader. A malformed coord file specifier caused the parser to write past the end of its destination...
Open Babel has uninitialized pointer dereference in GRO residue parser
Summary A memory-safety vulnerability in Open Babel's GRO parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the residue handling of the GRO reader. A malformed record caused the parser to use a residue pointer that had never been...
Open Babel has out-of-bounds write in CSR PadString (title field)
Summary A memory-safety vulnerability in Open Babel's CSR parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the PadString helper used to handle the CSR title field. A title longer than the fixed destination buffer caused the parser to write past the...
Open Babel has out-of-bounds write in Gaussian coords_type orientation parser
Summary A memory-safety vulnerability in Open Babel's Gaussian output parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the coordstype orientation parser inside the Gaussian output reader. A malformed orientation block caused the parser to write past...
Open Babel has out-of-bounds read in PQS lowerit (pre-buffer read)
Summary A memory-safety vulnerability in Open Babel's PQS parser caused an out-of-bounds pre-buffer read when reading a crafted input file. Details The flaw was in the lowerit helper used by the PQS parser. A malformed input caused the helper to read one or more bytes before the start of its inpu...
Open Babel has NULL pointer dereference in CACAO CacaoFormat::SetHilderbrandt
Summary A memory-safety vulnerability in Open Babel's CACAO parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in CacaoFormat::SetHilderbrandt. A malformed input caused the parser to dereference a NULL pointer while applying the Hilderbrandt...
Open Babel has NULL pointer dereference in ChemKinFormat::ReadReactionQualifierLines
Summary A memory-safety vulnerability in Open Babel's ChemKin parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in ChemKinFormat::ReadReactionQualifierLines. A malformed reaction qualifier record caused the parser to dereference a NULL pointer. Impac...
Open Babel has heap buffer overflow in ChemKin ChemKinFormat::CheckSpecies
Summary A memory-safety vulnerability in Open Babel's ChemKin parser caused a heap buffer overflow when reading a crafted input file. Details The flaw was in ChemKinFormat::CheckSpecies. A malformed species record caused the parser to write past the end of a heap-allocated buffer. Impact Open Bab...
6 security settings every GitHub maintainer should enable this week
At GitHub Security Lab, we spend a lot of our week talking to maintainers. Some find the settings page dense and the docs sprawl. Most maintainers we talk to weren't hired to be security engineers. While this is true, ignoring a project's security settings completely will lead into leaving a lot ...
Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles
Summary A memory-safety vulnerability in Open Babel's SMILES parser caused a heap buffer overflow when reading a crafted input string. Details The flaw was in OBSmilesParser::ParseSmiles. A malformed SMILES input caused the parser to write past the end of a heap-allocated buffer. Impact Open Babe...
Open Babel has out-of-bounds write (overlapping memcpy) in zipstream basic_unzip_streambuf::underflow
Summary A memory-safety vulnerability in Open Babel's bundled zipstream decompression code caused an out-of-bounds write via overlapping memcpy when reading a crafted gzip-compressed chemistry file. Details The flaw was in basicunzipstreambuf::underflow. The decompression buffer refill path invok...
Paymenter has race condition in payWithCredit() that enables credit double-spend
Summary The credit payment implementation in app/Livewire/Invoices/Show.php executes a pessimistic row lock lockForUpdate outside of an active database transaction. Because MySQL/MariaDB requires an enclosing transaction to enforce row-level locks, the guard is ineffective. Concurrent payment...
Open Babel has Use-after-free in GAMESS GAMESSOutputFormat::ReadMolecule
Summary A memory-safety vulnerability in Open Babel's GAMESS output parser caused a use-after-free when reading a crafted input file. Details The flaw was in GAMESSOutputFormat::ReadMolecule. A malformed input caused the parser to dereference a stale pointer after the underlying object had been...
Open Babel has a NULL pointer dereference in CDXML OBAtom::GetExplicitValence
Summary A memory-safety vulnerability in Open Babel's CDXML file format parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in OBAtom::GetExplicitValence as called from the CDXML parser. A malformed fragment caused the parser to invoke the method on a...
Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge
Summary A memory-safety vulnerability in Open Babel's MOL2 file format parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in OBAtom::SetFormalCharge as called from the MOL2 parser. A malformed atom record caused the parser to call the method on a NULL...
Open Babel has an out-of-bounds read in CIF transform3d::DescribeAsString
Summary A memory-safety vulnerability in Open Babel's CIF file format parser allowed an out-of-bounds read when reading a crafted input file. Details The flaw was in OpenBabel::transform3d::DescribeAsString. A malformed symmetry-operation string caused the parser to read past the end of its...
Twig: Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface`
Description This is a residual bypass of CVE-2026-46635 / GHSA-vcc8-phrv-43wj that only affects sandboxing enabled through SourcePolicyInterface and not the regular global sandbox mode. CoreExtension::column receives the active sandbox state via the needsissandboxed channel as a boolean...
Twig: Sandbox `__toString()` policy bypass via `Traversable` in `join` and `replace` filters
Description This is a residual bypass of CVE-2026-47732 / GHSA-pr2w-4gpj-cpq4 left after the initial fix for unguarded toString calls. It covers two related coercion points that were not caught by the original patch. Traversable in join and replace filters. SandboxExtension::ensureToStringAllowed...
Twig: Sandbox `__toString()` policy bypass via dynamic mapping keys
Description This is a residual bypass of CVE-2026-47732 / GHSA-pr2w-4gpj-cpq4 left after the initial fix for unguarded toString calls. In 3.26.0 the sandbox visitor was extended to wrap every child node that its parent will string-coerce at runtime with CheckToStringNode, gated by the new...
Twig: Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php`
Description The 3.26.0 source-policy hardening changed the signature of CoreExtension::checkArrow to take a boolean $isSandboxed instead of an Environment, and added the same $isSandboxed argument to CoreExtension::arraySome and CoreExtension::arrayEvery. Compiled templates were updated to pass t...
Sigstore Timestamp Authority has OOM due to unbounded metric label cardinality
Impact An unauthenticated remote attacker can trigger unbounded memory growth on the timestamp authority server. This vulnerability exists because the global wrapMetrics middleware records the raw HTTP request path r.URL.Path and raw HTTP request method r.Method as Prometheus labels for latency a...
Fulcio has OIDC Discovery Redirect Following Allows SSRF and JWKS Substitution for Meta-Issuer Paths, with Kubernetes Service-Account Token Leakage
Impact Three security vulnerabilities were identified in the OIDC Discovery client: 1. Blind Server-Side Request Forgery SSRF via Cross-Host Redirects: Fulcio uses an HTTP client to fetch OIDC discovery metadata /.well-known/openid-configuration. Prior to this fix, if a configured issuer returned...