33100 matches found
CefSharp.Common: `FolderSchemeHandlerFactory` path boundary check can expose files outside the configured root folder
Summary FolderSchemeHandlerFactory was intended to restrict served files to a configured rootFolder, but its path validation used a raw string prefix check. A request could escape to a sibling directory whose full path starts with the root folder path, allowing files outside the configured root t...
@adonisjs/bodyparser has an incomplete fix for CVE-2026-25754
Summary The fix for GHSA-f5x2-vj4h-vg4c / CVE-2026-25754 introduced in commit 40e1c71 is incomplete and can be bypassed through nested prototype pollution payloads. The original patch replaced the internal FormFields storage object with Object.createnull, preventing direct payloads such as...
oban_web missing authorization check on `save-job` event handler
Summary obanweb 2.12.0 through the current unpatched release exposes a save-job LiveView event handler that performs no authorization check, allowing any authenticated user including those with :readonly access to overwrite a queued job's worker field with any other Oban.Worker module present in...
oban_web: Unbounded range expansion in cron describe causes memory exhaustion
Summary obanweb 2.12.0 introduced a cron expression parser that expands --separated ranges without validating the endpoints. An attacker with access to schedule cron jobs can submit a malicious expression; when any user with dashboard access views the cron job list, Oban.Web.CronExpr.describe/1 i...
Probo has an open redirect bypass via path normalization
Impact Probo's saferedirect package validates redirect URLs used across authentication flows OIDC, SAML, session transfer, OAuth connectors, and trust-center magic links. The validator only inspected the second character of relative paths, so a URL like /../\evil.com passed validation because the...
Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation
Summary A follow-up bypass of the round-4 PodSpec hardening GHSA-gx55-f84r-v3r7, GHSA-wmgg-3p4h-48x7, GHSA-v455-mv2v-5g92. Those advisories validate and sanitize the PodSpec spec.runtime.podSpec / spec.builder.podSpec / function.spec.podSpec, but the Environment CRD also exposes...
Fission builder pods auto-mount the fission-builder ServiceAccount token in the user-supplied builder container
Summary Fission builder pods were created with ServiceAccountName: fission-builder and no AutomountServiceAccountToken: false, so the kubelet auto-mounted the service-account token into every container in the pod — including the user-supplied builder image. Details The user controls the builder...
Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape
Summary Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs for runtime and builder pods. The merge logic propagated hostNetwork, hostPID, hostIPC, container privileged, and serviceAccountName from the user-supplied podsp...
Fission Container Executor Function PodSpec Injection Leading to Node Escape
Summary Fission's Container Executor path lets a tenant supply Function.spec.podspec directly; the executor merges it into the executor-built podspec and creates a Deployment whose pods run the user's container image. Details Two flaws compounded: 1...
Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover
Summary A stronger framing of the same root cause as GHSA-gx55-f84r-v3r7: the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous fields into the generated pods. Details Three independent flaws compounded: 1. Validate gap...
Fission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhook
Summary The Fission Function admission webhook pkg/webhook/function.go validated that spec.secrets.namespace and spec.configmaps.namespace equalled the function's own namespace but performed no equivalent check on spec.environment.namespace. Details An attacker with permission to create Functions...
Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook
Summary A Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by the admission webhook; PackageRef.Namespace was not. Details A tenant with functions.fission.io/create in their own namespace could set...
Fission: Cross-namespace event leakage via KubernetesWatchTrigger allows persistent tenant surveillance
Summary A low-privilege developer who could create a KubernetesWatchTrigger KWT in their own namespace was able to establish a persistent surveillance channel over any other namespace. Details Two independent flaws compounded: 1. pkg/kubewatcher/kubewatcher.go::createKubernetesWatch used...
Fission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltration
Summary Fission's buildermgr controller processed Package CRDs without verifying that Package.spec.environment.namespace matched Package.metadata.namespace. Details An attacker with packages.fission.io/create in their own namespace could set spec.environment.namespace to any other tenant's...
Fission: MessageQueueTrigger scaler manager materializes Secret values into Deployment envvars and accepts arbitrary user PodSpec
Summary The Fission MessageQueueTrigger MQT scaler controller exposed two privilege-escalation primitives to any subject able to create MQTs in a namespace. Details 1. Secret materialization. getEnvVarlist in pkg/mqtrigger/scalermanager.go read the Secret named in Spec.Secret using the controller...
Sigstore Java has a vulnerability with bundle verification of integratedTime
Summary Regression: Verification of integratedTime from Rekor V1 Log Entry against Fuclio Certificate validity was missing Details - PR 1008 erroneously removed verification of the integrated Rekor entry time against the Fulcio certificate. - PR 1185 re-added this verification with enhancements...
@cedar-policy/authorization-for-expressjs has an authorization bypass via query string manipulation
Summary @cedar-policy/authorization-for-expressjs is an open-source Express.js middleware that integrates Cedar authorization into Express applications by mapping HTTP requests to Cedar actions and evaluating authorization policies before allowing requests to proceed. An issue exists where, under...
Kahi has privilege-drop and socket/log permission issues
Kahi releases up to and including v0.1.0-alpha.8 contain three privilege/permission issues, all fixed in v0.1.0-alpha.9. They were identified in a full-codebase security review on 2026-05-26. Affected versions All releases = v0.1.0-alpha.8. Patched version v0.1.0-alpha.9. Details 1. Per-process...
Paymenter has URL parameter injection that bypasses paid plan limits at checkout
Summary The checkout component improperly filters URL-writable properties, allowing authenticated users to inject arbitrary key-value pairs into server provisioning parameters. Because bundled server extensions prioritize these user-supplied properties over administrator-defined configurations, a...
RabbitMQ vulnerable to Denial of Service by publishing large messages over the HTTP API
Summary Responsibly disclosed by @NSEcho. HTTP API did not enforce an HTTP request body limit, making it vulnerable for DoS attacks with very large messages. Details An authenticated user with sufficient credentials can publish a very large messages over the HTTP API and cause target node to be...
RabbitMQ has predictable credential obfuscation seed value used in Shovel and Federation plugins
Impact Shovel and Federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data...
Microsoft.OpenAPI: Circular schema references may terminate OpenAPI parsing
Impact A small OpenAPI document containing a circular schema reference can cause process termination through stack overflow in Microsoft.OpenApi. The issue affects OpenAPI document parsing through public OpenAPI.NET reader APIs and has been confirmed across both JSON and YAML reader paths. Affect...
Dgraph Vulnerable to DQL Injection via checkUserPassword GraphQL Query
Summary The checkUserPassword GraphQL query in Dgraph is vulnerable to DQL Dgraph Query Language injection. User-supplied password values are interpolated directly into a DQL checkpwd query via fmt.Sprintf without any escaping or parameterization. An attacker can inject a password containing a...
OpenAM OAuth Authorization Bypass via PKCE Challenge
Summary Description An Improper Authorization CWE-285 issue in OpenAM's OAuth2 authorization-code grant allows a PKCE-protected authorization code to be redeemed without the required codeverifier. This affects OpenAM Community Edition through version 16.0.6 and was patched in version 16.1.1. The...
OpenAM OAuth Client Impersonation via JWKS Resolver Cache
Summary Description An Improper Authentication CWE-287 issue in OpenAM's OAuth2 privatekeyjwt client authentication path allows any registered OAuth2 client to mint tokens in the name of any other client whose key is published via a jwksuri, without knowing the victim's signing key. This affects...
OpenAM Authenticated RCE via Groovy Sandbox Escape
Summary Description A Protection Mechanism Failure CWE-693 in OpenAM's server-side scripting sandbox allows an authenticated script author execute operating-system commands from the OpenAM JVM with the default class allow and deny lists. This impacts OpenAM Community Edition through version 16.0....
Inside the Advisory Database and what happens when vulnerability volume breaks records
In May 2026, the GitHub Advisory Database published 1,560 reviewed advisories --more than five times our typical monthly output and the highest in its history. And it still wasn't enough to keep up. Over the past few months, the vulnerability ecosystem has shifted in a fundamental way. Input acro...
pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config
Summary pnpm accepts package names from the env lockfile configDependencies section and uses those names directly when creating config dependency symlinks under nodemodules/.pnpm-config. A malicious repository can commit a crafted pnpm-lock.yaml whose env-lockfile document contains a...
pnpm: `patch-remove` could delete project-selected files outside the patches directory
Summary The patch-remove deletion-scope issue tracked as GHSA-72r4-9c5j-mj57 / CAND-PNPM-030 has been addressed in pnpm. A crafted patch entry could resolve outside the configured patches directory and cause pnpm patch-remove to delete an arbitrary reachable file. This patch validates the...
pnpm: Hoisted install imports lockfile alias outside node_modules
Summary The hoisted dependency alias issue tracked as GHSA-fr4h-3cph-29xv / CAND-PNPM-059 has been addressed in both pnpm and pacquet. A crafted lockfile alias could be joined directly under a hoisted nodemodules directory. Traversal aliases could escape that directory, while reserved aliases suc...
Nezha Dashboard: DDNS and Notification credential exposure via unredacted list API
Summary The GET /api/v1/ddns and GET /api/v1/notification endpoints return full resource objects including plaintext third-party API credentials — Cloudflare API tokens, TencentCloud SecretKeys, Slack/Discord/Telegram webhook URLs with embedded bot tokens, and Authorization header values — withou...
pnpm: `stage download` writes outside its destination directory via manifest name/version traversal
Summary The staged-tarball filename traversal reported as GHSA-v23m-ccfg-pq9h / CAND-PNPM-038 is fixed on main by pnpm/pnpm12303, merged as 65443f4bdf1f0db9c8c7dc58fee25252607e9234. Before the fix, pnpm stage download derived a local filename from registry-controlled package name and version...
pnpm: Reserved bin name deletes PNPM_HOME during global remove
Maintainer Action Plan Maintainer Action Plan This report is ready to review with the shared patch branch. Start with the PR and the expected fixed behavior, then use the detailed exploit narrative below only if you want to replay the original path. - Advisory: CAND-PNPM-085 / GHSA-4gxm-v5v7-fqc4...
pnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytes
Maintainer Action Plan This report is ready to review with the shared patch branch. Start with the PR and the expected fixed behavior, then use the detailed exploit narrative below only if you want to replay the original path. - Advisory: CAND-PNPM-063 / GHSA-w466-c33r-3gjp - Advisory URL:...
Subsonic API: any authenticated user can delete or read any other user's playlist (IDOR)
Summary In gonic, the Subsonic API endpoints /rest/deletePlaylist.view and /rest/getPlaylist.view perform no per-resource authorization. Once authenticated as any user admin or not, an attacker can: 1. Delete any playlist owned by any other user including admin by passing its id. 2. Read the full...
gonic: Path Traversal in playlist `id` bypasses ownership check, enabling any user to read/delete other users' playlists
Summary The maintainer's recent fix in 6dd71e6a3c966867ef8c900d359a7df75789f410 fixsubsonic: enforce playlist ownership on getPlaylist/deletePlaylist added an ownership check based on playlist.UserID. However, playlist.UserID is derived from the first path segment of the attacker-controlled...
gonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the host
Summary A logic error in ServeCreateOrUpdatePlaylist allows any authenticated Subsonic user including non-admin to write playlist M3U content to an attacker-controlled absolute filesystem path on the gonic host, and to create intermediate directories with 0o777 permissions. The bug is independent...
pnpm: Repository-controlled configDependencies can select a pacquet native install engine
Maintainer Action Plan This report is ready to review with the shared patch branch. Start with the PR and the expected fixed behavior, then use the detailed exploit narrative below only if you want to replay the original path. - Advisory: CAND-PNPM-097 / GHSA-gj8w-mvpf-x27x - Advisory URL:...
pnpm: Manifest identity spoof satisfies allowBuilds and runs attacker lifecycle
Summary Keep build approval for opaque dependency sources byte-exact for GHSA-5wx6-mg75-v57r / CAND-PNPM-123. Merged upstream commit bf1b731ee6 fixed the original name-only approval bypass by making build policy consume the resolved dependency identity. One collision remained: the generic...
pnpm: Repository config can expand victim environment secrets into registry requests before scripts run
Maintainer Action Plan This report is ready to review with the shared patch branch. Start with the PR and the expected fixed behavior, then use the detailed exploit narrative below only if you want to replay the original path. - Advisory: CAND-PNPM-122 / GHSA-3qhv-2rgh-x77r - Advisory URL:...
ImageMagick has a Heap Buffer Over-Write in SF3 encoder when writing multi-frame image
An crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder...
ImageMagick: Memory Leak in wand option parser when providing invalid arguments
When providing invalid options to the wand option parser a small memory leak will occur...
Statamic CMS's incorrect authorization lets view-only users submit Live Preview content reserved for editors
Impact The Live Preview endpoint for existing entries and terms only checked view authorization, but it accepts and renders caller-supplied field values. A Control Panel user with view but not edit permission could therefore submit content they were not authorized to author and generate a shareab...
Nezha Monitoring: OAuth2 Redirect URL — Host Header Injection
Description The getRedirectURL function in oauth2.go:22-29 constructs the OAuth2 callback URL by concatenating the request's Host header with a fixed path, with zero validation of the Host header: go func getRedirectURLc gin.Context string scheme := "http://" referer := c.Request.Referer if...
Nezha Monitoring: Unbounded WebSocket Streams — Resource Exhaustion DoS
Description The Nezha dashboard exposes two endpoints that create long-lived WebSocket streams to monitored agents: - POST /api/v1/terminal → createTerminal terminal.go:27-67 - POST /api/v1/file → createFM fm.go:28-67 Both call rpc.NezhaHandlerSingleton.CreateStreamstreamId, ... which inserts a...
Statamic Vulnerable to CSV formula injection in form submission exports
Impact Form submission values were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula trigger character e.g. = , + , - , @ could be interpreted as a live formula when a Control Panel user opens the export in a...
Statamic Vulnerable to Server-Side Request Forgery via Glide (DNS rebinding)
Impact The Glide image proxy's URL validation could be bypassed using DNS rebinding. The remote hostname was validated as publicly routable, but resolved again when the image was actually fetched, so an attacker controlling the hostname's DNS could rebind it to an internal address after validatio...
Nezha Monitoring: Pre-auth path traversal via /dashboard.. prefix confusion leaks jwt_secret_key
Summary fallbackToFrontend in the dashboard's NoRoute handler treats any URL whose raw string starts with /dashboard as an admin-frontend asset request. The check uses strings.HasPrefix, not a path-segment match, so the input /dashboard../data/config.yaml is accepted; strings.TrimPrefix leaves...
Nezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user's DDNS profile context
Summary PATCH /server/id accepts and persists nonexistent ddnsprofiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, the DDNS worker resolves the stored ID and dispatches an update using the other user's DDNS profile configuration in the contex...
Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing
Summary An authenticated non-admin user who owns any server can create or update a NAT profile whose domain is equal to the dashboard's own HTTP Host for example, dashboard.example:8008. The dashboard's top-level HTTP/gRPC multiplexer checks NATShared.GetNATConfigByDomainr.Host before dispatching...