Lucene search
K
GithubRecent

33181 matches found

Github Security Blog
Github Security Blog
added 2026/04/01 9:43 p.m.4 views

AIOHTTP has a Multipart Header Size Bypass

Summary A response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. Impact Multipart headers were not subject to the same size restrictions in place for normal headers, potentially allowing substantially more...

8.7CVSS5.8AI score0.0044EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:42 p.m.8 views

SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and IPv6

Details Distinct from CVE-2025-59159 and CVE-2026-26286 all fixed in v1.16.0. This endpoint is still unpatched. In src/endpoints/search.js line 419, the hostname is checked against /^\d+.\d+.\d+.\d+$/. This only matches literal dotted-quad IPv4 e.g. 127.0.0.1, 10.0.0.1. It does not catch: -...

5CVSS6AI score0.00213EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:41 p.m.31 views

SillyTavern: Path Traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root

Summary A Path Traversal vulnerability in chat endpoints allows an authenticated attacker to read and delete arbitrary files under their user data root for example secrets.json and settings.json by supplying avatarurl="..". Details The input validator used by avatarurl blocks only / and NUL bytes...

8.8CVSS6AI score0.0057EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:40 p.m.20 views

SillyTavern: Path Traversal allows file existence oracle

Summary A path traversal vulnerability in the static file route handler allows any unauthenticated user to determine whether files exist anywhere on the server's filesystem. By sending percent-encoded ../ sequences %2E%2E%2F in requests to static file routes, an attacker can check for the existen...

5.3CVSS5.9AI score0.00449EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:36 p.m.4 views

SillyTavern has a path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory

Summary A path traversal vulnerability in /api/chats/import allows an authenticated attacker to write attacker-controlled files outside the intended chats directory by injecting traversal sequences into charactername. Details charactername is used unsafely as part of the destination filename and...

8.1CVSS5.9AI score0.0041EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:36 p.m.5 views

Payload has a CSRF Protection Bypass in Authentication Flow

Impact A Cross-Site Request Forgery CSRF vulnerability existed in the authentication flow. Under certain conditions, the configured CSRF protection could be bypassed, allowing cross-site requests to be made. Consumers are affected if ALL of these are true: - Payload version v3.79.1 - serverURL is...

5.4CVSS5.7AI score0.00129EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:26 p.m.11 views

AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows

Summary On Windows the static resource handler may expose information about a NTLMv2 remote path. Impact If an application is running on Windows, and using aiohttp's static resource handler not recommended in production, then it may be possible for an attacker to extract the hash from an NTLMv2...

8.7CVSS5.9AI score0.00433EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:25 p.m.6 views

Payload has Authenticated SSRF via Upload Functionality

Impact An authenticated Server-Side Request Forgery SSRF vulnerability existed in the upload functionality. Authenticated users with create or update access to an upload-enabled collection could cause the server to make outbound HTTP requests to arbitrary URLs. Consumers are affected if ALL of...

7.7CVSS5.9AI score0.00296EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:24 p.m.5 views

@payloadcms/next has Stored XSS in Admin Panel

Impact A stored Cross-site Scripting XSS vulnerability existed in the admin panel. An authenticated user with write access to a collection could save content that, when viewed by another user, would execute in their browser. Consumers are affected if ALL of these are true: - Payload version v3.78...

8.7CVSS5.9AI score0.00286EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:20 p.m.8 views

AIOHTTP has CRLF injection through multipart part content type header construction

Summary An attacker who controls the contenttype parameter in aiohttp could use this to inject extra headers or similar exploits. Impact If an application allows untrusted data to be used for the multipart contenttype parameter when constructing a request, an attacker may be able to manipulate th...

6.9CVSS5.8AI score0.00315EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:19 p.m.6 views

AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector

Summary An unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. Impact If an application makes requests to a very large number of hosts, this could cause the DNS cache to continue growing and slowly use excessive amounts of memory. ----- Patch:...

7.5CVSS5.9AI score0.0044EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:19 p.m.6 views

Payload has an SQL Injection via Query Handling

Impact Certain request inputs were not properly validated. An attacker could craft requests that influence SQL query execution, potentially exposing or modifying data in collections. Patches This issue has been fixed in v3.79.1 and later. Query input validation has been hardened. Upgrade to v3.79...

8.5CVSS5.8AI score0.00317EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:17 p.m.6 views

Claude SDK for Python: Memory Tool Path Validation Race Condition Allows Sandbox Escape

The async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory directory, but then returned the unresolved path for subsequent file operations. A local attacker able to write to the memory directory could retarget a...

5.8CVSS5.9AI score0.00138EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:16 p.m.5 views

Claude SDK for TypeScript: Memory Tool Path Validation Allows Sandbox Escape to Sibling Directories

The local filesystem memory tool in the Anthropic TypeScript SDK validated model-supplied paths using a string prefix check that did not append a trailing path separator. A model steered by prompt injection could supply a crafted path that resolved to a sibling directory sharing the memory root's...

6.3CVSS5.9AI score0.00292EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:15 p.m.7 views

Claude SDK for Python has Insecure Default File Permissions in Local Filesystem Memory Tool

The local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and world-writable in environments with a permissive umask such as many Docker base images. A local attacker on a shared host could read...

4.8CVSS5.9AI score0.00122EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:14 p.m.6 views

ONNX: External Data Symlink Traversal

Summary - Issue: Symlink traversal in external data loading allows reading files outside the model directory. - Affected code: onnx/onnx/checker.cc: resolveexternaldatalocation used via Python onnx.externaldatahelper.loadexternaldataformodel. - Impact: Arbitrary file read confidentiality breach...

5.5CVSS5.8AI score0.00248EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:13 p.m.9 views

ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load

Summary The issue is in onnx.load — the code checks for symlinks to prevent path traversal, but completely misses hardlinks, which is the problem, since a hardlink looks exactly like a regular file on the filesystem. The Real Problem The validator in onnx/checker.cc only calls issymlink and never...

5.5CVSS5.9AI score0.00176EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:12 p.m.10 views

openssl-encrypt has CORS wildcard with allow_credentials=True in standalone servers

Summary Both standalone servers configure CORS with alloworigins="", allowcredentials=True, allowmethods="", and allowheaders="". Affected Code python server/key-server/app/main.py:86-92 server/telemetry-server/app/main.py:23-29 app.addmiddleware CORSMiddleware, alloworigins=settings.corsorigins,...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:12 p.m.4 views

openssl-encrypt accepts refresh tokens as URL query parameters causing token leakage

Summary Refresh tokens are accepted as URL query parameters in the keyserver and telemetry server routes. Affected Code python opensslencryptserver/modules/keyserver/routes.py:214-215 opensslencryptserver/modules/telemetry/routes.py:90-91 async def refreshtoken request: Request, refreshtoken: str...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:11 p.m.7 views

openssl-encrypt's readiness endpoint leaks database error details to unauthenticated callers

Summary The /ready endpoint in opensslencryptserver/server.py at lines 159-175 catches database errors and returns the full exception string in the response. Affected Code python except Exception as e: return "status": "notready", "reason": stre Impact Database exception messages can leak: -...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:11 p.m.8 views

openssl-encrypt has no owner verification on key revocation — any client can revoke any key

Summary The revokekey method in opensslencryptserver/modules/keyserver/service.py at lines 195-270 accepts a clientid parameter but never verifies that the requesting client is the same as key.ownerclientid. Impact Any authenticated client can revoke any other client's key, as long as they provid...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:11 p.m.9 views

openssl-encrypt's unverified key bundle from_dict() + to_identity() path allows encryption to attacker keys

Summary The PublicKeyBundle.fromdict method in opensslencrypt/modules/keybundle.py at lines 329-361 creates bundles from untrusted data without verifying the signature. The docstring warns to call verifysignature after creation, but the toidentity method line 363-391 can convert an unverified...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:10 p.m.11 views

ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.

Summary The ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. The problem? It didn’t check if the "keys" in the file were valid. Because it blindly trusted the file, an attacker could craft a...

8.6CVSS5.9AI score0.00288EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:9 p.m.11 views

DNS Rebinding Protection Disabled by Default in Model Context Protocol Go SDK for Servers Running on Localhost

The Model Context Protocol MCP Go SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication with StreamableHTTPHandler or SSEHandler, a malicious website could exploit DNS rebinding to bypass same-origi...

8.1CVSS5.9AI score0.00455EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:8 p.m.8 views

AVideo: Stored SSRF via Video EPG Link Missing isSSRFSafeURL() Validation

Summary The EPG Electronic Program Guide link feature in AVideo allows authenticated users with upload permissions to store arbitrary URLs that the server fetches on every EPG page visit. The URL is validated only with PHP's FILTERVALIDATEURL, which accepts internal network addresses. Although...

6.5CVSS6.1AI score0.00323EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:8 p.m.7 views

AVideo: Reflected XSS via Unescaped ip Parameter in User_Location testIP.php

Summary The UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTML and JavaScript via a crafted URL. Although the page is restricte...

6.1CVSS6AI score0.0022EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:7 p.m.7 views

AVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request Parameter

Summary AVideo's video processing pipeline accepts an overrideStatus request parameter that allows any uploader to set a video's status to any valid state, including "active" a. This bypasses the admin-controlled moderation and draft workflows. The setStatus method validates the status code again...

4.3CVSS6.1AI score0.00238EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:6 p.m.4 views

AVideo: Arbitrary Stripe Subscription Cancellation via Debug Endpoint and retrieveSubscriptions() Bug

Summary The StripeYPT plugin includes a test.php debug endpoint that is accessible to any logged-in user, not just administrators. This endpoint processes Stripe webhook-style payloads and triggers subscription operations, including cancellation. Due to a bug in the retrieveSubscriptions method...

6.5CVSS6AI score0.00281EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:6 p.m.4 views

AVideo: Unauthenticated File Deletion via PHP Operator Precedence Bug in CLI Guard

Summary The AVideo installation script install/deleteSystemdPrivate.php contains a PHP operator precedence bug in its CLI-only access guard. The script is intended to run exclusively from the command line, but the guard condition !phpsapiname === 'cli' never evaluates to true due to how PHP...

7.3CVSS5.9AI score0.00341EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:5 p.m.7 views

AVideo: Missing Authentication in CreatePlugin list.json.php Template Affects 21 Endpoints

Summary The AVideo CreatePlugin template for list.json.php does not include any authentication or authorization check. While the companion templates add.json.php and delete.json.php both require admin privileges, the list.json.php template was shipped without this guard. Every plugin that uses th...

7.5CVSS6AI score0.00376EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:4 p.m.3 views

AVideo: Unauthenticated Live Stream Termination via RTMP Callback on_publish_done.php

Summary The AVideo onpublishdone.php endpoint in the Live plugin allows unauthenticated users to terminate any active live stream. The endpoint processes RTMP callback events to mark streams as finished in the database, but performs no authentication or authorization checks before doing so. An...

7.5CVSS5.9AI score0.00479EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 9:3 p.m.15 views

NetBird has Race Condition on UpdateUser Function, Resulting in Privilege Escalation From Admin to Owner

Summary A race condition vulnerability allows authenticated admin-privileged users to escalate to owner privilege. Details The vulnerability exists in the updateUser function, which is connected to the /users/userId PUT request. This function then calls the SaveOrAddUsers function, which checks t...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 8:58 p.m.7 views

goshs has Auth Bypass via Share Token

Summary When using the Share Token it is possible to bypass the limited selected file download with all the gosh functionalities, including code exec. Details The BasicAuthMiddleware checks for a ?token= parameter before checking credentials. If the token exists in SharedLinks, the request passes...

8.1CVSS5.9AI score0.00392EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 8:54 p.m.6 views

AVideo: DOM XSS via Unsanitized Display Name in WebSocket Call Notification

Summary The AVideo YPTSocket plugin's caller feature renders incoming call notifications using the jQuery Toast Plugin, passing the caller's display name directly as the heading parameter. The toast plugin constructs the heading as raw HTML '' + heading + '' and inserts it into the DOM via jQuery...

6.4CVSS6.3AI score0.00279EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 8:54 p.m.13 views

AVideo: CSRF on Plugin Enable/Disable Endpoint Allows Disabling Security Plugins

Summary The AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoint checks for an active admin session but does not validate a CSRF token. Additionally, the plugins database table is explicitly listed in ignoreTableSecurityCheck,...

6.5CVSS6AI score0.00201EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 8:52 p.m.8 views

poetry-plugin-tweak-dependencies-version affected by CVE-2026-25645

Pin vulnerable version of requests library...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 8:48 p.m.5 views

AVideo: CSRF on emailAllUsers.json.php Enables Mass Phishing Email to All Users

Summary The AVideo endpoint objects/emailAllUsers.json.php allows administrators to send HTML emails to every registered user on the platform. While the endpoint verifies admin session status, it does not validate a CSRF token. Because AVideo sets SameSite=None on session cookies, a cross-origin...

6.5CVSS6AI score0.00157EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 8:47 p.m.8 views

c2cciutils affected by CVE-2022-40896

Pinned vulnerable version of Pygment CVE-2022-40896...

5.5CVSS5.8AI score0.00503EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 8:29 p.m.7 views

Auth0 PHP SDK has Insufficient Entropy in Cookie Encryption

Impact In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. Am I Affected? Consumers are affected if their application meets the following preconditions: - The...

9.8CVSS5.9AI score0.00221EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 8:25 p.m.48 views

Open WebUI has Broken Access Control in Tool Valves

Summary Broken Access Control in Tool Valves Open WebUI supports function calling through "Tools". Function calling allows an LLM to reliably connect to external tools and interact with external APIs. Exemplary use-cases include connecting to an internal knowledge base, retrieving emails from an...

7.7CVSS6AI score0.05271EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 7:52 p.m.8 views

Tinyauth has OAuth account confusion via shared mutable state on singleton service instances

Summary All three OAuth service implementations GenericOAuthService, GithubOAuthService, GoogleOAuthService store PKCE verifiers and access tokens as mutable struct fields on singleton instances shared across all concurrent requests. When two users initiate OAuth login for the same provider...

7.7CVSS6AI score0.00338EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 7:46 p.m.28 views

OpenSTAManager Affected by Remote Code Execution via Insecure Deserialization in OAuth2

Description The oauth2.php file in OpenSTAManager is an unauthenticated endpoint $skippermissions = true. It loads a record from the zzoauth2 table using the attacker-controlled GET parameter state, and during the OAuth2 configuration flow calls unserialize on the accesstoken field without any...

7.2CVSS6.3AI score0.0057EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 7:46 p.m.15 views

OpenSTAManager has a Time-Based Blind SQL Injection via `options[stato]` Parameter

Description Multiple AJAX select handlers in OpenSTAManager = 2.10.1 are vulnerable to Time-Based Blind SQL Injection through the optionsstato GET parameter. The user-supplied value is read from $superselect'stato' and concatenated directly into SQL WHERE clauses as a bare expression, without any...

8.8CVSS6.1AI score0.0046EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 7:45 p.m.5 views

aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage

Summary Insufficient restrictions in header/trailer handling could cause uncapped memory usage. Impact An application could cause memory exhaustion when receiving an attacker controlled request or response. A vulnerable web application could mitigate these risks with a typical reverse proxy...

7.5CVSS5.9AI score0.0044EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 7:20 p.m.5 views

Securing the open source supply chain across GitHub

Over the past year, a new pattern has emerged in attacks on the open source supply chain. Attackers are focusing on exfiltrating secrets like API keys in order to both publish malicious packages from an attacker-controlled machine as well as gain access to more projects in order to propagate the...

5.9AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/04/01 6:36 p.m.14 views

Temporal Server: attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster

A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the attacker to know or guess specific victim workflow IDs and, for signal operations, signal names. This was due to a bu...

2.3CVSS6.1AI score0.00248EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 6:36 p.m.9 views

Replicator deserializes untrusted user input

An unauthenticated Remote Code Execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...

6.5CVSS6AI score0.00368EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 4:8 p.m.9 views

Payload: Pre-Authentication Account Takeover via Parameter Injection in Password Recovery

Impact A vulnerability in the password recovery flow could allow an unauthenticated attacker to perform actions on behalf of a user who initiates a password reset. Users are affected if: - They are using Payload version v3.79.1 with any auth-enabled collection using the built-in forgot-password...

9.1CVSS5.9AI score0.00306EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/01 12:30 a.m.9 views

SiYuan vulnerable to reflected XSS via SVG namespace prefix bypass in SanitizeSVG (getDynamicIcon, unauthenticated)

Summary The SanitizeSVG function introduced in v3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as . The Go HTML5 parser records the element's tag as "x:script" rather than "script", so the tag check passes i...

8.6CVSS6.1AI score0.00469EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 12:25 a.m.7 views

@tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or Junctions

Summary @tinacms/graphql uses string-based path containment checks in FilesystemBridge: - path.resolvepath.joinbaseDir, filepath - startsWithresolvedBase + path.sep That blocks plain ../ traversal, but it does not resolve symlink or junction targets. If a symlink/junction already exists under the...

8.8CVSS5.9AI score0.00372EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities33181