● Live advisory feed
Security Advisory Fusion for CSIRTs, SOCs & Defenders
Security advisories from 24 sources — CISA, CERT-EU, NCSC-UK, BSI, CERT-FR, NCSC-NL, JPCERT/CC, JVN, HKCERT, the Canadian Cyber Centre, NVD, GitHub, Microsoft, Cisco, Fortinet, Palo Alto Networks and more — normalized, translated to English and flagged against the CISA KEV catalog. One global feed for CSIRTs, SOCs and defenders.
In target-directory forms (ln SOURCE... DIRECTORY), ln rejects source paths with non-UTF-8 filename bytes, while GNU accepts them. Breaks GNU compatibility for byte-oriented filenames on Unix filesystems.
PoC:
name=$(printf 'bad_\377'); mkdir dst; : > "$name"; ln "$name" dst
GN…
The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::from_utf8_lossy(), which replaces invalid UTF-8 byte sequences with the Unicode replacement character (U+FFFD). This behavior diff…
The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable. Unlike GNU mktemp, which falls back to /tmp when TMPDIR is an empty string, the uutils implementation treats the empty string as a valid path. This causes temporary files to be c…
In Chmoder::chmod() the recursive branch overwrites the running result instead of accumulating it, so the exit code reflects only the *last* file processed:
if self.recursive {
r = self.walk_dir_with_context(file, true); // overwrites r
} else {
r = self.chmod_file(file).and(r);…
Chmoder::chmod() only compares the literal argument against Path::new("/"), so the --preserve-root guard is bypassed by any path that *resolves* to root — a symlink to / or simply /../.
if self.recursive && self.preserve_root && file == Path::new("/") {
return Err(ChmodError::Pr…
Unauthenticated Command Execution via HTTP MCP execute_module
Summary
The HTTP MCP endpoint (POST /mcp) in flyto-core accepts unauthenticated JSON-RPC tools/call requests and dispatches them to arbitrary registered modules, including sandbox.execute_shell, which passes attacker…
Summary
flyto-core's SSRF protection (validate_url_ssrf / is_private_ip in src/core/utils.py) blocks private and metadata destinations by resolving the host and testing the resulting IP for membership in a hardcoded PRIVATE_IP_RANGES list. That list contains only the *native* RF…
<!-- obsidian --><h2 data-heading="Description">Description</h2>
<p>When a host pushes a CLR object into a Scriban <code>TemplateContext</code> via the standard, documented pattern —</p>
<pre><code class="language-csharp">var so = new ScriptObject();
so["user"] = currentUser; // …
Summary
A CSS injection issue exists in WeasyPrint when HTML presentational hints are enabled. Unescaped attribute values are embedded into CSS, allowing injection of arbitrary CSS declarations. This affects applications processing untrusted HTML input.
Details
File: weasyprint/…
Impact
When Cilium L7 functionality is enabled on a cluster, the Envoy instance supporting this functionality creates a world-accessible socket on cluster nodes. A local attacker would be able to access Envoy admin endpoints. Depending on deployment configuration, this can expos…
Summary
The predicted datapoint write endpoint allows users with only read:assets privileges to write predicted datapoints.
The endpoint:
PUT /api/{realm}/asset/predicted/{assetId}/{attributeName}
accepts write requests from users lacking write:assets.
The implementation app…
Summary
Formie Hidden fields could evaluate request-derived values as Twig during front-end form rendering.
When a Hidden field used a dynamic default value such as HTTP User Agent, Referer URL, Current URL, Query Parameter, or Cookie Value, the value was copied from the incomin…
Summary
A memory-safety vulnerability in Open Babel's MOPAC output parser
allowed an out-of-bounds write into the translationVectors[] array
when reading the "UNIT CELL TRANSLATION" block of a crafted input
file.
Details
The MOPAC output reader stored translation vectors from …
Impact
Recce OSS server deployments that expose the server to an untrusted network without authentication are vulnerable to unauthenticated SQL execution through the query run API.
When Recce is configured with a DuckDB-backed project, an attacker can use DuckDB filesystem primi…
Summary
The fix for CVE-2026-46339 (unauthenticated RCE via unprotected MCP plugin routes) introduced a local-only access gate in src/dashboardGuard.js that restricts spawn-capable routes (/api/mcp/*, /api/tunnel/*, /api/cli-tools/*) to loopback requests. The gate determines "lo…
The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height and encoded size) to make the decoder decode large amounts of compressed data.
Summary
9router uses a publicly known hardcoded string "9router-default-secret-change-me" as the fallback of JWT secret for all Dashboard session JWTs when the JWT_SECRET environment variable is not set. Because this secret is committed in the public repository and unchanged acro…
Kiwi TCMS provides the /init-db/ page as part of its setup mechanism for administrators who prefer a browser instead of the command line. In previous versions of Kiwi TCMS this page still renders and responds to requests even after first use.
Impact
The /init-db/ page does not …
Summary
An unauthenticated path traversal in the LaunchServer HTTP file server (FileServerHandler) lets any remote actor read any file readable by the LaunchServer process (e.g. ../../../../etc/passwd). This is a generic arbitrary-file-read primitive, so the fix must address the …
Summary
SimpleSAMLphp's SAML SP ACS path does not enforce the IdP selected for an SP-initiated login. If a saved SP state contains ExpectedIssuer = IdP A, but the ACS receives a valid response from IdP B, the code logs a warning and continues processing instead of rejecting the …
Summary
Algernon selects its file handler from filepath.Ext() (engine/handlers.go:134), which does not treat the NTFS-equivalent names x.lua::$DATA, x.lua., or x.lua as .lua. On Windows, an unauthenticated client appends one of these suffixes to any server-side script on a publi…
Summary
On 32-bit platforms, decoding a crafted image may lead to out-of-bounds writes due to integer overflow in length calculation.
Details & PoC
The test listed below fail under miri with command cargo +nightly miri test --release -p jxl-grid
Or you can use Address Sanitiz…
Summary
jxl-oxide exposes a public safe API that can construct an undersized FrameBuffer due to unchecked usize multiplication, which immediately trigger panic while initializing the buffer in normal decoding path.
Additionally, calling the safe grouped buffer accessors afterwar…
Summary
Logic bug in decode_simple_table_slow may cause integer arithmetic overflow when decoding Modular image with certain kind of MA tree, which may panic with overflow-checks enabled.
Impact
Denial of service: any application passing untrusted JXL data to JxlImage::render_fr…
Summary
Kimai 2.56.0 contains an authenticated improper authorization / IDOR vulnerability in the favorite timesheet add and remove endpoints. A low-privileged user who knows another user's timesheet.id can add that record to, or remove it from, the victim's favorite/recent book…
Keycloak's SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response, injecting an encrypted assertion for an arbitrary p…
Summary
fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject path separators or normalize the path before checking whether the session file exists. …
Summary
Configuring encrypt:rsa:algorithm=OAEP does not enable OAEP encryption. Due to an incorrect BouncyCastle transformation string, the OAEP setting selects PKCS#1 v1.5, which is the same algorithm as the DEFAULT setting.
Impact
Operators who configure encrypt:rsa:algorith…
Summary
When MySQL or PostgreSQL service bindings from VCAP_SERVICES include TLS client credentials, the Connectors library writes those credentials to temporary files in Path.GetTempPath() using File.CreateText. On Linux, File.CreateText creates files with mode 0644 (world-read…
Summary
The JWT signing key cache in TokenKeyResolver uses kid as the sole cache key without namespacing by authority. In applications with multiple JwtBearer schemes pointing to different identity providers, a key fetched for one scheme can satisfy token validation for another.…
Summary
All Steeltoe actuator endpoints default to EndpointPermissions.Restricted, which is mapped to Cloud Foundry's read_basic_data permission (granted to Space Auditors and similar low-trust roles). Sensitive actuators including heap dump, environment, and thread dump do not …
Summary
The Sanitizer component in the Environment actuator redacts configuration values by matching the configuration key name against a suffix list. The default list (password, secret, key, token, .*credentials.*, vcap_services) does not cover the standard .NET pattern Connect…
Summary
DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite the Java Eureka specification defining a third valid value: "Netflix". The exception propagates through the entire registry deserialization chain and is swallowed …
Summary
When Steeltoe management endpoints are configured to listen on an alternate port (Management:Endpoints:Port is configured), the middleware responsible for restricting access to the endpoints uses the Host HTTP header rather than the actual network socket port.
Impact
A…
Summary
This library turned out to be vulnerable to Denial-of-Service attacks using XPath transforms. A mitigation has been put in place to restrict the number of transforms and to restrict transforms to only the transform-algorithms mentioned in the SAML 2.0 Core Specifications…
Am I affected
You are affected if:
1. You run zebrad up to and including v4.4.1.
2. Your node listens on the default [::] address on a Linux host (the standard deployment configuration — net.ipv6.bindv6only=0 is the default on all common Linux distributions).
3. Your node is sy…
Summary
SimpleSAMLphp's HTTP-Artifact receive path can treat an unsigned embedded SAML Response as cryptographically valid for the wrong IdP.
In the HTTPArtifact::receive() flow, the SOAP ArtifactResponse receives a TLS-based validator from SOAPClient::addSSLValidator(). The em…
Summary
In the Debian.sudoers file, apt-get is allowed for the nagios user. The full command including the arguments are not enforced and can therefore be choosen arbitrarily. This allows to easily get a root shell as the nagios user:
PoC
By choosing a particular argument, you c…
Summary
The HTMLInputElement.checkValidity() method constructed a RegExp directly from the user-controlled pattern property without any sanitization or timeout protection. This allowed an attacker to inject a regex with catastrophic backtracking, freezing the event loop.
Fix
F…
Summary
The matchFileSnapshot function in src/assertions/snapshots.ts accepted a filePath parameter with zero validation. When snapshot update mode was active (UPDATE_SNAPSHOTS=1 or setUpdateMode('all')), an attacker who controls test input could write arbitrary content to any f…
Unauthenticated RCE via /api/tunnel/tailscale-install
Affected: 9router (npm package) — current master (v0.4.39).
Summary
POST /api/tunnel/tailscale-install accepts a JSON body with a sudoPassword field and pipes it, followed by the body of https://tailscale.com/install.sh, in…
Summary
UForm and UAuthForm render a server-side <form> element with no method and no action attribute, relying on a hydrated @submit.prevent handler to intercept submission. If a user submits the form before Vue hydration has attached the handler (autofill plus Enter on a slow …
Impact
In JSONata <v2.2.0, it is possible to craft non-matching inputs to the $toMillis function that cause superlinear backtracking in the ISO-8601 validation regex. This may lead to denial of service in applications that evaluate user-provided JSONata expressions.
Patches
This…
Am I affected
You are affected if:
1. You run zebrad up to and including v4.4.1.
2. Your node accepts inbound P2P connections (network.listen_addr is set, which is the default).
3. Your node's mempool is active (node is synced near the chain tip).
All default configurations ar…
Am I affected
You are affected if:
1. You run zebrad up to and including v4.4.1.
2. Your node participates in a network where chain forks occur (mainnet, testnet, or any network with multiple miners).
All default configurations are affected. The corruption persists across rest…
We have identified an authorization issue in Craft CMS where a forced folder move can delete a conflicting destination folder without destination delete permission.
Description
Craft CMS’s craft\\controllers\\AssetsController::actionMoveFolder() supports moving an asset folder …
Summary
There is a mass-assignment flaw in the bulk-duplicate element action. Alice, holding only the permission to duplicate an entry she owns, submits an arbitrary id through the newAttributes request parameter. The duplication routine overrides its own id = null reset with th…
Summary
A stored Cross-Site Scripting (XSS) vulnerability exists in the project selector component of Mautic 7. When rendering selection menus for associating projects with system entities, the application fails to sanitize project names returned via AJAX before injecting them in…
Summary
A stored Cross-Site Scripting (XSS) vulnerability exists in the Projects component of Mautic 7. When displaying project tags and popovers on administrative detail views (such as campaigns, emails, or forms), user-supplied project names are rendered without proper sanitiza…
Summary
An authorization bypass vulnerability exists in the Mautic 7 API v2 endpoints (utilizing API Platform). Under certain conditions, roles configured with owner-scope restrictions (such as viewown or editown) are not properly enforced. This allows low-privilege authenticated…