Briefs

A critical OS command injection vulnerability (CVE-2026-5485) in the Amazon Athena ODBC driver before 2.0.5.1 for Linux allows local attackers to execute arbitrary code via specially crafted connection parameters.

A supply chain attack on the Axios NPM package injected malicious code into versions v1.14.1 and v0.30.4, leading to the deployment of platform-specific remote access trojans (RATs) after the installation of a rogue dependency that communicated with attacker-controlled infrastructure to retrieve malicious payloads for Windows, MacOS, and Linux.

A command injection vulnerability exists in Budibase's bash automation step due to insufficient sanitization, allowing attackers with automation modification access to inject arbitrary shell commands, leading to remote code execution.

A critical Server-Side Request Forgery (SSRF) vulnerability in Budibase's REST datasource connector allows attackers with Builder privileges to exfiltrate sensitive data from internal network services due to a missing default IP blacklist.

The goshs application is vulnerable to unauthenticated path traversal (CVE-2026-35471) due to a missing return statement in the `deleteFile()` function, allowing attackers to delete arbitrary files and directories using a crafted GET request.

An authenticated user, machine, or controller within a Juju controller can modify application resources due to a lack of authorization checks, potentially leading to resource poisoning and privilege escalation by uploading malicious resources.

An unauthenticated attacker can exploit an uncontrolled resource consumption vulnerability in Mesop versions 1.2.3 to 1.2.4 by sending a rapid succession of WebSocket messages, leading to thread exhaustion and a denial-of-service condition.

OpenEXR is vulnerable to a heap information disclosure in PXR24 decompression, where the undo_pxr24_impl function ignores the actual decompressed size, potentially leading to the exposure of uninitialized heap memory when processing crafted EXR files.

A path traversal vulnerability exists in prompts.chat prior to commit 0f8d4c3, allowing attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames.

The Signal K server is vulnerable to privilege escalation due to the /skServer/enableSecurity endpoint remaining active after initial setup, allowing unauthenticated users to inject a new admin account and gain full server control; this affects versions prior to 2.24.0-beta.4.

The ProfilePress WordPress plugin before 4.16.12 is vulnerable to an unauthorized membership payment bypass, allowing authenticated attackers to obtain paid memberships without payment by manipulating subscription IDs during checkout.

The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the 'feed_data' parameter, allowing unauthenticated attackers to inject arbitrary web scripts in pages that will execute when a user accesses the injected page.

pyLoad is vulnerable to arbitrary code execution via an unprotected `storage_folder` configuration option, allowing an attacker with `SETTINGS` and `ADD` permissions to write a malicious pickle payload to the Flask session store and execute arbitrary code upon subsequent HTTP requests.

A vulnerable libp2p-rendezvous server can be crashed via a denial-of-service attack where an unauthenticated peer registers unlimited namespaces, leading to memory exhaustion.

A Zip Slip vulnerability in coder/code-marketplace allows authenticated users to upload malicious VSIX files containing path traversal entries, leading to arbitrary file writes outside the extension directory and potentially enabling persistence.

A vulnerability in Directus versions prior to 11.17.0 allows authenticated users to extract concealed field values, including static API tokens and two-factor authentication secrets from directus_users, via aggregate queries.

A context isolation bypass vulnerability exists in Electron applications that bridge VideoFrame objects via contextBridge, potentially allowing an attacker with JavaScript execution in the main world to access the isolated world and Node.js APIs.

PraisonAI Gateway server versions prior to 4.5.97 allow unauthenticated access to WebSocket connections and agent topology, enabling unauthorized message sending and agent enumeration.

PraisonAI versions prior to 1.5.90 are vulnerable to OS Command Injection (CVE-2026-34937) due to insufficient escaping in the run_python() function, allowing arbitrary OS command execution via shell interpolation.

Emlog versions 2.6.2 and prior are vulnerable to path traversal via crafted ZIP uploads, allowing authenticated admins to write arbitrary files and achieve remote code execution.

CVE-2021-4477 describes a firewall bypass vulnerability in Hirschmann HiLCOS OpenBAT and BAT450 products that can be exploited by establishing IPv6 IPsec connections (IKEv1 or IKEv2) while using an IPv6 Internet connection, allowing attackers to bypass configured firewall rules.

BentoML versions 1.4.37 and earlier are vulnerable to server-side template injection (SSTI), where the Dockerfile generation function uses an unsandboxed jinja2.Environment allowing arbitrary Python code execution on the host machine when a malicious bento archive is imported and containerized, bypassing container isolation and potentially granting full access to the host filesystem and environment variables.

OAuthenticator versions prior to 17.4.0 contain an authentication bypass vulnerability (CVE-2026-33175) that allows an attacker with an unverified email address on an Auth0 tenant to log in to JupyterHub when email is used as the username claim, potentially leading to account takeover.

A SQL Injection vulnerability (CVE-2026-27834) exists in Piwigo versions prior to 16.3.0, allowing authenticated administrators to execute arbitrary SQL commands via the pwg.users.getList Web Service API method.

CVE-2026-27885 is a SQL Injection vulnerability in Piwigo before version 16.3.0, affecting the Activity List API endpoint, allowing an authenticated administrator to extract sensitive data.

Piwigo versions prior to 16.3.0 expose the full browsing history of gallery visitors to unauthenticated users via the pwg.history.search API method due to a missing authorization check.

The fast-jwt library fails to validate the 'crit' header, allowing attackers to bypass security policies and potentially achieve split-brain verification in mixed-library environments.

A sandbox integrity escape vulnerability exists in SandboxJS versions prior to 0.8.36, allowing untrusted code to bypass global write protections and mutate host shared global objects, potentially leading to cross-context persistence and broader compromise.

curl_cffi versions before 0.15.0 are vulnerable to server-side request forgery (SSRF) due to unrestricted redirects to internal IP ranges, potentially enabling access to sensitive internal resources and cloud metadata.

A man-in-the-middle vulnerability exists in Amazon Athena ODBC driver versions prior to 2.1.0.0 due to improper certificate validation, potentially allowing attackers to intercept authentication credentials when connecting to external identity providers.