Tag

Arbitrary-File-Overwrite

2 briefs RSS

compressing npm Package Symlink Bypass Vulnerability

A vulnerability in the `compressing` npm package (<=v2.1.0) allows for arbitrary file overwrite via symlink path traversal, bypassing a previous patch for CVE-2026-24884.

npm supply-chain symlink directory-traversal privilege-escalation arbitrary-file-overwrite

3r 5t 1c 1i 2w ago

critical advisory

UXGROUP Cast to TV Screen Mirroring Arbitrary File Overwrite Vulnerability (CVE-2026-30282)

2 rules 4 TTPs 1 CVE 1 IOC

UXGROUP LLC Cast to TV Screen Mirroring v2.2.77 is vulnerable to arbitrary file overwrite (CVE-2026-30282) via the file import process, allowing attackers to overwrite critical internal files and potentially achieve arbitrary code execution or information exposure.

arbitrary-file-overwrite code-execution information-disclosure cve-2026-30282

2r 4t 1c 1i Mar 31, 2026