Skip to main content
CVE-2026-27139 LOW PATCH Monitor

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. [CVSS 2.5 LOW]

Path Traversal Go
NVD VulDB
CVSS 3.1
2.5
EPSS
0.0%
CVE-2026-29110 LOW Monitor

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.0, in non-debug mode Cryptomator might leak cleartext paths into the log file. This can reveal meta information about the files stored inside a vault at a time, where the actual vault is closed. Not every cleartext path is logged. Only if a filesystem request fails for some reason (e.g. damaged encrypted file,...

Information Disclosure Cryptomator
NVD GitHub VulDB
CVSS 3.1
2.2
EPSS
0.0%
CVE-2026-3616 LOW Monitor

SQL injection in DefaultFunction Jeson CRM 1.0.0 allows authenticated attackers to manipulate the ID parameter in /modules/customers/edit.php and execute arbitrary SQL queries, potentially compromising data confidentiality and integrity. Public exploit code exists for this vulnerability, and no patch is currently available despite the identified fix commit hash.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3610 LOW Monitor

Reflected cross-site scripting in HSC Cybersecurity Mailinspector through version 5.3.2-3 allows remote attackers to inject malicious scripts via the error_description parameter in the URL handler component. Public exploit code exists for this vulnerability, which could enable attackers to steal session cookies or perform actions on behalf of authenticated users. Users should upgrade to version 5.4.0 or apply the available hotfix immediately.

PHP XSS
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy