Monthly
Permission-sandbox bypass in the Deno runtime (versions <= 2.7.13) on macOS lets untrusted code reach paths that operators explicitly blocked with --deny-read, --deny-write, --deny-run, or --deny-ffi. Because Deno compared paths byte-for-byte while APFS treats Unicode-equivalent and case-equivalent spellings as the same file, a script granted broad --allow-* but with --deny-* carve-outs can read, write, execute, or FFI-load a protected file by referring to it with an alternate spelling (NFD vs NFC, case folding, ligatures, or German ss vs ß). No public exploit identified at time of analysis, and EPSS is low (0.14%), but the bypass is trivial to perform once an attacker controls the path string.
Path traversal in Fission's SanitizeFilePath function (pkg/utils/utils.go) allows a low-privileged tenant to read or write files outside an intended safe directory on a shared Kubernetes volume. Versions prior to 1.25.0 validated directory confinement using strings.HasPrefix, which performs a purely lexical string comparison: a sibling path such as /packages-extra/evil incorrectly passes a check for the safe directory /packages because it satisfies the string prefix condition without a directory-separator boundary. The builder's Clean handler and the fetcher's Fetch and Upload handlers were all affected. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV.
Cross-site scripting (XSS) in GitLab CE/EE versions 18.10.0-18.10.3 and 18.11.0 enables unauthenticated attackers to execute arbitrary JavaScript in victim browser sessions via improper path validation. GitLab disclosed this vulnerability with publicly available exploit code (HackerOne report 3572231), though CISA SSVC indicates no active exploitation confirmed at time of analysis. CVSS 8.0 reflects the changed scope (S:C) allowing impact beyond the vulnerable component, though High attack complexity (AC:H) and required user interaction (UI:R) limit ease of exploitation. Patched in versions 18.10.4 and 18.11.1.
OpenClaw before version 2026.3.22 contains a path traversal vulnerability in Windows media loaders that accepts remote-host file URLs and UNC-style network paths without proper local-path validation, allowing unauthenticated remote attackers to bypass access restrictions and read local files. With a CVSS score of 6.9 and network-based attack vector requiring no user interaction, this vulnerability presents moderate risk to systems processing untrusted media content. No public exploit code or active exploitation has been confirmed at the time of analysis.
Windows MapUrlToZone security bypass in Windows 11 24H2, Windows 10 21H2, and Windows Server 2016/2025 allows unauthenticated remote attackers to circumvent zone-based security restrictions through improper path equivalence resolution. An attacker can exploit this network-accessible vulnerability without user interaction to bypass intended access controls. No patch is currently available for this high-severity vulnerability.
A parsing issue in the handling of directory paths was addressed with improved path validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In lunary-ai/lunary, the privilege check mechanism is flawed in version git afc5df4. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
Permission-sandbox bypass in the Deno runtime (versions <= 2.7.13) on macOS lets untrusted code reach paths that operators explicitly blocked with --deny-read, --deny-write, --deny-run, or --deny-ffi. Because Deno compared paths byte-for-byte while APFS treats Unicode-equivalent and case-equivalent spellings as the same file, a script granted broad --allow-* but with --deny-* carve-outs can read, write, execute, or FFI-load a protected file by referring to it with an alternate spelling (NFD vs NFC, case folding, ligatures, or German ss vs ß). No public exploit identified at time of analysis, and EPSS is low (0.14%), but the bypass is trivial to perform once an attacker controls the path string.
Path traversal in Fission's SanitizeFilePath function (pkg/utils/utils.go) allows a low-privileged tenant to read or write files outside an intended safe directory on a shared Kubernetes volume. Versions prior to 1.25.0 validated directory confinement using strings.HasPrefix, which performs a purely lexical string comparison: a sibling path such as /packages-extra/evil incorrectly passes a check for the safe directory /packages because it satisfies the string prefix condition without a directory-separator boundary. The builder's Clean handler and the fetcher's Fetch and Upload handlers were all affected. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV.
Cross-site scripting (XSS) in GitLab CE/EE versions 18.10.0-18.10.3 and 18.11.0 enables unauthenticated attackers to execute arbitrary JavaScript in victim browser sessions via improper path validation. GitLab disclosed this vulnerability with publicly available exploit code (HackerOne report 3572231), though CISA SSVC indicates no active exploitation confirmed at time of analysis. CVSS 8.0 reflects the changed scope (S:C) allowing impact beyond the vulnerable component, though High attack complexity (AC:H) and required user interaction (UI:R) limit ease of exploitation. Patched in versions 18.10.4 and 18.11.1.
OpenClaw before version 2026.3.22 contains a path traversal vulnerability in Windows media loaders that accepts remote-host file URLs and UNC-style network paths without proper local-path validation, allowing unauthenticated remote attackers to bypass access restrictions and read local files. With a CVSS score of 6.9 and network-based attack vector requiring no user interaction, this vulnerability presents moderate risk to systems processing untrusted media content. No public exploit code or active exploitation has been confirmed at the time of analysis.
Windows MapUrlToZone security bypass in Windows 11 24H2, Windows 10 21H2, and Windows Server 2016/2025 allows unauthenticated remote attackers to circumvent zone-based security restrictions through improper path equivalence resolution. An attacker can exploit this network-accessible vulnerability without user interaction to bypass intended access controls. No patch is currently available for this high-severity vulnerability.
A parsing issue in the handling of directory paths was addressed with improved path validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In lunary-ai/lunary, the privilege check mechanism is flawed in version git afc5df4. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.