๐จ CVE-2026-48777
FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted d.share.Path BEFORE the downstream sanitizer runs. Because filepath.Join collapses .. segments during the join, the sanitizer in resourcePatchHandler never sees the traversal and the move/copy/rename operates on a path outside the shared directory. The same root-cause pattern was patched for the bulk DELETE endpoint as CVE-2026-44542 (GHSA-fwj3-42wh-8673), but the PATCH handler with the identical pattern was not updated. A public share link with AllowModify=true is sufficient to exploit this. Anyone holding such a link can move, copy, or rename arbitrary files within the share owner's source root. This issue has been fixed in versions 1.3.3-stable and 1.4.2-beta.
๐@cveNotify
FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted d.share.Path BEFORE the downstream sanitizer runs. Because filepath.Join collapses .. segments during the join, the sanitizer in resourcePatchHandler never sees the traversal and the move/copy/rename operates on a path outside the shared directory. The same root-cause pattern was patched for the bulk DELETE endpoint as CVE-2026-44542 (GHSA-fwj3-42wh-8673), but the PATCH handler with the identical pattern was not updated. A public share link with AllowModify=true is sufficient to exploit this. Anyone holding such a link can move, copy, or rename arbitrary files within the share owner's source root. This issue has been fixed in versions 1.3.3-stable and 1.4.2-beta.
๐@cveNotify
GitHub
Release v1.3.3-stable ยท gtsteffaniak/filebrowser
What's Changed
Security:
[Critical] Path traversal in public share PATCH allows file ops outside shared directory -- thanks @fg0x0 and @Revanth011 for reporting GHSA-qqqm-5547-774x
Notes:
up...
Security:
[Critical] Path traversal in public share PATCH allows file ops outside shared directory -- thanks @fg0x0 and @Revanth011 for reporting GHSA-qqqm-5547-774x
Notes:
up...
๐จ CVE-2026-41711
Applications using Spring Data Commons may be vulnerable to a Denial of Service (DoS) attack leading to a StackOverflowException when parsing Sort parameters.
Affected versions:
Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through 3.2.15; 3.1.0 through 3.1.14; 3.0.0 through 3.0.15; 2.7.0 through 2.7.19.
๐@cveNotify
Applications using Spring Data Commons may be vulnerable to a Denial of Service (DoS) attack leading to a StackOverflowException when parsing Sort parameters.
Affected versions:
Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through 3.2.15; 3.1.0 through 3.1.14; 3.0.0 through 3.0.15; 2.7.0 through 2.7.19.
๐@cveNotify
CVE-2026-41711: Potential Denial of Service through crafted Sort Parameters
Level up your Java code and explore what Spring can do for you.
๐จ CVE-2026-41721
Spring Data Commons contains a vulnerability that can lead to a Denial of Service (DoS) condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lots of memory.
Affected versions:
Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through 3.2.15; 3.1.0 through 3.1.14; 3.0.0 through 3.0.15; 2.7.0 through 2.7.19.
๐@cveNotify
Spring Data Commons contains a vulnerability that can lead to a Denial of Service (DoS) condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lots of memory.
Affected versions:
Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through 3.2.15; 3.1.0 through 3.1.14; 3.0.0 through 3.0.15; 2.7.0 through 2.7.19.
๐@cveNotify
CVE-2026-41721: Spring Data Commons Denial of Service via Data Binding
Level up your Java code and explore what Spring can do for you.
๐จ CVE-2026-12161
Improper input validation in the SSH Elevate Shell feature in
Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user
with permission to create or modify a shared SSH entry to execute
arbitrary commands on a remote SSH host using stored elevation
credentials via a crafted alternate username and user interaction with
the Elevate Shell action.
๐@cveNotify
Improper input validation in the SSH Elevate Shell feature in
Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user
with permission to create or modify a shared SSH entry to execute
arbitrary commands on a remote SSH host using stored elevation
credentials via a crafted alternate username and user interaction with
the Elevate Shell action.
๐@cveNotify
Devolutions
advisories
Stay informed with Devolutions' latest security advisories on vulnerabilities, threats, and incident responses to enhance your cybersecurity posture.
๐จ CVE-2026-12162
Improper host validation in the social login autofill feature in
Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to
disclose stored social login credentials via a crafted web entry
pointing to a provider lookalike domain.
๐@cveNotify
Improper host validation in the social login autofill feature in
Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to
disclose stored social login credentials via a crafted web entry
pointing to a provider lookalike domain.
๐@cveNotify
Devolutions
advisories
Stay informed with Devolutions' latest security advisories on vulnerabilities, threats, and incident responses to enhance your cybersecurity posture.
๐จ CVE-2026-1766
A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM (Comment) tags. An attacker could exploit this by providing a malicious MP3 file, leading to a denial of service (DoS), which causes an application crash, and potentially disclosing sensitive information from the heap memory.
๐@cveNotify
A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM (Comment) tags. An attacker could exploit this by providing a malicious MP3 file, leading to a denial of service (DoS), which causes an application crash, and potentially disclosing sensitive information from the heap memory.
๐@cveNotify
๐จ CVE-2026-1767
A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length calculation during the parsing of performer tags can lead to a read beyond the allocated buffer, potentially causing a Denial of Service (DoS) due to a crash or enabling information disclosure.
๐@cveNotify
A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length calculation during the parsing of performer tags can lead to a read beyond the allocated buffer, potentially causing a Denial of Service (DoS) due to a crash or enabling information disclosure.
๐@cveNotify
๐จ CVE-2026-12289
Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2023443. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12298
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2041981. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12299
JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2043139. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12303
Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2034608. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12311
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2040177. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12313
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2040477. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12319
Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2026933. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12320
Information disclosure in the Password Manager component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
Information disclosure in the Password Manager component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2027572. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12321
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2032943. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12322
Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2033848. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12323
Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2035027. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-24155
NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
๐@cveNotify
NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
๐@cveNotify
๐จ CVE-2026-24228
NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure.
๐@cveNotify
NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure.
๐@cveNotify