5.9
CVE-2026-24910 -
In Bun before 1.3.5, the default trusted dependencies list (aka trust allow list) can be spoofed by a non-npm package in the case of a matching name (for file, link, git, or github).
5.9
CVE-2026-24909 -
vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction.
7.5
CVE-2026-24783 - soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math wiโฆ
soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the `mulDiv(x, y, z)` function incorrectly handled cases where both the intermediate product $x * y$ and the divisor $z$ were negative. The logic assumed that if the intermediate product โฆ
7.1
CVE-2026-24779 - vLLM vulnerable to Server-Side Request Forgery (SSRF) in `MediaConnector`
vLLM is an inference and serving engine for large language models (LLMs). Prior to version 0.14.1, a Server-Side Request Forgery (SSRF) vulnerability exists in the `MediaConnector` class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods obtain and pโฆ
8.8
CVE-2026-24778 - Ghost vulnerable to XSS via malicious Portal preview links
Ghost is an open source content management system. In Ghost versions 5.43.0 through 5.12.04 and 6.0.0 through 6.14.0, an attacker was able to craft a malicious link that, when accessed by an authenticated staff user or member, would execute JavaScript with the victim's permissions, potentially leadโฆ
9.8
CVE-2026-24770 - RAGFlow Affected by Zip Slip Remote Code Execution (RCE) in MinerUParser
RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In version 0.23.1 and possibly earlier versions, the MinerU parser contains a "Zip Slip" vulnerability, allowing an attacker to overwrite arbitrary files on the server (leading to Remote Code Execution) via a malicious ZIP archiโฆ
7.8
CVE-2026-24765 - PHPUnit Vulnerable to Unsafe Deserialization in PHPT Code Coverage Handling
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the `cleanupForCoverage()` method, which deserialiโฆ
6.9
CVE-2026-24748 - Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access
Kargo manages and automates the promotion of software artifacts. Prior to versions 1.8.7, 1.7.7, and 1.6.3, a bug was found with authentication checks on the `GetConfig()` API endpoint. This allowed unauthenticated users to access this endpoint by specifying an `Authorization` header with any non-eโฆ
8.8
CVE-2026-24747 - PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentialโฆ
8.1
CVE-2026-24741 - ConvertX Vulnerable to Arbitrary File Deletion via Path Traversal in `POST /delete`
ConvertXis a self-hosted online file converter. In versions prior to 0.17.0, the `POST /delete` endpoint uses a user-controlled `filename` value to construct a filesystem path and deletes it via `unlink` without sufficient validation. By supplying path traversal sequences (e.g., `../`), an attackerโฆ