•13 minutes ago•CVE-2026-25896
9.3Regex Injection in fast-xml-parser: Shadowing the <
A critical regex injection vulnerability exists in the `fast-xml-parser` library (versions 4.1.3 to <5.3.5). The parser constructs regular expressions dynamically from untrusted DOCTYPE entity names without proper escaping. This allows attackers to define malicious entities that 'shadow' built-in XML entities like `<` or `&`. By replacing these safe entities with arbitrary content, attackers can bypass entity encoding and achieve Cross-Site Scripting (XSS) in downstream applications relying on the parser's output.
0 views•5 min read
•about 3 hours ago•GHSA-83PF-V6QQ-PWMR
8.9Fickling Fumbled: The Art of Bypassing Python Pickle Analysis
A critical bypass in Trail of Bits' Fickling static analyzer allows malicious Python pickle files to evade detection. By leveraging overlooked standard library modules like 'ftplib' and 'smtplib', attackers can trigger Server-Side Request Forgery (SSRF) and local network scanning even when the file is deemed 'safe' by the analyzer. This vulnerability highlights the inherent fragility of blocklist-based security in dynamic languages.
2 views•6 min read
•about 10 hours ago•GHSA-8QM3-746X-R74R
7.5Devaluing Security: Prototype Pollution in `devalue`
A high-severity Prototype Pollution vulnerability has been discovered in `devalue`, a popular library used for serializing JavaScript values, particularly in Server-Side Rendering (SSR) contexts like Svelte and Nuxt. The flaw allows attackers to inject `__proto__` properties into serialized objects. When these objects are deserialized (typically via execution on the client side), the global `Object.prototype` becomes polluted, potentially leading to Denial of Service (DoS), Cross-Site Scripting (XSS), or logic bypasses in the target application.
5 views•5 min read
•about 10 hours ago•GHSA-33HQ-FVWR-56PM
7.5The Billion-Comma Attack: Nuking Svelte SSR with Sparse Arrays
A critical algorithmic complexity vulnerability in the `devalue` library, a staple of the Svelte ecosystem, allows attackers to trigger Denial of Service (DoS) via memory exhaustion. By supplying specially crafted sparse arrays—arrays with massive lengths but few actual elements—attackers can force the serialization engine into an O(L) operation (where L is length) rather than O(N) (where N is elements). This results in the server attempting to allocate gigabytes of memory to represent 'empty' space.
3 views•6 min read
•about 11 hours ago•GHSA-6QR9-G2XW-CW92
9.8Dagu: The Friendly Ghost that Runs Your Malware (GHSA-6QR9-G2XW-CW92)
Dagu, a lightweight Go-based workflow engine often used as a cron alternative, inadvertently provided 'RCE as a Service' in its default configuration. By failing to enforce authentication on API endpoints that accept inline DAG definitions, it allowed any unauthenticated attacker to execute arbitrary shell commands on the host server via simple HTTP requests.
7 views•4 min read
•about 19 hours ago•GHSA-4685-C5CP-VP95
4.3OpenClaw Open Wide: Bypassing 'Safe' Execution with Basic Unix Flags
The road to remote code execution is often paved with good intentions and 'safe' lists. OpenClaw, an execution approval system, attempted to reduce user friction by allowing specific 'safe binaries' (like `grep` and `sort`) to run without manual approval, provided they only accepted input from stdin. Unfortunately, the developers underestimated the sheer power of 50-year-old Unix utilities. By failing to account for binary-specific flags that override standard I/O streams, the system allowed attackers to turn a simple text sorter into an arbitrary file writer and a text searcher into a recursive filesystem exfiltrator. This vulnerability highlights the classic security pitfall of blacklisting arguments instead of whitelisting strict behaviors.
3 views•5 min read
•about 19 hours ago•GHSA-6C9J-X93C-RW6J
4.3OpenClaw Side-Channel: The `safeBins` File Existence Oracle
A logic flaw in the OpenClaw AI agent framework's command validation layer created a boolean side-channel, allowing attackers to probe the host filesystem. By attempting to prevent agents from accessing sensitive files via 'safe' binaries, the validation logic inadvertently revealed the existence of those files through error message discrepancies.
8 views•6 min read
•about 20 hours ago•GHSA-J9WF-6R2X-HQMX
6.5Centrifugo v6.6.0: The Supply Chain Trojan Horse
A classic supply chain compromise affecting the Centrifugo real-time messaging server. Version v6.6.0 shipped with vulnerable third-party Go dependencies, effectively embedding critical flaws directly into the build artifact. This advisory highlights the risks of transitive dependencies in modern Go applications, where a single outdated package can turn a secure fortress into a house of cards.
3 views•6 min read
•about 23 hours ago•CVE-2026-24122
3.7Time Travelers & Zombie Chains: Deep Dive into CVE-2026-24122 in Sigstore Cosign
A temporal logic flaw in Sigstore Cosign's certificate validation allowed expired intermediate Certificate Authorities to validate signatures if the leaf certificate was issued before the parent's expiration. While low severity for the public Sigstore infrastructure due to ephemeral certificates, this flaw exposes private PKI deployments to 'Zombie Cert' attacks.
6 views•7 min read
•about 23 hours ago•GHSA-VRHM-GVG7-FPCF
7.5SvelteKit Remote Functions: Death by Type Coercion
A denial-of-service vulnerability in SvelteKit's experimental 'remote functions' feature allows attackers to crash the server via memory exhaustion. By manipulating a JSON-encoded 'file offset table' within a custom binary form payload, an attacker can trigger JavaScript type coercion that expands a small payload into gigabytes of string data, overwhelming the Node.js heap.
7 views•5 min read
•about 24 hours ago•GHSA-R5FQ-947M-XM57
8.5OpenClaw: When Your AI Assistant Decides to Patch Your System Config
An analysis of a critical path traversal vulnerability in OpenClaw's agent tooling, specifically the `apply_patch` function. This flaw allowed AI agents (or attackers manipulating them via prompt injection) to escape the workspace sandbox and overwrite arbitrary files on the host system, leading to potential Remote Code Execution (RCE).
7 views•5 min read
•1 day ago•GHSA-88QP-P4QG-RQM6
7.5SvelteKit Remote Functions: The Cost of Experimental Features
An experimental feature in SvelteKit introduced a severe Denial of Service vulnerability via the binary form deserialization logic. By exploiting how the 'devalue' library handles object references and type coercion, an attacker can trigger massive CPU consumption.
4 views•6 min read