CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
In Vim prior to version 9.2.0495, a Vimscript code injection vulnerability exists in the s:NetrwBookHistSave() function of the netrw plugin. A directory name from the filesystem is interpolated into a single-quoted Vimscript string without escaping embedded single quotes, allowing arbitrary Vimscript execution, including shell commands, when the history file is sourced.
mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, this server exposes three environment variables intended for access control to Kubernetes operations, but these controls were only effective at the tool discovery layer, not at the execution layer.
Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authenticated attacker possessing standard node-level credentials could leverage these endpoints to potentially retrieve unauthorized secrets or cause a denial of service (DoS).
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation.
An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). Adding sizeof(uint32_t) to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer overflow of up to approximately 2 megabytes of attacker-controlled data.
A permissions issue was addressed with additional restrictions. An app may be able to access protected user data.
The issue was addressed with improved checks. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.
This issue was addressed with improved checks to prevent unauthorized actions. An app may be able to break out of its sandbox.
KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code. This is exploited by passing the global require function into a Node.js vm.runInNewContext() sandbox context in the issue-auto-respond.yml workflow.
The Fediverse Embeds plugin prior to version 1.5.8 registered an unauthenticated REST route that accepted a base64-encoded URL and forwarded it to wp_remote_get without enforcing an allowlist. Version 1.5.7 did not validate the request, leading to the potential for full data read by anonymous users.
A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.
In version 0.2.6 of the tmp library for node.js, there is a vulnerability that allows bypassing the _assertPath guard. This enables an attacker to create a file or directory in a location controlled by them, using incorrect type values that are not strings.
The tmp package for node.js prior to version 0.2.6 contained a path traversal vulnerability that allowed escaping the intended temporary directory. Attackers could exploit traversal sequences or path separators to create files in attacker-controlled locations.
A vulnerability in Axios versions before 0.32.0 (0.x line) and before 1.16.0 (1.x line) builds a regular expression from the configured XSRF cookie name without escaping regex metacharacters. An attacker who can influence the cookie name passed to Axios can cause expensive regex backtracking while Axios reads document.cookie, leading to client-side availability degradation.
Axios versions from 0.19.0 to before 0.31.1 and 1.15.2 contain prototype-pollution gadgets in request config processing. If another vulnerability in the same JavaScript process has already polluted Object.prototype.transformResponse, affected Axios versions may treat that inherited value as request configuration or as an option validator.
The Axios library versions 1.0.0 through 1.15.0 are vulnerable to a Prototype Pollution gadget attack that can escalate Object.prototype pollution into a full Man-in-the-Middle (MITM) attack. An attacker can intercept, read, and modify all HTTP traffic, including authentication credentials.
Axios does not normalize IPv4-mapped IPv6 addresses, allowing bypass of the NO_PROXY list. Requests to internal services (e.g., 127.0.0.1, 169.254.169.254) in ::ffff: format may be routed through the proxy instead of being blocked.
A vulnerability in Axios versions 1.7.0 through 1.15.x causes configured request and response size limits (maxContentLength, maxBodyLength) to be ignored when using the fetch adapter. Applications using the fetch adapter may process oversized data, leading to resource exhaustion.
A vulnerability in the Axios library for Node.js causes the Proxy-Authorization header to be forwarded to the destination server during proxy-to-direct redirect flows. This affects versions prior to 0.32.0 and 1.16.0.
A vulnerability in the Axios library for Node.js leaks proxy credentials to a redirect target. When a request is sent through an authenticated proxy, the Proxy-Authorization header may persist in the redirected request and be sent to the new destination.

