CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
Warp is a development environment that, from versions 0.2021.04.25.23.05.stable_00 to 0.2026.05.06.15.42.stable_01, allows terminal output to access the local system clipboard. A malicious remote host or other attacker-controlled terminal output source can trigger clipboard reads or writes without a separate confirmation step.
Warp is a development environment that contains a command execution permission-check bypass in the default unsandboxed CLI agent profile. This vulnerability allows an attacker to treat denylisted commands as allowed.
Warp is an agentic development environment that, from versions 0.2025.03.05.08.02.stable_00 to 0.2026.05.06.15.42.stable_01, accepts `OSC 1337;File` payloads from terminal output and materializes the decoded payload as a local file without an additional confirmation step. This vulnerability is fixed in version 0.2026.05.06.15.42.stable_01.
Warp, an agentic development environment, contains a command injection vulnerability in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by the victim's shell if the victim selects that branch from the UI.
Warp, an agentic development environment, may open executable local files through the operating system default file handler. A malicious Markdown document can contain a local-file link that, when clicked by the user, may lead to unsafe file opening.
Warp, an agentic development environment, contains a command execution policy bypass in Agent code search tools. Versions from 0.2025.04.09.08.11.stable_00 to 0.2026.05.06.15.42.stable_01 are vulnerable, allowing execution of shell commands from Agent-controlled inputs.
A vulnerability in Docling from version 2.73.0 to 2.91.0 allows attackers to read arbitrary files from the file system via crafted LaTeX documents. Lack of path validation in \includegraphics, \input, and \include commands enables path traversal sequences, potentially leading to sensitive data exposure.
A vulnerability in Docling versions 2.13.0 through 2.74.0 allows XML External Entity (XXE) attacks via malicious USPTO patent files. An attacker can read arbitrary files from the server, perform SSRF attacks, or cause denial of service.
A vulnerability in Docling before version 2.91.0 allows Zip Slip attacks during EasyOCR model downloads. An attacker can overwrite arbitrary files, leading to remote code execution, persistent backdoors, or data corruption.
A vulnerability in Docling versions 2.82.0 through 2.91.0 allows arbitrary JavaScript execution and unrestricted network access when processing untrusted HTML documents with the Playwright-based rendering feature enabled. An attacker can exploit this for SSRF attacks, data exfiltration, or remote code execution in the rendering environment.
A vulnerability in concurrent-ruby up to version 1.3.6 allows any thread to release a write lock without authorization, potentially breaking mutual exclusion. Additionally, release_read_lock can decrement the shared counter below zero, causing ResourceLimitError on read lock acquisition.
In concurrent-ruby up to version 1.3.6, a vulnerability allows incorrect granting of a write lock after one thread acquires the read lock 32,768 times. The lock stores thread-local read and write hold counts in one integer, where the low 15 bits are for read count and bit 15 is for WRITE_LOCK_HELD. After exceeding this threshold, the read count overflows into the write-lock bit, causing try_write_lock to incorrectly return true without setting the global RUNNING_WRITER bit.
The vulnerability in the concurrent-ruby library for Ruby causes the AtomicReference#update method to enter an infinite retry loop when the stored value is Float::NAN. This is because Float::NAN == Float::NAN always returns false, preventing the compare_and_set operation from succeeding.
A vulnerability in the Faraday library allows a DoS attack by sending a specially crafted nested query string. The NestedParamsEncoder decoder does not enforce a maximum nesting depth, leading to stack overflow and crash of the thread or worker process.
In the Linux kernel's OMFS filesystem, a missing lower-bound check for s_sys_blocksize allows a crafted image with a value smaller than OMFS_DIR_START (440) to cause an unsigned integer underflow in omfs_make_empty(). This triggers a memset() with a length near 4 GiB, overwriting kernel memory beyond the block buffer.
A use-after-free vulnerability was found in the Linux kernel's mbcache mechanism. The mb_cache_destroy() function fails to cancel the pending c_shrink_work work item before freeing memory, potentially leading to access of already freed memory.
In the Linux kernel, the DRBD driver has an RCU call imbalance in drbd_adm_dump_devices(). The function calls rcu_read_unlock() without a preceding rcu_read_lock(), which can lead to incorrect RCU behavior.
A vulnerability has been identified in the Linux kernel related to a memory leak in the blk_revalidate_disk_zones() function. If an error occurs during zone validation, memory allocated for args.zones_cond is not freed, leading to a leak.
A vulnerability has been identified in the Linux kernel related to a disk reference leak in the blkcg_maybe_throttle_current() function. The issue is due to a missing put_disk() call on the error path, leading to unreleased disk references.
A vulnerability has been identified in the Linux kernel related to the removal of active sysfs protection, which may lead to recursive locking. The issue occurs when writing 'clear' to array_state, causing md_attr_store() to mishandle kobject references.

