CVE-2026-39243: n/a
A vulnerability in decompress versions before 4.2.2 allows attackers to create arbitrary hardlinks during archive extraction. This occurs because the x.linkname field from hardlink entries is passed…
Read the full article1d agoen
You might also wanna read
Critical 7-Zip vulnerability (CVE-8.8) enables code execution via crafted archive files; update to version 26.01 urged
Everyone, get your update hats on immediately; we're at DEFCON 1

Critical Arbitrary File Write Vulnerability in Dulwich Git Library (CVE-2026-42305) Allows RCE on Windows
Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbi

Security Analysis: How Claude Code's Command Allowlisting Can Enable Arbitrary Execution
How allowlisting developer tools in Claude Code can inadvertently allow arbitrary command execution.
Technical Analysis of Non-Recursive Zip Bomb Construction Using File Overlapping
David Fifield [email protected]
bamsoftware.com·6mo ago
Windows and Linux Sensitive Directory Paths: A Security Reference for File Inclusion Exploitation
Windows and Linux Sensitive Directory Path Summary Abstract: This article describes how...
dev.to·1mo agoAnalysis of 7-Zip vulnerabilities: CVE-2025-11001 and CVE-2025-11002
A recently disclosed 7-Zip vulnerability allows malicious actors to execute code remotely through specially crafted ZIP files
ThreatLocker·15d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.