Labs
Short research notes on newly disclosed vulnerabilities: the problem, the payload, and the fix.
- highCVE-2026-44938
CVE-2026-44938: Rancher Fleet Pod Security Standards Bypass via namespaceLabels
Anyone with git push access to a Fleet-monitored repository could silently downgrade the Pod Security Standards level on a Kubernetes namespace, letting them deploy privileged or otherwise restricted
- highCVE-2026-44937
CVE-2026-44937: Rancher Fleet Unauthenticated Webhook Regex Injection via Unsanitized Repository URL
When Fleet's webhook endpoint runs without a shared secret, an attacker can send a forged webhook request containing regex metacharacters in the repository URL or path field, causing Fleet to match an
- criticalCVE-2026-44935
CVE-2026-44935: Rancher Fleet Cross-Namespace Secret Disclosure via Unvalidated valuesFrom
A flaw in Rancher Fleet lets any tenant read Kubernetes secrets from other namespaces on a shared downstream cluster, by pointing the valuesFrom field in a fleet.yaml or HelmOp resource at an arbitrar
- highCVE-2026-48815
CVE-2026-48815: sigstore certificateOIDs Verification Constraint Silently Dropped
The sigstore npm package accepts a certificateOIDs option to restrict which signing certificates are trusted, but silently discards those constraints before verification, so any certificate that passe
- high
SurrealDB HTTP RPC Session Race Condition Allows Privilege Escalation
A race condition in SurrealDB's HTTP /rpc endpoint lets an unauthenticated attacker inherit an active authenticated user's session and execute queries with their privileges, including potential root a
- highCVE-2022-43467
CVE-2022-43467: Open Babel PQS Parser Out-of-Bounds Write
A crafted PQS chemistry file can overflow a fixed-size stack buffer in Open Babel's parser, enabling arbitrary code execution in any application that opens untrusted chemical files.
- highCVE-2026-49981
CVE-2026-49981: Twig Sandbox Filter/Tag/Function Allow-list Bypass via Cached Template
Twig's sandbox allow-list for filters, tags, and functions can be silently skipped when a template is loaded before sandboxing is active, letting untrusted templates call anything they want regardless
- high
pay: Paddle Billing Webhook Signature Timing Oracle (CWE-208)
The pay gem compared Paddle Billing webhook signatures with Ruby's non-constant-time == operator, letting an attacker recover the real HMAC byte-by-byte from response-time differences and forge arbitr
- highCVE-2026-49987
CVE-2026-49987: repomix Argument Injection via --remote-branch (RCE)
A crafted branch name passed to repomix's --remote-branch flag is forwarded to git subprocesses without sanitization, letting an attacker inject git options like --upload-pack and execute arbitrary co
- highCVE-2022-43607
CVE-2022-43607: Open Babel MOL2 Parser Stack Buffer Overflow
A crafted MOL2 file with an oversized attribute or value string causes Open Babel to write past a fixed 32-byte stack buffer during parsing, potentially leading to arbitrary code execution.
- highCVE-2022-44451
CVE-2022-44451: Open Babel MSI Parser Uninitialized Pointer Dereference
Open Babel's MSI chemistry file parser uses an atom pointer before it is ever assigned, letting an attacker trigger arbitrary code execution by feeding it a crafted MSI file.
- highCVE-2022-46289
CVE-2022-46289: Open Babel ORCA nAtoms Heap Buffer Overflow
A crafted ORCA chemistry file can trick Open Babel into allocating a tiny heap buffer and then writing atom coordinates past its end, potentially giving an attacker arbitrary code execution.