Skip to content

Commit a3bd1ba

Browse files
1 parent 442eb9e commit a3bd1ba

3 files changed

Lines changed: 153 additions & 7 deletions

File tree

advisories/unreviewed/2026/05/GHSA-7w7m-v5vp-w699/GHSA-7w7m-v5vp-w699.json renamed to advisories/github-reviewed/2026/05/GHSA-7w7m-v5vp-w699/GHSA-7w7m-v5vp-w699.json

Lines changed: 28 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,44 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-7w7m-v5vp-w699",
4-
"modified": "2026-05-31T09:31:00Z",
4+
"modified": "2026-07-07T19:36:46Z",
55
"published": "2026-05-31T09:31:00Z",
66
"aliases": [
77
"CVE-2026-10175"
88
],
9-
"details": "A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editor_coder.run of the file auth.py of the component Architect Mode. Performing a manipulation results in code injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.",
9+
"summary": "Aider is vulnerable to Code Injection via editor_coder.run function",
10+
"details": "A security flaw has been discovered in Aider-AI Aider 0.86.3.dev. Affected by this vulnerability is the function editor_coder.run of the file auth.py of the component Architect Mode. Performing a manipulation results in code injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.",
1011
"severity": [
1112
{
1213
"type": "CVSS_V3",
1314
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
1415
},
1516
{
1617
"type": "CVSS_V4",
17-
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"
19+
}
20+
],
21+
"affected": [
22+
{
23+
"package": {
24+
"ecosystem": "PyPI",
25+
"name": "aider-chat"
26+
},
27+
"ranges": [
28+
{
29+
"type": "ECOSYSTEM",
30+
"events": [
31+
{
32+
"introduced": "0"
33+
},
34+
{
35+
"last_affected": "0.86.2"
36+
}
37+
]
38+
}
39+
]
1840
}
1941
],
20-
"affected": [],
2142
"references": [
2243
{
2344
"type": "ADVISORY",
@@ -28,7 +49,7 @@
2849
"url": "https://github.com/Aider-AI/aider/issues/5058"
2950
},
3051
{
31-
"type": "WEB",
52+
"type": "PACKAGE",
3253
"url": "https://github.com/Aider-AI/aider"
3354
},
3455
{
@@ -53,8 +74,8 @@
5374
"CWE-74"
5475
],
5576
"severity": "LOW",
56-
"github_reviewed": false,
57-
"github_reviewed_at": null,
77+
"github_reviewed": true,
78+
"github_reviewed_at": "2026-07-07T19:36:46Z",
5879
"nvd_published_at": "2026-05-31T09:16:15Z"
5980
}
6081
}
Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-fqf6-gxhh-2xhw",
4+
"modified": "2026-07-07T19:36:17Z",
5+
"published": "2026-07-07T19:36:17Z",
6+
"aliases": [],
7+
"summary": "uutils coreutils: cp/install/mv/ln --suffix alone does not enable backup mode (silent data loss vs GNU)",
8+
"details": "`determine_backup_mode` in `src/uucore/src/lib/features/backup_control.rs` only checks `--backup`/`-b` and returns `BackupMode::None` when only `--suffix` is given. GNU enables backup mode when `--suffix` is used alone (defaulting to existing/numbered, or `$VERSION_CONTROL`). Affects `cp`, `install`, `mv`, `ln` which share this code.\n\n```\n# uutils: no backup created\n$ coreutils cp --suffix=.bak src dest # dest.bak NOT created\n# GNU: dest.bak created\n$ cp --suffix=.bak src dest\n```\n\n**Impact:** users/scripts relying on `--suffix` to back up a file before overwrite get silent data loss; breaks GNU compatibility across four utilities. Recommendation: enable backup mode when `--suffix` is present.\n\n_Note: this is primarily a GNU-compatibility/data-safety divergence rather than a classic exploitable vulnerability — review whether it warrants a CVE._\n\n**Remediation:** Acknowledged by Canonical; fixed in PR #9741 (`uucore: use --suffix to enable backup mode`), commit `939ab037a`, merged 2025-12-21. `determine_backup_mode` now has a `--suffix`-alone branch that resolves the mode from `$VERSION_CONTROL` (defaulting to `existing`). Released in **uucore 0.6.0** and later (vulnerable: `< 0.6.0`). Regression tests added in the same file: `test_backup_mode_suffix_without_backup_option` and `test_backup_mode_suffix_without_backup_option_with_env_var`.\n\n---\n_Reported by Zellic in the *uutils coreutils Program Security Assessment* (prepared for Canonical, Jan 20 2026), audited commit `3a07ffc5a9bd4c283e75afa548ba1f1957bad242`. Finding 3.7. Credit: Zellic._",
9+
"severity": [
10+
{
11+
"type": "CVSS_V4",
12+
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"
13+
}
14+
],
15+
"affected": [
16+
{
17+
"package": {
18+
"ecosystem": "crates.io",
19+
"name": "uucore"
20+
},
21+
"ranges": [
22+
{
23+
"type": "ECOSYSTEM",
24+
"events": [
25+
{
26+
"introduced": "0"
27+
},
28+
{
29+
"fixed": "0.6.0"
30+
}
31+
]
32+
}
33+
]
34+
}
35+
],
36+
"references": [
37+
{
38+
"type": "WEB",
39+
"url": "https://github.com/uutils/coreutils/security/advisories/GHSA-fqf6-gxhh-2xhw"
40+
},
41+
{
42+
"type": "WEB",
43+
"url": "https://github.com/uutils/coreutils/pull/9741"
44+
},
45+
{
46+
"type": "PACKAGE",
47+
"url": "https://github.com/uutils/coreutils"
48+
}
49+
],
50+
"database_specific": {
51+
"cwe_ids": [
52+
"CWE-440",
53+
"CWE-693"
54+
],
55+
"severity": "HIGH",
56+
"github_reviewed": true,
57+
"github_reviewed_at": "2026-07-07T19:36:17Z",
58+
"nvd_published_at": null
59+
}
60+
}
Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-g84h-j7jj-x32p",
4+
"modified": "2026-07-07T19:35:57Z",
5+
"published": "2026-07-07T19:35:57Z",
6+
"aliases": [
7+
"CVE-2026-53509"
8+
],
9+
"summary": "@aborruso/ckan-mcp-server: SSRF via base_url allows access to internal networks (Potential fix bypass of CVE-2026-33060)",
10+
"details": "### Summary\nA known vulnerability CVE-2026-33060 indicated tools including ckan_package_search and sparql_query that accept a base_url parameter had the risk of making HTTP requests to arbitrary endpoints without restriction. A fix was applied to filter out ip addresses. However, a method to bypass exists.\n\n### Details\nCKAN MCP Server validates caller-supplied CKAN server URLs by inspecting only the parsed hostname string before issuing outbound HTTP requests. In `src/utils/http.ts`, hostname aliases such as `ip6-localhost` are not equal to `localhost`, are not dotted IPv4 literals, and are not bracketed IPv6 literals, so they pass the SSRF filter but can resolve to loopback when the server performs the request. A remote MCP caller that can invoke CKAN tools with a `server_url` can therefore make the server connect to local or private addresses and, for CKAN-shaped responses, receive response-derived data.\n\n### Fix\nReplaced the single `hostname === 'localhost'` check with a blocked-hostname `Set` covering `ip6-localhost` and `ip6-loopback`. Patched in commit `c761045a1b7c5f40d2626540dd2ef1d4feb91f8c`.\n\n---\n@aborruso/ckan-mcp-server thanks **hibrian827** for responsibly disclosing this issue.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "npm",
21+
"name": "@aborruso/ckan-mcp-server"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"fixed": "0.4.106"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "WEB",
41+
"url": "https://github.com/ondata/ckan-mcp-server/security/advisories/GHSA-g84h-j7jj-x32p"
42+
},
43+
{
44+
"type": "ADVISORY",
45+
"url": "https://github.com/advisories/GHSA-3xm7-qw7j-qc8v"
46+
},
47+
{
48+
"type": "PACKAGE",
49+
"url": "https://github.com/ondata/ckan-mcp-server"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://github.com/ondata/ckan-mcp-server/releases/tag/v0.4.106"
54+
}
55+
],
56+
"database_specific": {
57+
"cwe_ids": [
58+
"CWE-918"
59+
],
60+
"severity": "MODERATE",
61+
"github_reviewed": true,
62+
"github_reviewed_at": "2026-07-07T19:35:57Z",
63+
"nvd_published_at": null
64+
}
65+
}

0 commit comments

Comments
 (0)