Threats Tagged 'cve-2024-5986'
View all threats tagged with 'cve-2024-5986'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2024-5986'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2024-5986: CWE-73 External Control of File Name or Path in h2oai h2oai/h2o-3CVE-2024-5986 0 A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. This is achieved by exploiting the `/3/Parse` endpoint to inject attacker-controlled data as the header of an empty file, which is then exported using the `/3/Frames/framename/export` endpoint. The impact of this vulnerability includes the potential for remote code execution and complete access to the system running h2o-3, as attackers can overwrite critical files such as private SSH keys or script files. Join the discussion | CVE Database V5 | 02/02/2026, 10:36:24 UTC Added: 02/02/2026, 11:00:08 UTC |
Showing 1 to 1 of 1 result