Threats Tagged 'ghsa-rqrh-8wpv-x7hh'
View all threats tagged with 'ghsa-rqrh-8wpv-x7hh'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'ghsa-rqrh-8wpv-x7hh'
Click on any threat for detailed analysis and mitigation recommendations
GHSA-rqrh-8wpv-x7hh: Note Mark: Path traversal via unsanitized book/note slug in migrate export (sibling of GHSA-g49p)CVE-2026-50553 0 Note Mark contains a path traversal vulnerability in its migrate export commands due to improper validation of book and note slug inputs. The slug validation uses an unanchored regex pattern that allows strings containing valid characters anywhere, enabling traversal sequences like '../../../../etc/cron.d/x' to pass. During export, these unsanitized slugs are joined into filesystem paths and used to create directories and files outside the intended export directory. Since the export process often runs with root privileges, this can lead to arbitrary file creation with root permissions, potentially enabling code execution. Join the discussion | GCVE Database | 07/09/2026, 13:41:35 UTC Added: 07/10/2026, 09:26:32 UTC |
Showing 1 to 1 of 1 result