Moritz Oehrlein

**Name of the Vulnerable Software and Affected Versions** Open Security Issue Management (OSIM) versions prior to 2025.9.0 **Description** A path traversal issue exists in Open Security Issue Management (OSIM) due to the concatenation of `$uri$`args` within the nginx configuration file. This allows attackers to potentially access unauthorized files through crafted query parameters. **Recommendations** Update to version 2025.9.0 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Internet versions prior to 28.0.0.59 **Description** The issue arises from improper handling of insufficient permission in SyncClientProvider, allowing local attackers to access and modify arbitrary files. This affects Samsung Internet installed on non-Samsung devices. **Recommendations** For versions prior to 28.0.0.59, update to version 28.0.0.59 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.