CVEs (22)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Midnight Commander 1Midnight Commander Apr 16, 2026 Aug 1, 1999 N/A· v4 N/A· v3 4.6 MEDIUM· v2 FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges. |
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack. |