8087 matches found
CVE-2026-12537
Summary (CVE-2026-12537) : The vulnerability affects Google Gemini CLI container launcher (versions prior to 0.39.1) and the run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI platforms. It stems from improper neutralization in an OS command, enabling an unprivileged attacker ...
EUVD-2026-38790
Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI versions prior to 0.39.1 and run-gemini-cli GitHub Action versions prior to 0.1.22 on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously...
PT-2026-51788
Name of the Vulnerable Software and Affected Versions Google Gemini CLI versions prior to 0.39.1 run-gemini-cli GitHub Action versions prior to 0.1.22 Description An OS command injection flaw exists in the container launcher used on headless CI platforms. The issue stems from unsafe parsing and...
CVE-2026-53492 vulnerabilities
Vulnerabilities for packages: kaniko, datadog-agent-fips, rancher-helm, envoy-gateway, amazon-ecs-agent-fips, linkerd2, xeol-fips, buildkitd, kots, syft-fips, cluster-api-helm-controller-fips, teleport, eksctl, spegel, syft, trivy-fips, gitlab-rails-ce-fips, neuvector-scanner-fips,...
CVE-2026-50195 vulnerabilities
Vulnerabilities for packages: kaniko, datadog-agent-fips, rancher-helm, envoy-gateway, amazon-ecs-agent-fips, linkerd2, xeol-fips, buildkitd, kots, syft-fips, cluster-api-helm-controller-fips, teleport, eksctl, spegel, syft, trivy-fips, gitlab-rails-ce-fips, neuvector-scanner-fips,...
CVE-2026-53489 vulnerabilities
Vulnerabilities for packages: kaniko, datadog-agent-fips, rancher-helm, envoy-gateway, amazon-ecs-agent-fips, linkerd2, xeol-fips, buildkitd, kots, syft-fips, cluster-api-helm-controller-fips, teleport, eksctl, spegel, syft, trivy-fips, gitlab-rails-ce-fips, neuvector-scanner-fips,...
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: kaniko, datadog-agent-fips, rancher-helm, envoy-gateway, amazon-ecs-agent-fips, linkerd2, xeol-fips, buildkitd, kots, syft-fips, cluster-api-helm-controller-fips, teleport, eksctl, spegel, syft, trivy-fips, gitlab-rails-ce-fips, neuvector-scanner-fips,...
CSV Injection
Overview @actual-app/cli is a CLI for Actual Budget Affected versions of this package are vulnerable to CSV Injection via the escapeCsv function, which fails to neutralize formula-triggering prefixes in user-controlled fields when exporting data to CSV format. An attacker can cause arbitrary...
CVE-2026-54271 protobufjs-cli: Code injection in pbjs static output from crafted JSON descriptor names
protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.3.2 and 2.5.0, a previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emit unsafe JavaScript references when generating static outp...
CVE-2026-54271
The CVE-2026-54271 entry concerns protobufjs-cli (pbjs) static code generation, where insecure handling of pre-parsed JSON descriptors could lead to attacker-controlled JavaScript in generated output. Concrete details across connected sources show that protobufjs-cli versions prior to the fixed r...
PT-2026-51447
Name of the Vulnerable Software and Affected Versions @actual-app/cli versions prior to 26.6.0 Description The @actual-app/cli tool contains a CSV serialization issue in the escapeCsv function within packages/cli/src/output.ts. When the --format csv option is used, the serializer only handles...
CVE-2026-56236
Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary files or expose credentials with world-readable permissions...
CVE-2026-56236
CVE-2026-56236 affects Capgo CLI prior to 12.128.2. The issue is arbitrary file overwrite in login and build credentials operations that follow symlinks without validation. An attacker can place malicious symlinks in a repository to overwrite arbitrary files or expose credentials with world-reada...
CVE-2026-56236
Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary files or expose credentials with world-readable permissions...
@tinacms/cli: Remote Code Execution in @tinacms/cli via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels
Description Summary @tinacms/cli contains a Remote Code Execution vulnerability in its Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified collection JSON. User-supplied label and name fiel...
Arbitrary Code Injection
Overview @tinacms/cli is a package used to set up your project with Tina Cloud configuration, and run a local version of the Tina Cloud content-api. Affected versions of this package are vulnerable to Arbitrary Code Injection through the addVariablesToCode/makeFieldsWithInternalCode process in...
Entire CLI: Path traversal in checkpoint session metadata allows arbitrary file write during resume/rewind
Impact A path traversal vulnerability in Entire CLI allows an attacker with push access to the checkpoints repository to craft malicious checkpoint metadata that causes entire session resume or entire checkpoint rewind to write attacker-controlled transcript data outside of the expected session...
SUSE-SU-2026:22218-1 Security update for sqlite3
This update for sqlite3 fixes the following issues Update to 3.53.2: - CVE-2026-11822: memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution bsc1268012. - CVE-2026-11824: heap-based...
ROOT-APP-GOBINARY-CVE-2025-15558 CVE-2025-15558 in rootio-github.com/docker/cli - Patched by Root
Root has patched CVE-2025-15558 in the rootio-github.com/docker/cli package for Root:Go. Multiple fixed versions available...
CVE-2026-20246
Summary: CVE-2026-20246 affects Cisco Umbrella Virtual Appliance. A vulnerability in the vmadmin CLI allows an authenticated, local attacker with vmadmin privileges to escalate to root by abusing certain commands at the CLI. The root-cause is insufficient validation of user-supplied commands in v...