Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Microsoft CVE
Microsoft CVEadded 2026/05/17 8:1 a.m.6 views

Pallets Click contains a command injection via Unsanitized Filename "click.edit()"

...

7.2CVSS5.8AI score0.00029EPSS
Exploits1
OSV
OSVadded 2026/05/15 2:0 p.m.2 views

OESA-2026-2305 python-click security update

Click is a Python package for creating beautiful command line interfaces in a composable way with as little code as necessary. It's the "Command Line Interface Creation Kit". It's highly configurable but comes with sensible defaults out of the box. Security Fixes: Pallets Click, versions 8.3.2 an...

7.2CVSS6.1AI score0.00029EPSS
Exploits1References2
OSV
OSVadded 2026/05/15 2:0 p.m.1 views

OESA-2026-2304 python-click security update

Click is a Python package for creating beautiful command line interfaces in a composable way with as little code as necessary. It's the "Command Line Interface Creation Kit". It's highly configurable but comes with sensible defaults out of the box. Security Fixes: Pallets Click, versions 8.3.2 an...

7.2CVSS6.1AI score0.00029EPSS
Exploits1References2
OSV
OSVadded 2026/05/15 2:0 p.m.3 views

OESA-2026-2303 python-click security update

Click is a Python package for creating beautiful command line interfaces in a composable way with as little code as necessary. It's the "Command Line Interface Creation Kit". It's highly configurable but comes with sensible defaults out of the box. Security Fixes: Pallets Click, versions 8.3.2 an...

7.2CVSS6.1AI score0.00029EPSS
Exploits1References2
Veracode
Veracodeadded 2026/05/08 8:10 a.m.4 views

Command Injection

Click is vulnerable to Command Injection. The vulnerability is due to improper handling of user-controlled input in the click.edit function, allowing attackers to inject and execute arbitrary operating system commands from an unprivileged account...

7.2CVSS6AI score0.00029EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2026/04/30 2:16 p.m.2 views

DEBIAN-CVE-2026-7246

Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...

7.2CVSS5.9AI score0.00029EPSS
Exploits1References1
Debian CVE
Debian CVEadded 2026/04/30 1:16 p.m.5 views

CVE-2026-7246

Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...

7.2CVSS5.9AI score0.00029EPSS
Exploits1
Cvelist
Cvelistadded 2026/04/30 1:16 p.m.22 views

CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"

Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...

0.00029EPSS
Exploits1References2
CNNVD
CNNVDadded 2026/04/30 12:0 a.m.5 views

Click 命令注入漏洞

Click is a Python toolkit developed by Pallets for creating command-line interfaces. Versions of Click 8.3.2 and earlier have a command injection vulnerability. This vulnerability stems from the click.edit function, which allows for command injection, potentially enabling attackers to execute...

7.2CVSS6.1AI score0.00029EPSS
Exploits1References1
Rows per page
Query Builder