Lucene search
K

106 matches found

EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-43540

OpenClaw versions before 2026.6.1 contain a flaw in host exec environment filtering that could allow Git ext transport to be abused. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended...

8.8CVSS6.2AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/06 9:17 p.m.7 views

CVE-2026-42204

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.471 through 4.0.0-beta.473, a regression in SHELLSAFECOMMANDPATTERN allowed ampersands in custom Docker Compose build, start, and pre/post-deployment command fields, allowing an...

8.8CVSS6AI score0.00359EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.10 views

CVE-2026-50746

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device...

10CVSS5.8AI score0.00922EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 2:36 p.m.20 views

CVE-2026-27955

Summary: CVE-2026-27955 affects Coolify prior to 4.0.0-beta.464, where the executeInDocker() helper wraps commands in bash -c '{$command}' without escaping single quotes. User-controlled fields docker_compose_custom_build_command and docker_compose_custom_start_command are interpolated directly, ...

6.6CVSS5.9AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 8:18 p.m.27 views

CVE-2026-34597 Coolify: Authenticated Host RCE

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticated Host Remote Code Execution RCE vulnerability was discovered in Coolify. The flaw resides in the handling of user-defined build parameters for the...

8.8CVSS0.00526EPSS
Exploits0References1
Veracode
Veracode
added 2026/06/10 4:29 p.m.13 views

Code Injection

Yamcs is vulnerable to Code Injection. The vulnerability is due to the dynamic compilation and execution of user-controlled Python algorithm code through Jython without a secure sandbox, which allows an authenticated attacker to execute arbitrary code on the underlying host system...

6.2AI score0.00473EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Logseq 跨站脚本漏洞

Logseq is an open-source knowledge management and collaboration platform developed by Logseq. Version 0.10.15 of Logseq contains a cross-site scripting vulnerability. This vulnerability stems from plugins running in a sandbox iframe, which allow arbitrary HTML attributes such as event handlers to...

4.6CVSS5.3AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.12 views

CVE-2026-44345

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/internal/container/frontend/dockerfile/templates/basev2.j2 interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious...

8.8CVSS5.6AI score0.00317EPSS
Exploits1References1
OSV
OSV
added 2026/06/05 12:35 a.m.1 views

CVE-2026-41567 Docker: `PUT /containers/{id}/archive` executes container binary on the host

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.6AI score0.00153EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/05/29 5:59 p.m.16 views

NodeVM builtin denylist bypass via process and inspector/promises allows host code execution

Summary NodeVM blocks several dangerous Node.js builtins such as module, workerthreads, cluster, vm, repl, and inspector. However, the denylist misses process and inspector/promises. Both can be used from sandboxed code to reach host-side execution primitives. This allows sandboxed code to bypass...

10CVSS6.3AI score0.00536EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/05/29 5:49 p.m.12 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the BaseHandler.set trap in lib/bridge.js. An...

9.2CVSS6.3AI score0.00287EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/29 4:11 p.m.15 views

CVE-2026-45632 Dokploy: Schedule Authorization Bypass Enables Host/Server Command Execution

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.7 and earlier, the schedule router does not enforce organization/role checks. As a result, any authenticated user can create, update, run, or delete schedules belonging to other organizations if they know the scheduleId/serverId...

9.9CVSS6AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/28 8:12 p.m.14 views

CVE-2026-44346

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...

8.8CVSS5.9AI score0.00321EPSS
Exploits1References1
PyPA
PyPA
added 2026/05/27 6:16 p.m.12 views

PYSEC-2026-190

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...

8.8CVSS5.9AI score0.00321EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/27 6:16 p.m.9 views

PYSEC-2026-190

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...

8.8CVSS5.9AI score0.00321EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:22 p.m.16 views

CVE-2026-44346

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...

8.8CVSS5.9AI score0.00321EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-45980

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...

8.8CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2026/05/22 8:16 p.m.16 views

CVE-2026-5843

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

8.8CVSS0.00224EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/14 9:14 p.m.25 views

vm2 Has a Sandbox Breakout Using Async Generator

Summary VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. Details It is possible to catch a host exception using the yield expression inside an async generator. When the...

9.8CVSS6.2AI score0.00568EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.15 views

PT-2026-40731

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.3 Description A sandbox breakout allows attackers to execute arbitrary commands on the host system. This occurs because a host exception can be caught using the yield expression within an async generator. When the...

10CVSS6.1AI score0.00568EPSS
Exploits1References13
Rows per page
Query Builder