Lucene search
K

10 matches found

CVE
CVE
added 2026/06/11 6:33 p.m.13 views

CVE-2026-48547

KanaDojo exposes a command injection in its release workflow. The vulnerability stems from patchNotesData.json fields version/changes being unsafely interpolated into a child_process.execSync() call within release.yml, allowing a PR with shell metacharacters to execute arbitrary commands. If a ma...

8.5CVSS6AI score0.0091EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 6:33 p.m.29 views

CVE-2026-48547 KanaDojo < 0.1.18 Command Injection via patchNotesData.json in release.yml

KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the version or changes fields of patchNotesData.json, which are interpolated unsanitized into a childprocess.execSync cal...

8.5CVSS0.0091EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 6:16 p.m.12 views

CVE-2026-48546

KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...

8.5CVSS0.00487EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/11 5:53 p.m.8 views

EUVD-2026-36273

KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...

8.5CVSS6.7AI score0.00487EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 5:53 p.m.17 views

CVE-2026-48546

KanaDojo before 0.1.18 contains a sandbox-escape RCE in the issue-auto-respond.yml workflow. The root cause is explicit passing of the global require into a Node.js vm.runInNewContext() sandbox, allowing an attacker to modify messages.cjs to import arbitrary Node.js modules and achieve remote cod...

8.5CVSS6.7AI score0.00487EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 5:53 p.m.8 views

CVE-2026-48546 KanaDojo < 0.1.18 Sandbox Escape RCE via messages.cjs

KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...

8.5CVSS6.7AI score0.00487EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/11 5:53 p.m.26 views

CVE-2026-48546 KanaDojo < 0.1.18 Sandbox Escape RCE via messages.cjs

KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...

8.5CVSS0.00487EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

KanaDojo 安全漏洞

KanaDojo is an attractive and customizable Japanese learning platform developed by lingdojo. Versions of KanaDojo prior to 0.18.0 contained security vulnerabilities. These vulnerabilities were caused by sandbox escape attacks, allowing attackers to execute arbitrary code by passing the global...

8.5CVSS6.3AI score0.00487EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

KanaDojo 操作系统命令注入漏洞

KanaDojo is an attractive and customizable Japanese learning platform developed by lingdojo. KanaDojo has a vulnerability related to operating system command injection. This vulnerability arises from command injection, and it could allow attackers with access to pull requests to execute arbitrary...

8.5CVSS5.9AI score0.0091EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.11 views

PT-2026-48700

Name of the Vulnerable Software and Affected Versions KanaDojo versions prior to 0.1.18 Description A sandbox escape allows remote code execution with full GitHub Actions runner privileges, including access to the AUTOMATION PR TOKEN variable. The issue occurs in the issue-auto-respond.yml workfl...

8.5CVSS6.3AI score0.00487EPSS
Exploits0References5
Rows per page
Query Builder