116 matches found
CVE-2026-48708
OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, the template engine uses a single shared text/template.Template instance tpl package-level variable in service/internal/tpl/templates.go across all goroutines. Every action execution calls...
EUVD-2026-36907
OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, The ValidateArgumentType RPC endpoint in service/internal/api/api.go does not perform any authentication or authorization checks. Unlike all other data-returning API endpoints, it does not cal...
CVE-2026-48709
CVE-2026-48709 affects OliveTin’s ValidateArgumentType RPC endpoint (service/internal/api/api.go). In versions
CVE-2026-48708 OliveTin has a Concurrent Template Parsing Race Condition which Leads to Cross-Request Command Contamination
OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, the template engine uses a single shared text/template.Template instance tpl package-level variable in service/internal/tpl/templates.go across all goroutines. Every action execution calls...
CVE-2026-48708
OliveTin is affected by a race condition in the template engine. In versions up to 3000.0.0, a single shared text/template.Template instance (tpl) is used across all goroutines, and actions perform tpl.Parse(source) followed by t.Execute() without synchronization. Under concurrent ExecRequests, t...
PT-2026-49472
Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.13.0 Description The 'ValidateArgumentType' RPC endpoint in service/internal/api/api.go lacks authentication and authorization checks, failing to call auth.UserFromApiCall or checkDashboardAccess. Even when...
Exploit for OS Command Injection in Olivetin
cve-2025-50946 Exploit script for CVE-2025-50946...
OS Command Injection
OliveTin is vulnerable to Command Injection. The vulnerability is due to insufficient input validation in Shell mode, where password-typed arguments and webhook-extracted JSON values bypass checkShellArgumentSafety before being passed to sh -c, allowing authenticated or unauthenticated attackers ...
SUSE CVE-2026-28342
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.2, the PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests. By issuing multiple parallel requests, an attacke...
SUSE CVE-2026-28789
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin's OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...
SUSE CVE-2026-28790
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.0, OliveTin allows an unauthenticated guest to terminate running actions through KillAction even when authRequireGuestsToLogin: true is enabled. Guests are correctly blocked from dashboard access, bu...
SUSE CVE-2026-30223
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" local RSA public key or "authJwtHmacSecret" HMAC secret, the configured audience value authJwtAud is not enforced during toke...
SUSE CVE-2026-30224
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, OliveTin does not revoke server-side sessions when a user logs out. Although the browser cookie is cleared, the corresponding session remains valid in server storage until expiry default 1 year. A...
SUSE CVE-2026-30225
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, an authentication context confusion vulnerability in RestartAction allows a low-privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new...
SUSE CVE-2026-31817
OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...
SUSE CVE-2026-32102
OliveTin gives access to predefined shell commands from a web interface. In 3000.10.2 and earlier, OliveTin's live EventStream broadcasts execution events and action output to authenticated dashboard subscribers without enforcing per-action authorization. A low-privileged authenticated user can...
OliveTin Path Traversal Vulnerability
OliveTin is OliveTin open source a Web application . OliveTin has a path traversal vulnerability, which is caused by an unsafe resolution of UniqueTrackingId, and can be exploited by an attacker to traverse directories on the system...
GO-2026-4687 OliveTin's email argument makes compliance harder, enables log injection in github.com/OliveTin/OliveTin
OliveTin's email argument makes compliance harder, enables log injection in github.com/OliveTin/OliveTin. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
GO-2026-4683 OliveTin Vulnerable to Unauthorized Action Output Disclosure via EventStream in github.com/OliveTin/OliveTin
OliveTin Vulnerable to Unauthorized Action Output Disclosure via EventStream in github.com/OliveTin/OliveTin. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports fro...
EUVD-2026-11369
OliveTin Vulnerable to Unauthorized Action Output Disclosure via EventStream...