PT-2026-21764

Name of the Vulnerable Software and Affected Versions exiftool versions prior to 13.50 Description An OS command injection issue exists in the PNG File Parser component of exiftool on macOS. The flaw is located in the SetMacOSTags function within the lib/Image/ExifTool/MacOS.pm file. A remote...

Intelbras TIP 635G 操作系统命令注入漏洞

The Intelbras TIP 635G is an IP phone produced by the Brazilian company Intelbras. Version 1.12.3.5 of the Intelbras TIP 635G contains a vulnerability related to operating system command injection. This vulnerability stems from a flaw in the Ping Handler component, which may allow for OS command...

exiftool 操作系统命令注入漏洞

Exiftool is an open-source application developed by ExifTool. It makes metadata more accessible. Versions of Exiftool 13.49 and earlier had a vulnerability related to operating system command injection. This vulnerability stemmed from the SetMacOSTags function in the PNG file parser component,...

InSAT MasterSCADA BUK-TS 操作系统命令注入漏洞

InSAT MasterSCADA BUK-TS is an industrial automation control component developed by the Russian company InSAT. InSAT MasterSCADA BUK-TS has a vulnerability related to OS command injection. This vulnerability stems from the presence of OS command injection in the MMadmServ Web interface fields,...

PT-2026-21800

Name of the Vulnerable Software and Affected Versions InSAT MasterSCADA BUK-TS affected versions not specified Description The software is susceptible to OS command injection through a field in its MMadmServ web interface. This allows attackers to potentially execute remote code. The vulnerabilit...

PT-2026-21645

Name of the Vulnerable Software and Affected Versions Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.7C0 Description A post-authentication command injection exists in the TR-369 certificate download CGI program. An authenticated attacker with administrator privileges could execute...

PT-2026-21644

Name of the Vulnerable Software and Affected Versions Zyxel EX3301-T0 firmware versions through 5.50ABVY.7C0 Description A post-authentication command injection issue exists in the log file download function. This could allow an authenticated attacker to execute operating system OS commands on an...

NVIDIA Cumulus Linux和NVIDIA NVOS 安全漏洞

NVIDIA Cumulus Linux and NVIDIA NVOS are both products of NVIDIA Corporation, a US-based company. NVIDIA Cumulus Linux is a powerful open-source network operating system. NVIDIA NVOS is also an operating system. Both NVIDIA Cumulus Linux and NVIDIA NVOS have security vulnerabilities; these...

Zyxel EX3301-T0 操作系统命令注入漏洞

The Zyxel EX3301-T0 is a security routing gateway produced by the Chinese company Zyxel. Versions of the Zyxel EX3301-T0 prior to 5.50ABVY.7C0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the log file download function, where command...

Mozilla Thunderbird < 140.8

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-17 advisory. - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147...

Mozilla Firefox < 148.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 148.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-13 advisory. - Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory...

CVE-2026-3040

CVE-2026-3040 affects DrayTek Vigor 300B (up to version 1.5.1.6) in the Web Management Interface, specifically the cgiGetFile function in /cgi-bin/mainfunction.cgi/uploadlangs. The File argument manipulation leads to OS command injection. Reports indicate remote initiation is possible and that an...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.1.5)

The version of AOS installed on the remote host is prior to 7.3.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.1.5 advisory. - A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library...

CVE-2026-2944 Tosei Online Store Management System ネット店舗管理システム HTTP POST Request monitor.php system os command injection

A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack ma...

Vaelsys V4 操作系统命令注入漏洞

Vaelsys V4 is an artificial intelligence video analysis platform developed by the Spanish company Vaelsys. Version 4.1.0 of Vaelsys V4 contains a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of the parameter xajaxargs in the...

Photon OS 5.0: Linux PHSA-2026-5.0-0770

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0770. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2026-27487 OpenClaw: Prevent shell injection in macOS keychain credential write

OpenClaw is a personal AI assistant. In versions 2026.2.13 and below, when using macOS, the Claude CLI keychain credential refresh path constructed a shell command to write the updated JSON blob into Keychain via security add-generic-password -w .... Because OAuth tokens are user-controlled data,...

OpenClaw 操作系统命令注入漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability. The vulnerability stems from a keychain credential refresh shell command constructed on macOS failing to properly filter constructed command special...

CVE-2026-2818

A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only...

CVE-2026-2847

A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument IspName results in os command injection. The attack can be launched remotely. The explo...