Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

15257 matches found

EUVD
EUVDadded 2026/03/31 12:31 p.m.2 views

EUVD-2026-17371

OpenClaw before 2026.3.13 contains a remote command injection vulnerability in the iMessage attachment staging flow that allows attackers to execute arbitrary commands on configured remote hosts. The vulnerability exists because unsanitized remote attachment paths containing shell metacharacters...

9.8CVSS6.4AI score0.00604EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/31 11:17 a.m.2 views

CVE-2026-32917

OpenClaw before 2026.3.13 contains a remote command injection vulnerability in the iMessage attachment staging flow that allows attackers to execute arbitrary commands on configured remote hosts. The vulnerability exists because unsanitized remote attachment paths containing shell metacharacters...

9.8CVSS6.4AI score0.00604EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/03/30 12:0 a.m.1 views

PT-2026-28757

Name of the Vulnerable Software and Affected Versions Totolink A3300R version 17.0.0cu.557 b20221024 Description A flaw exists in the Totolink A3300R device. The setUPnPCfg function within the /cgi-bin/cstecgi.cgi file is susceptible to command injection through manipulation of the enable argumen...

6.5CVSS5.9AI score0.00595EPSS
Exploits1References7
RedhatCVE
RedhatCVEadded 2026/03/28 4:59 p.m.3 views

CVE-2026-4622

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS6.1AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/27 2:25 p.m.8 views

CVE-2021-27489

ZOLL Defibrillator Dashboard, v prior to 2.2, The web application allows a non-administrative user to upload a malicious file. This file could allow an attacker to remotely execute arbitrary commands...

8.8CVSS7.2AI score0.00543EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/27 2:23 p.m.5 views

CVE-2021-27984

In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files...

8.1CVSS7.2AI score0.04249EPSS
Exploits1References1
EUVD
EUVDadded 2026/03/27 12:31 p.m.3 views

EUVD-2026-16587

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS6.1AI score0.00044EPSS
Exploits0References2
NVD
NVDadded 2026/03/27 12:16 p.m.4 views

CVE-2026-4622

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

9.8CVSS0.00146EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/27 11:53 a.m.21 views

CVE-2026-4620

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS0.00044EPSS
Exploits0References1
CVE
CVEadded 2026/03/27 11:53 a.m.2 views

CVE-2026-4620

The CVE-2026-4620 entry concerns NEC Platforms, Ltd. Aterm Series devices and describes an OS Command Injection vulnerability that allows an attacker to execute arbitrary commands over the network. According to the provided metrics, the flaw has a High impact on confidentiality, integrity, and av...

9.8CVSS6.1AI score0.00044EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/27 11:53 a.m.0 views

CVE-2026-4622

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS6.1AI score0.00146EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/03/27 5:25 a.m.24 views

CVE-2026-33280

Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands...

8.6CVSS0.00105EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/27 12:0 a.m.3 views

PT-2026-28648

Name of the Vulnerable Software and Affected Versions NEC Platforms, Ltd. Aterm Series affected versions not specified Description An OS Command Injection issue exists in NEC Platforms, Ltd. Aterm Series. This allows a malicious actor to execute arbitrary OS commands through the network...

7.1CVSS6.1AI score0.00146EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/03/27 12:0 a.m.2 views

PT-2026-28646

Name of the Vulnerable Software and Affected Versions NEC Platforms, Ltd. Aterm Series affected versions not specified Description An OS Command Injection issue exists in NEC Platforms, Ltd. Aterm Series. This allows a malicious actor to execute arbitrary OS commands through the network...

7.1CVSS6.1AI score0.00044EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/03/26 3:10 p.m.2 views

CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

8.1CVSS6.4AI score0.00148EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:7 p.m.3 views

CVE-2026-31999

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

7.8CVSS6AI score0.00092EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:6 p.m.1 views

CVE-2026-22901

A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later...

9.8CVSS6.1AI score0.00485EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:5 p.m.1 views

CVE-2025-54820

A Stack-based Buffer Overflow vulnerability CWE-121 vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is...

8.1CVSS6AI score0.00061EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/26 2:57 p.m.2 views

CVE-2026-22897

A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.4.0415 and later...

9.8CVSS6.1AI score0.00405EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/26 2:56 p.m.2 views

CVE-2019-25487

SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the formSysCmd endpoint. Attackers can send POST requests with the sysCmd parameter containing shell commands to...

9.8CVSS6.5AI score0.00266EPSS
Exploits0References1
Rows per page
Query Builder