Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19582 matches found

OSV
OSVadded 2026/02/08 5:16 a.m.2 views

CVE-2026-2135

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...

8.8CVSS5.7AI score0.03852EPSS
Exploits1References4
NVD
NVDadded 2026/02/08 5:16 a.m.5 views

CVE-2026-2135

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...

8.8CVSS0.03852EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/02/08 4:32 a.m.36 views

CVE-2026-2135 UTT HiPER 810 formPdbUpConfig sub_43F020 command injection

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...

6.5CVSS0.03852EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/02/08 4:32 a.m.5 views

CVE-2026-2135

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...

6.5CVSS6.5AI score0.03852EPSS
Exploits1References4Affected Software1
EUVD
EUVDadded 2026/02/08 4:32 a.m.4 views

EUVD-2026-5813

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...

8.8CVSS6.4AI score0.03852EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/02/08 4:32 a.m.11 views

CVE-2026-2135 UTT HiPER 810 formPdbUpConfig sub_43F020 command injection

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...

6.5CVSS5.5AI score0.03852EPSS
Exploits1References4
Snyk
Snykadded 2026/02/08 3:51 a.m.3 views

Arbitrary Command Injection

Overview mcp-maigret is a MCP server for maigret - OSINT username search across social networks Affected versions of this package are vulnerable to Arbitrary Command Injection via the searchusername process in index.ts when handling the Username argument. An attacker can execute arbitrary system...

9.8CVSS7AI score0.01583EPSS
Exploits0References2
OSV
OSVadded 2026/02/08 3:30 a.m.2 views

GHSA-2G7V-HGHF-GRG4 mcp-maigret vulnerable to command injection

A vulnerability was determined in BurtTheCoder mcp-maigret up to 1.0.12. This affects an unknown part of the file src/index.ts of the component searchusername. Executing a manipulation of the argument Username can lead to command injection. The attack may be launched remotely. Upgrading to versio...

6.3CVSS5.7AI score0.01583EPSS
Exploits0References9
OSV
OSVadded 2026/02/08 3:15 a.m.4 views

CVE-2026-2131

A vulnerability was identified in XixianLiang HarmonyOS-mcp-server 0.1.0. This vulnerability affects the function inputtext. The manipulation of the argument text leads to os command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used...

8.8CVSS5.6AI score0.15052EPSS
Exploits1References4
NVD
NVDadded 2026/02/08 3:15 a.m.6 views

CVE-2026-2130

A vulnerability was determined in BurtTheCoder mcp-maigret up to 1.0.12. This affects an unknown part of the file src/index.ts of the component searchusername. Executing a manipulation of the argument Username can lead to command injection. The attack may be launched remotely. Upgrading to versio...

9.8CVSS0.01583EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/02/08 2:32 a.m.3 views

CVE-2026-2131

A vulnerability was identified in XixianLiang HarmonyOS-mcp-server 0.1.0. This vulnerability affects the function inputtext. The manipulation of the argument text leads to os command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used...

6.5CVSS6.4AI score0.15052EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/02/08 2:32 a.m.28 views

CVE-2026-2131 XixianLiang HarmonyOS-mcp-server input_text os command injection

A vulnerability was identified in XixianLiang HarmonyOS-mcp-server 0.1.0. This vulnerability affects the function inputtext. The manipulation of the argument text leads to os command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used...

6.5CVSS0.15052EPSS
Exploits1References4
OSV
OSVadded 2026/02/08 2:15 a.m.1 views

CVE-2026-2129

A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...

7.2CVSS5.7AI score0.04317EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/08 2:2 a.m.4 views

CVE-2026-2130

A vulnerability was determined in BurtTheCoder mcp-maigret up to 1.0.12. This affects an unknown part of the file src/index.ts of the component searchusername. Executing a manipulation of the argument Username can lead to command injection. The attack may be launched remotely. Upgrading to versio...

6.5CVSS6.2AI score0.01583EPSS
Exploits0References9Affected Software1
EUVD
EUVDadded 2026/02/08 1:32 a.m.6 views

EUVD-2026-5819

A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...

8.6CVSS6.8AI score0.04317EPSS
Exploits1References5
OSV
OSVadded 2026/02/08 1:16 a.m.2 views

CVE-2026-2120

A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/setserversettings of the component Configuration Parameter Handler. The manipulation of the argument terminaladdr/serverip/serverport leads to os command injection. The attack may be...

7.2CVSS5.6AI score0.03916EPSS
Exploits1References5
NVD
NVDadded 2026/02/08 1:16 a.m.5 views

CVE-2026-2118

A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument IspName can lead to command injection. The attack can be launched remotely. The...

8.6CVSS0.04239EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/08 12:32 a.m.4 views

CVE-2026-2120

A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/setserversettings of the component Configuration Parameter Handler. The manipulation of the argument terminaladdr/serverip/serverport leads to os command injection. The attack may be...

8.6CVSS6.8AI score0.03916EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2026/02/08 12:32 a.m.3 views

EUVD-2026-5826

A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/setserversettings of the component Configuration Parameter Handler. The manipulation of the argument terminaladdr/serverip/serverport leads to os command injection. The attack may be...

8.6CVSS6.8AI score0.03916EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/02/08 12:2 a.m.3 views

CVE-2026-2118 UTT HiPER 810 rehttpd formReleaseConnect sub_4407D4 command injection

A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument IspName can lead to command injection. The attack can be launched remotely. The...

8.6CVSS5.4AI score0.04239EPSS
Exploits1References5
Rows per page
Query Builder