Lucene search
K

17012 matches found

CVE
CVE
added 2026/06/10 3:14 a.m.43 views

CVE-2026-24719

CVE-2026-24719 affects QNAP operating systems QTS and QuTS hero. Description: a command-injection vulnerability that can be exploited by an attacker who has obtained an administrator account to execute arbitrary commands. Affected versions include QTS 5.2.9.3492 build 20260507 and later, and QuTS...

8.6CVSS6AI score0.00977EPSS
Exploits0References1Affected Software2
EUVD
EUVD
added 2026/06/10 3:14 a.m.10 views

EUVD-2026-35977

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.00977EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 3:6 a.m.7 views

CVE-2026-22893 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.00988EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 3:4 a.m.35 views

CVE-2025-66273

CVE-2025-66273 is a command-injection vulnerability affecting several QNAP OS versions. If an attacker gains an administrator account, they can execute arbitrary commands. Fixed in QTS 5.2.9.3410 build 20260214 and later, QuTS hero h5.2.9.3410 build 20260214 and later, QuTS hero h5.3.4.3500 build...

8.6CVSS6AI score0.01049EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have an operating system command injection vulnerability. This vulnerability stems from command injection, which...

8.6CVSS6AI score0.01049EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have an operating system command injection vulnerability. This vulnerability stems from command injection, which...

8.6CVSS6AI score0.01049EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/10 12:0 a.m.15 views

VulnCheck KEV: CVE-2026-10520

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution...

10CVSS6.6AI score0.99041EPSS
In wildExploits6References22
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.35 views

CVE-2026-45599 Windows UPnP Device Host Remote Code Execution Vulnerability

...

8.1CVSS0.0052EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:5 p.m.7 views

CVE-2026-45457 Microsoft Word Remote Code Execution Vulnerability

...

7.8CVSS5.4AI score0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.38 views

CVE-2026-47654 Remote Desktop Client Remote Code Execution Vulnerability

...

7.5CVSS0.0055EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:4 p.m.139 views

CVE-2026-45583

CVE-2026-45583 involves Microsoft Exchange Server and is described as an improper control of generation of code (code injection) that enables an unauthenticated attacker to execute code over the network. The CVSS 3.1 base score is 7.5 (HIGH) with NETWORK attack vector, HIGH impact on confidential...

8.1CVSS5.7AI score0.00475EPSS
Exploits0References1Affected Software2
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.9 views

Windows UPnP Device Host Remote Code Execution Vulnerability

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0
EUVD
EUVD
added 2026/06/09 12:33 a.m.9 views

EUVD-2026-35250

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00314EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 12:33 a.m.11 views

EUVD-2026-35249

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00314EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/09 12:31 a.m.61 views

Exploit for Code Injection in Flowiseai Flowise

CVE-2025-59528: Flowise CustomMCP Remote Code Exe...

10CVSS7.7AI score0.90183EPSS
Exploits21
OSV
OSV
added 2026/06/09 12:16 a.m.6 views

DEBIAN-CVE-2026-11680

Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00243EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11670

Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Nuance PowerScribe 360 反序列化漏洞

Microsoft Nuance PowerScribe is a medical speech recognition and report generation system for radiologists developed by Microsoft. There are code-related vulnerabilities in Microsoft Nuance PowerScribe. Attackers can exploit these vulnerabilities to execute code remotely. The following products a...

9.8CVSS5.8AI score0.01914EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Exchange Server 代码注入漏洞

Microsoft Exchange Server is a set of email service programs provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There is a code injection vulnerability in Microsoft Exchange Server. Attackers can explo...

8.1CVSS5.6AI score0.00475EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.18 views

MiracleLinux 8 : samba-4.19.4-16.el8_10.ML.1 (AXSA:2026-767:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-767:06 advisory. samba: group policy certificate enrollment uses without validation CVE-2026-3012 samba: Samba: Remote Code Execution in printing subsystem via...

9.8CVSS5.8AI score0.12797EPSS
Exploits7References4
Rows per page
Query Builder