ROS-20260401-73-0038

Vulnerability in webmin is related to failure to take measures to neutralize special elements used in operating system commands. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

CVE-2026-34585 SiYuan: Stored XSS in imported .sy.zip content leads to arbitrary command execution

SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute values to bypass server-side attribute escaping when an HTML entity is mixed with raw special characters. An attacker can embed a malicious IAL value inside a .sy document,...

CVE-2026-30314

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations...

CVE-2026-34042 act: actions/cache server allows malicious cache injection

act is a project which allows for local running of github actions. Prior to version 0.2.86, act's built in actions/cache server listens to connections on all interfaces and allows anyone who can connect to it including someone anywhere on the internet to create caches with arbitrary keys and...

PT-2026-29271

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations...

Cline 安全漏洞

Cline is an AI programming assistant that serves as an integrated CLI and editor for necboy developers. Cline has a security vulnerability, which stems from OS command injection, potentially leading to remote code execution...

TOTOLINK A3300R 命令注入漏洞

The Totolink A3300R is a wireless router from Totolink. A command injection vulnerability exists in Totolink A3300R version 17.0.0cu.557b20221024, which originates from improper handling of the pptpPassThru parameter by the setVpnPassCfg function in the /cgi-bin/cstecgi.cgi file in the component...

CrewAI 安全漏洞

CrewAI is an open-source code execution and analysis tool component developed by CrewAI. CrewAI has a security vulnerability that stems from incorrect checking of Docker’s running status and reverting to a sandbox setting, which may lead to remote code execution...

OpenOLAT 安全漏洞

OpenOLAT is an open-source web-based e-learning platform used for teaching, learning, assessment, and communication. It serves as a Learning Management System. Versions of OpenOLAT prior to 19.1.31, 20.1.18, and 20.2.5 had security vulnerabilities. These vulnerabilities stemmed from allowing...

CVE-2026-30313

CVE-2026-30313 affects DSAI-Cline’s command auto-approval module. The vulnerability stems from a string-based whitelist that fails to account for raw newline characters in input, allowing an attacker to insert a newline between a whitelisted command and malicious code (for example, git log malici...

📄 Bludit CMS Shell Upload

Bludit CMS versions prior to 3.18.4 have an unrestricted API file upload vulnerability that allows for remote code execution. Exploit Title: Bludit CMS . The uploadFile function performs no file extension or content validation, allowing upload of PHP webshells that execute as www-data. The API...

(0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the allowed commands list. The issue results from the lack of proper...

MAL-2026-2281 Malicious code in roboats-addition (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9c3e8c3efcca9a56765d765638b1f7a25769a8a94693c4f391804337be55fcf During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

CVE-2026-5012 elecV2 elecV2P rpc pm2run os command injection

A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem ear...

CVE-2016-20049

CVE-2016-20049 concerns JAD 1.5.8e-1kali1 and earlier, where a stack-based buffer overflow permits remote code execution. An attacker can supply input exceeding the stack buffer boundary (over ~8150 bytes) to overflow the stack, overwrite the return address, and execute shellcode within the appli...

CVE-2026-33938

A flaw was found in Handlebars. A remote attacker can exploit this vulnerability by manipulating the @partial-block special variable within the template data context. By overwriting @partial-block with a specially crafted Abstract Syntax Tree AST through a helper, a subsequent invocation of...

CVE-2026-4906

A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed...

SUSE CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

CVE-2026-4974

CVE-2026-4974 affects Tenda AC7 firmware version 15.03.06.44. The vulnerability is in the function fromSetSysTime of /goform/SetSysTimeCfg in the POST Request Handler, where manipulating the Time argument can cause a stack-based buffer overflow. This enables remote code execution over the network...

CVE-2026-33654 Zero-Click Indirect Prompt Injection and Authentication Bypass via Email Polling

nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the email channel processing module nanobot/channels/email.py, allowing a remote, unauthenticated attacker to execute arbitrary LLM instructions and subsequently, system tools without...