Lucene search
K

78 matches found

CVE
CVE
added last week12 views

CVE-2026-15035

Bentoml OpenLLM 0.6.30 is affected by a command-injection in async_run_command (src/openllm/common.py, Model Repository Directory Name Handler). The vulnerability stems from manipulation of the cmd argument, enabling local exploitation. Public exploit details exist, and attack requires local acce...

7.8CVSS5.8AI score0.01338EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added last week34 views

CVE-2026-15035 bentoml OpenLLM Model Repository Directory Name common.py async_run_command command injection

A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function asyncruncommand of the file src/openllm/common.py of the component Model Repository Directory Name Handler. Performing a manipulation of the argument cmd results in command injection. Attacking locally is a requirement...

5.3CVSS0.01338EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.6 views

PT-2026-56417

Name of the Vulnerable Software and Affected Versions bentoml OpenLLM version 0.6.30 Description Command injection is possible within the Model Repository Directory Name Handler component. This occurs when the cmd argument is manipulated in the async run command function located in the...

7.8CVSS6.2AI score0.01338EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.12 views

CVE-2026-43990

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's runcommand wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be...

8.4CVSS5.5AI score0.00151EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/20 7:57 a.m.12 views

CVE-2026-45035

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

9.4CVSS5.9AI score0.0038EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 5:16 p.m.53 views

CVE-2026-45035

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

9.4CVSS0.0038EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/15 4:41 p.m.78 views

CVE-2026-45035 Tabby: RCE via `tabby://run` URL Scheme

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

9.4CVSS0.0038EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/15 4:41 p.m.7 views

CVE-2026-45035 Tabby: RCE via `tabby://run` URL Scheme

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

9.4CVSS5.9AI score0.0038EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 4:41 p.m.17 views

CVE-2026-45035

CVE-2026-45035 (Tabby): Before version 1.0.233, Tabby registered a tabby:// URL scheme handler that can run arbitrary OS commands without user confirmation, sanitization, or sandboxing. An attacker can craft a malicious tabby://run?command=... link and deliver it via websites, email, or chat; whe...

9.4CVSS5.9AI score0.0038EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 4:41 p.m.14 views

CVE-2026-45035

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

9.4CVSS5.9AI score0.0038EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/15 4:41 p.m.22 views

EUVD-2026-30568

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

9.4CVSS5.9AI score0.0038EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.12 views

PT-2026-41320

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

9.4CVSS5.9AI score0.0038EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/12 4:47 p.m.34 views

CVE-2026-42045 LobeHub: Cross-Site Scripting(XSS) escalate to Remote Code Execution(RCE)

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/features/Portal/Artifacts/Body/Renderer/index.tsx, if no type match is found, it will choose to call the...

6.2CVSS0.00266EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:47 p.m.6 views

CVE-2026-42045

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/features/Portal/Artifacts/Body/Renderer/index.tsx, if no type match is found, it will choose to call the...

6.2CVSS6.2AI score0.00266EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/05/05 6:4 p.m.9 views

Command Injection

Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...

6.2CVSS6AI score0.00266EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/22 6:31 p.m.7 views

EUVD-2018-21787

Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References5
NVD
NVD
added 2026/04/22 4:16 p.m.8 views

CVE-2018-25271

Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...

6.9CVSS0.00183EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/22 2:57 p.m.6 views

CVE-2018-25271 Textpad 8.1.2 Denial of Service via Run Command

Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/22 2:57 p.m.28 views

CVE-2018-25271 Textpad 8.1.2 Denial of Service via Run Command

Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...

6.9CVSS0.00183EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/22 2:57 p.m.7 views

CVE-2018-25271

Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder