Lucene search
K

278 matches found

Github Security Blog
Github Security Blog
added 2026/03/03 9:37 p.m.6 views

OpenClaw Windows Scheduled Task script generation allowed local command injection via unsafe cmd argument handling

Summary OpenClaw Windows Scheduled Task script generation allowed unsafe argument handling in generated gateway.cmd files. In vulnerable versions, cmd metacharacter-only values could be emitted without safe quoting/escaping, which could lead to unintended command execution when the scheduled task...

7.8CVSS6.1AI score0.00571EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.4 views

PT-2026-26234

Summary OpenClaw Windows Scheduled Task script generation allowed unsafe argument handling in generated gateway.cmd files. In vulnerable versions, cmd metacharacter-only values could be emitted without safe quoting/escaping, which could lead to unintended command execution when the scheduled task...

8.5CVSS6AI score0.00571EPSS
Exploits0References11
The Hacker News
The Hacker News
added 2026/02/27 10:6 a.m.9 views

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan RAT. "A malicious downloader staged a portable Java runtime and executed a malicious Java archive JAR file named...

6.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/24 1:34 p.m.7 views

CVE-2026-2979

A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function useravataruploadcontroller of the file /backend/app/api/v1/modulesystem/user/controller.py of the component Scheduled Task API. Executing a manipulation can lead to unrestricted upload. The attack can be launched...

8.8CVSS5.2AI score0.00294EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/24 1:33 p.m.6 views

CVE-2026-2978

A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function uploadfilecontroller of the file /backend/app/api/v1/modulesystem/params/controller.py of the component Scheduled Task API. Performing a manipulation results in unrestricted upload. The attack can be...

8.8CVSS5.2AI score0.00345EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/24 7:30 a.m.6 views

CVE-2026-2977

A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function uploadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Scheduled Task API. Such manipulation leads to unrestricted upload. It is possible to launch the atta...

8.8CVSS6AI score0.00293EPSS
Exploits1References1
NVD
NVD
added 2026/02/23 9:17 a.m.11 views

CVE-2026-2979

A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function useravataruploadcontroller of the file /backend/app/api/v1/modulesystem/user/controller.py of the component Scheduled Task API. Executing a manipulation can lead to unrestricted upload. The attack can be launched...

8.8CVSS0.00294EPSS
Exploits1References4
OSV
OSV
added 2026/02/23 9:17 a.m.6 views

CVE-2026-2979

A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function useravataruploadcontroller of the file /backend/app/api/v1/modulesystem/user/controller.py of the component Scheduled Task API. Executing a manipulation can lead to unrestricted upload. The attack can be launched...

8.8CVSS5.4AI score0.00294EPSS
Exploits1References4
NVD
NVD
added 2026/02/23 8:16 a.m.17 views

CVE-2026-2978

A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function uploadfilecontroller of the file /backend/app/api/v1/modulesystem/params/controller.py of the component Scheduled Task API. Performing a manipulation results in unrestricted upload. The attack can be...

8.8CVSS0.00345EPSS
Exploits1References4
OSV
OSV
added 2026/02/23 8:16 a.m.6 views

CVE-2026-2977

A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function uploadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Scheduled Task API. Such manipulation leads to unrestricted upload. It is possible to launch the atta...

8.8CVSS5.4AI score0.00293EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/23 8:2 a.m.28 views

CVE-2026-2979 FastApiAdmin Scheduled Task API controller.py user_avatar_upload_controller unrestricted upload

A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function useravataruploadcontroller of the file /backend/app/api/v1/modulesystem/user/controller.py of the component Scheduled Task API. Executing a manipulation can lead to unrestricted upload. The attack can be launched...

6.5CVSS0.00294EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/23 8:2 a.m.3 views

CVE-2026-2979

A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function useravataruploadcontroller of the file /backend/app/api/v1/modulesystem/user/controller.py of the component Scheduled Task API. Executing a manipulation can lead to unrestricted upload. The attack can be launched...

6.5CVSS6.2AI score0.00294EPSS
Exploits1References4
CVE
CVE
added 2026/02/23 8:2 a.m.29 views

CVE-2026-2979

CVE-2026-2979 affects FastApiAdmin up to 2.2.0. The vulnerability is in the function user_avatar_upload_controller of /backend/app/api/v1/module_system/user/controller.py (Scheduled Task API). A manipulation can cause unrestricted file upload, enabling a remote attacker to upload arbitrary files....

8.8CVSS6.2AI score0.00294EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/23 7:32 a.m.29 views

CVE-2026-2978 FastApiAdmin Scheduled Task API controller.py upload_file_controller unrestricted upload

A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function uploadfilecontroller of the file /backend/app/api/v1/modulesystem/params/controller.py of the component Scheduled Task API. Performing a manipulation results in unrestricted upload. The attack can be...

6.5CVSS0.00345EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/23 7:32 a.m.5 views

CVE-2026-2978 FastApiAdmin Scheduled Task API controller.py upload_file_controller unrestricted upload

A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function uploadfilecontroller of the file /backend/app/api/v1/modulesystem/params/controller.py of the component Scheduled Task API. Performing a manipulation results in unrestricted upload. The attack can be...

6.5CVSS6.3AI score0.00345EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/23 7:32 a.m.4 views

CVE-2026-2978

A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function uploadfilecontroller of the file /backend/app/api/v1/modulesystem/params/controller.py of the component Scheduled Task API. Performing a manipulation results in unrestricted upload. The attack can be...

6.5CVSS6.3AI score0.00345EPSS
Exploits1References4
CVE
CVE
added 2026/02/23 7:32 a.m.24 views

CVE-2026-2978

CVE-2026-2978 relates to FastApiAdmin (up to 2.2.0) and affects the file path /backend/app/api/v1/module_system/params/controller.py, specifically the upload_file_controller function of the Scheduled Task API. The vulnerability arises from input manipulation that permits unrestricted file uploads...

8.8CVSS6.3AI score0.00345EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/23 7:2 a.m.29 views

CVE-2026-2977 FastApiAdmin Scheduled Task API controller.py upload_controller unrestricted upload

A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function uploadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Scheduled Task API. Such manipulation leads to unrestricted upload. It is possible to launch the atta...

6.5CVSS0.00293EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/23 7:2 a.m.6 views

CVE-2026-2977 FastApiAdmin Scheduled Task API controller.py upload_controller unrestricted upload

A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function uploadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Scheduled Task API. Such manipulation leads to unrestricted upload. It is possible to launch the atta...

6.5CVSS6.2AI score0.00293EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/23 7:2 a.m.5 views

CVE-2026-2977

A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function uploadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Scheduled Task API. Such manipulation leads to unrestricted upload. It is possible to launch the atta...

6.5CVSS6.1AI score0.00293EPSS
Exploits1References4
Rows per page
Query Builder