Froxlor has an authorization bypass in FTP shell assignment via missing server-side `available_shells` enforcement

Summary Froxlor 2.3.6 lets administrators configure system.availableshells as the approved shell list that customers may assign to FTP users. However, the server-side FTP account handlers do not enforce that whitelist when processing add or edit requests. As a result, an authenticated customer wi...

CVE-2026-32225

CVE-2026-32225 pertains to a Windows Shell security feature bypass. The entry indicates a remote-accessible vulnerability with NETWORK attack vector, requiring user interaction, and impacts confidentiality, integrity, and availability (all HIGH). The CVSSv3.1 base score is 8.8 (HIGH) with an Offi...

KB5082063: Windows Server 2025 Security Update (April 2026)

The remote Windows host is missing security update 5082063. It is, therefore, affected by multiple vulnerabilities - Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. CVE-2026-33824 - Protection mechanism failure in Windows Shell allows an...

CVE-2026-32023

OpenClaw versions prior to 2026.2.24 contain an approval gating bypass vulnerability in system.run allowlist mode where nested transparent dispatch wrappers can suppress shell-wrapper detection. Attackers can exploit this by chaining multiple dispatch wrappers like /usr/bin/env to execute /bin/sh...

EUVD-2025-208246

Multiple authenticated OS command injection vulnerabilities exist in the Cohesity formerly Stone Ram TranZman 4.0 Build 14614 through TZM1757588060SEP2025FULL.depot web application API endpoints including Scheduler and Actions pages. The appliance directly concatenates user-controlled parameters...

Exploit for Protection Mechanism Failure in Microsoft

CVE-2026-21510 - Windows Shell Security Feature Bypass Vulnera...

Microsoft Patch Tuesday for February 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for February 2026, which includes 59 vulnerabilities affecting a range of products, including two that Microsoft marked as "Critical". CVE-2026-21522 is a critical elevation of privilege vulnerability affecting Microsoft ACI Confidential...

CVE-2021-31580

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...

Security Bulletin: Multiple vulnerabilities in IBM QRadar SIEM

Summary Multiple vulnerabilities were addressed in IBM QRadar SIEM version 7.5.0 UP14 IF02 Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrit...

EUVD-2025-199745

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

Exploit for CVE-2025-11534

Raisecomm RAX701-GC-WP-01 SSH Authentication Bypass Exploit C...

CVE-2025-11534

The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials...

EUVD-2023-47487

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-20315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the Application menu or Window list GNOME...

CVE-2025-27027 Restricted shell evasion in Radiflow iSAP Smart Collector

A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions...

PT-2025-28859 · Radiflow · Radiflow Isap Smart Collector

Name of the Vulnerable Software and Affected Versions: Radiflow iSAP Smart Collector version 1.20 Description: The issue allows a user with vpuser credentials to bypass restricted shell rbash limitations and access a full-featured Linux shell when connecting to the device via SSH. This is possibl...

F5 F5OS 安全漏洞

F5 F5OS is a proprietary operating system that runs on F5 Corporation's F5 appliances to support its application delivery control and security features. A security vulnerability exists in F5 F5OS that stems from SSH key authentication bypass...

AZL-43762 CVE-2023-48795 affecting package trilead-ssh2 217.8-2

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

AZL-32225 CVE-2023-48795 affecting package packer for versions less than 1.9.5-3

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

CVE-2023-43066

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands...