Lucene search
K

741 matches found

EUVD
EUVD
added 2 days ago8 views

EUVD-2026-39510

File Browser: Command Injection via Authentication Hook Shell Substitution Pre-Authentication RCE...

9.3CVSS6.1AI score0.00533EPSS
Exploits0References2
NVD
NVD
added 5 days ago11 views

CVE-2026-34152

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, pre-deployment and post-deployment commands are single-quote escaped but then sent through SSH heredoc transport that preserves newlines, allowing an authenticated user to...

8.8CVSS0.00372EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-34035

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, log drain secret and environment values were interpolated into shell commands without sufficient encoding, allowing an authenticated user to inject commands executed on the...

8.8CVSS6AI score0.0034EPSS
Exploits0References4Affected Software1
OSV
OSV
added 6 days ago5 views

BIT-PYTHON-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References58
OSV
OSV
added 2026/06/26 9:46 p.m.5 views

GHSA-F5GC-QXF8-MH9G php-weasyprint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc)

Summary pontedilana/php-weasyprint builds the shell command for WeasyPrint by passing the binary path through escapeshellarg first and then checking the quoted result with isexecutable. On POSIX escapeshellarg'/usr/local/bin/weasyprint' returns '/usr/local/bin/weasyprint' with the single-quote...

8.2CVSS5.8AI score0.00154EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 5:49 p.m.39 views

CVE-2026-54088

File Browser (web UI) before version 2.63.6 is affected by a pre-authentication RCE. The Hook Authentication feature interpolates user-supplied credentials into a shell command using os.Expand without sanitization, enabling unauthenticated remote attackers to inject shell metacharacters in the lo...

9.3CVSS6.3AI score0.00533EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:12 a.m.30 views

CVE-2026-8665 OS Command Injection in Rapid7 InsightConnect Translate Plugin

OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to insufficient input sanitization in shell command construction...

7.7CVSS0.00675EPSS
Exploits0References1
NVD
NVD
added 2026/06/20 2:16 p.m.22 views

CVE-2022-50972

WooCommerce 7.1.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary PHP code by injecting shell commands through the product-type parameter. Attackers can send requests to the class-wc-meta-box-product-images.php endpoint with unsanitized product-type value...

9.8CVSS0.00629EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 5:16 p.m.9 views

CVE-2026-49260

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, pontedilana/php-weasyprint builds the shell command for WeasyPrint by passing the binary path through escapeshellarg first and then checking the quoted result with isexecutable. On POSIX...

8.2CVSS0.00154EPSS
Exploits0References4
CVE
CVE
added 2026/06/12 7:59 p.m.17 views

CVE-2026-42850

CVE-2026-42850 affects the Kitty terminal (GPU-based, cross-platform). In versions prior to 0.47.0, an injection is possible through a crafted kitty error that is echoed back to the terminal with CRLF and executed by the user’s shell. The attack requires the victim to connect to the attacker (e.g...

8.8CVSS5.5AI score0.00287EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.11 views

CVE-2026-45564

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions////save interpolates the URL-path configver parameter directly into a config-version path that ends up at os.systemf"dos2unix -q cfg". configver is not run...

8.8CVSS5.5AI score0.00304EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 1:23 p.m.31 views

CVE-2026-9279

Logseq contains an IPC handler that lets the renderer execute shell commands. Although an allowlist restricts the command name (e.g., git, pandoc, grep), the argument string is concatenated with the command and passed to child_process.spawn with shell: true, allowing shell metacharacters to bypas...

8.7CVSS6.7AI score0.0027EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/09 12:0 a.m.13 views

Security update for agama-web-ui (moderate)

openSUSE security update: security update for agama-web-ui ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20919-1 Rating: moderate References: bsc1246678 bsc1264160 bsc1264802 bsc1266256 Cross-References: CVE-2025-7339 CVE-2026-42041 CVE-2026-42264...

9.2CVSS6.3AI score0.00848EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.13 views

CVE-2026-49196

The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands...

8.6CVSS5.8AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 6:0 p.m.39 views

CVE-2026-45748 Termix Vulnerable to Remote Code Execution via SSH Tunnel Forward Command Injection

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The POST /ssh/tunnel/connect endpoint in Termix prior to version 2.3.2 builds an SSH tunnel command by interpolating user-controlled host record fields endpointIP, endpointUsername,...

9.8CVSS0.01729EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 5:2 p.m.10 views

CVE-2026-10796

nvm Node Version Manager through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as nvm install read the available versions from the mirror's index.tab and use the selected version, without sanitization, to build download URLs...

7.5CVSS6.1AI score0.00464EPSS
Exploits1References5
Debian
Debian
added 2026/05/26 9:9 p.m.21 views

[SECURITY] [DSA 6300-1] node-shell-quote security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6300-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 26, 2026 https://www.debian.org/security/faq -...

9.2CVSS5.7AI score0.00848EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/05/21 1:24 p.m.12 views

CVE-2026-44076

A flaw was found in Netatalk. A local user with high privileges could exploit this vulnerability by injecting shell commands through a crafted volume path. This shell injection could lead to arbitrary code execution, allowing the attacker to gain full control over the affected system...

6.7CVSS6AI score0.0013EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in sssd

A flaw was discovered in SSSD, where the sssctl command was vulnerable to shell command injection through the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into executing a specially crafted sssctl command, such as using sudo, in order to gain root...

9.3CVSS6.6AI score0.02524EPSS
Exploits0References2
NVD
NVD
added 2026/05/18 9:16 p.m.33 views

CVE-2026-27130

Dokploy is a free, self-hostable Platform as a Service PaaS. Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application...

9.9CVSS0.00985EPSS
Exploits0References2
Rows per page
Query Builder