UBUNTU-CVE-2026-44461

Zed is a code editor. Prior to 0.227.1, Zed builds SSH/WSL remote commands as a shell command string that starts with exec env ..., but environment variable keys are inserted without shell quoting or validation. If an attacker can control an environment variable key for example via project termin...

Linux Distros Unpatched Vulnerability : CVE-2026-45570

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, go-git's SSH transport constructs the remote exec...

Arcane Backend: OS Command Injection in Volume Browser ListDirectory via path query parameter

Summary GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitiser blocks ../ traversal but does not strip Bourne-shell metacharacters such as $ or backticks, and...

utcp-cli Vulnerable to Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol

Summary The substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix or powershell.exe -Command Windows, allowing an attacker to...

OPENSUSE-SU-2026:20701-1 Security update for kf6-kcoreaddons

This update for kf6-kcoreaddons fixes the following issues: Changes in kf6-kcoreaddons: - CVE-2026-41526: Fixed arbitrary code execution via improper shell argument quoting boo1263441...

BentoML: Command Injection in cloud deployment setup script

Commit ce53491 March 24 fixed command injection via systempackages in Dockerfile templates and images.py by adding shlex.quote. However, the cloud deployment path in src/bentoml/internal/cloud/deployment.py was not included in the fix. Line 1648 interpolates systempackages directly into a shell...

Renovate vulnerable to arbitrary command injection via helmv3 manager and malicious Chart.yaml file

Summary The user-provided string repository in the helmv3 manager is appended to the helm registry login command without proper sanitization. Details Adversaries can provide a maliciously crafted Chart.yaml in conjunctions with a tweaked Renovate configuration file to trick Renovate to execute...

CVE-2023-40185

shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping or quoting for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expecte...

EUVD-2014-0088

Malware in sbrugna...

GHSA-VXMW-7H4F-HQXH PyPI publish GitHub Action vulnerable to injectable expression expansions in action steps

Summary gh-action-pypi-publish makes use of GitHub Actions expression expansions i.e. $ ... in contexts that are potentially attacker controllable. Depending on the trigger used to invoke gh-action-pypi-publish, this may allow an attacker to execute arbitrary code within the context of a workflow...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...

CLSA-2024-1716272273 less: Fix of CVE-2022-48624

CVE-2022-48624: filename.c: shell-quote filenames when invoking LESSCLOSE...

CLSA-2024-1716272169 less: Fix of CVE-2022-48624

CVE-2022-48624: filename.c: shell-quote filenames when invoking LESSCLOSE...

CLSA-2024-1716271951 less: Fix of CVE-2022-48624

CVE-2022-48624: shell-quote filenames when invoking LESSCLOSE...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...

CLSA-2024-1713523762 Fix CVE(s): CVE-2022-48624

SECURITY UPDATE: shell-quote filenames when invoking LESSCLOSE. - debian/patches/CVE-2022-48624.patch: Fix closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. - CVE-2022-48624...

CLSA-2024-1713523278 less: Fix of CVE-2022-48624

CVE-2022-48624: shell-quote filenames when invoking LESSCLOSE...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...