Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the spawn function. An attacker can execute arbitrary shell commands on the server and access sensitive environment variables, including API keys, authentication secrets, and database credentials, by...

Flowise: File Upload Validation Bypass in createAttachment

Summary In FlowiseAI, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesn’t normally allow JavaScript uploads. This enables attackers to persistently store malicious...

WWBN AVideo: RCE cause by clonesite plugin

Description Summary The cloneServer.json.php endpoint in the CloneSite plugin constructs shell commands using user-controlled input url parameter without proper sanitization. The input is directly concatenated into a wget command executed via exec, allowing command injection. An attacker can inje...

Command Injection

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Command Injection in the cloneServer.json.php endpoint of the CloneSite plugin, where user-controlled input is concatenated into a shell command without proper...

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition via the validateScriptFileForShellBleed function. An attacker can cause the preflight analysis to inspect a different file than the one tha...

CVE-2026-6442

Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent...

Updated cockpit-338 packages fix security vulnerability

Unauthenticated remote code execution due to ssh command-line argument injection. CVE-2026-4631...

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and...

MAL-2026-2795 Malicious code in react-appfabric-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a524b70e3efe81a382327e73d51cabb650ed488156ac7dbe61d61fcbcff68f8 The package react-appfabric-shell was found to contain malicious code...

Malicious code in react-appfabric-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a524b70e3efe81a382327e73d51cabb650ed488156ac7dbe61d61fcbcff68f8 The package react-appfabric-shell was found to contain malicious code...

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine CERT-UA has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and...

[SECURITY] Fedora 43 Update: NetworkManager-ssh-1.4.4-1.fc43

This package contains software for integrating VPN capabilities with the OpenSSH server with NetworkManager...

OpenSSH < 10.3 Multiple Vulnerabilities

The version of OpenSSH installed on the remote host is prior to 10.3. It is, therefore, affected by multiple vulnerabilities as referenced in the release-10.3 advisory. - In OpenSSH before 10.3, validation of shell metacharacters in user names supplied on the command-line was performed too late,...

AlmaLinux 9 : cockpitUnauthenticated remote code execution due to SSH command-line argument injection (Critical) (ALSA-2026:7384)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:7384 advisory. cockpit: ws: be more explicit when handling hostnames on cli CVE-2026-4631 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

Exploit for CVE-2024-12029

Alternative-Approach-Reverse-Shell-Callback-Test-InvokeAI-RCE...

CVE-2026-32202

Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-32151

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network...

CVE-2026-32225

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...

CVE-2026-27918

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Shell allows an authorized attacker to elevate privileges locally...

CVE-2026-26166

Double free in Windows Shell allows an authorized attacker to elevate privileges locally...