cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

A threat actor named MrRot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager WHM that could result ...

GHSA-5C46-X3QW-Q7J7 WebdriverIO BrowserStack Service has a Command Injection issue

Summary A command injection vulnerability exists in @wdio/browserstack-service that allows remote code execution RCE when processing git branch names in test orchestration. An attacker can exploit this by providing a malicious git repository with a branch name containing shell command injection...

CVE-2026-42607

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, an authenticated user with administrative privileges can achieve Remote Code Execution RCE by uploading a specially crafted ZIP file through the "Direct Install" tool. While the system attempts to block direct .php file uploads, it fails t...

CVE-2026-31246

GPT-Pilot thru commit 0819827ce20346ef5f25b3fe29293cb448840565 2025-09-03 contains a command injection vulnerability CWE-78 in the Executor.run method. During project execution, when the system prompts the user to confirm or modify a command to be run, it accepts free-text input without proper...

EUVD-2026-29051

A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...

CVE-2026-42607 Grav: Remote Code Execution (RCE) via Malicious Plugin ZIP Upload in Direct Install Feature

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, an authenticated user with administrative privileges can achieve Remote Code Execution RCE by uploading a specially crafted ZIP file through the "Direct Install" tool. While the system attempts to block direct .php file uploads, it fails t...

SUSE CVE-2026-42307

Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL e.g., using the sftp:// or file:// protocol handlers, an attacker can execute arbitrary...

SUSE CVE-2026-44656

Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the pat...

CVE-2026-4802

CVE-2026-4802 describes a remote command-execution flaw in Cockpit, caused by unsanitized user-controlled parameters in crafted links within the system logs UI. An attacker can inject shell metacharacters and command substitutions to run arbitrary commands on the host, potentially leading to full...

DrayTek - Remote Code Execution

DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta devices allow remote code execution as root without authentication via shell metacharacters to the cgi-bin/mainfunction.cgi URI. id: CVE-2020-8515 info: name: DrayTek - Remote Code Execution...

PT-2026-39859

Name of the Vulnerable Software and Affected Versions DeepChat versions prior to 1.0.4-beta.1 Description An incomplete mitigation for a previous issue allows for an arbitrary protocol execution bypass, which can lead to remote code execution RCE. While restrictions were applied to the...

📄 Oracle WebLogic WLS-WSAT XMLDecoder Remote Code Execution

This script is a Python-based proof of concept exploit targeting a deserialization vulnerability in Oracle WebLogic Server's WLS-WSAT component. The vulnerability allows unauthenticated attackers to execute arbitrary system commands via crafted SOAP requests sent to the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-paramiko (UTSA-2026-017484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017484 advisory. Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attac...

📄 MATLAB R2024a Code Execution / Information Disclosure

MATLAB R2024a suffers from a remote code execution vulnerability as well as a sandbox escape that allows for information disclosure. ================================================================================================================================== | Title : MATLAB R2024a RCE | |...

Cisco Unity Connection Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)

According to its self-reported version, Cisco Unity Connection is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unity Connection due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after...

CVE-2026-31246

GPT-Pilot thru commit 0819827ce20346ef5f25b3fe29293cb448840565 2025-09-03 contains a command injection vulnerability CWE-78 in the Executor.run method. During project execution, when the system prompts the user to confirm or modify a command to be run, it accepts free-text input without proper...

CVE-2026-31246

GPT-Pilot (through commit 0819827ce20346ef5f25b3fe29293cb448840565) contains a command injection vulnerability (CWE-78) in the Executor.run() path. User prompts to confirm/modify a command are accepted as free-text and directly passed to asyncio.create_subprocess_shell(), enabling an attacker to ...

PT-2026-39742

CVE-2026-20352 iOS 26.3-Research A Public Open-Source research framework with .py and .sh files created for analyzing iOS 26.3 security mechanisms. This project is designed to be advanced through the collective in... https://t.co/5O6AR6f6H7...

EUVD-2021-34803

TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute...

EUVD-2021-34798

e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permissions to execute arbitrary commands by uploading malicious theme files. Attackers can upload a crafted theme package through the theme.php endpoint that deploys a web shell ...