Lucene search
K

2853 matches found

RedhatCVE
RedhatCVE
added 2026/01/24 3:17 a.m.7 views

CVE-2026-0784

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

8.8CVSS6.5AI score0.0148EPSS
Exploits0References1
OSV
OSV
added 2026/01/23 4:16 a.m.4 views

CVE-2026-0786

ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw...

8.8CVSS6.3AI score0.01186EPSS
Exploits0References1
OSV
OSV
added 2026/01/23 3:28 a.m.4 views

CVE-2026-0765 Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability

Open WebUI PIP installfrontmatterrequirements Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists...

8.8CVSS7.7AI score0.01685EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/23 3:28 a.m.3 views

CVE-2026-0758 mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability

mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of mcp-server-siri-shortcuts. An attacker must first obtain the ability to execute low-privileged code on the...

7.8CVSS6.2AI score0.00658EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 3:27 a.m.56 views

CVE-2026-0757 MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability

MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is required to exploit this vulnerability in that the targe...

8.8CVSS0.01253EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 3:26 a.m.15 views

CVE-2026-0756

The CVE-2026-0756 issue affects github-kanban-mcp-server and stems from improper validation of the create_issue input before it is used in a system call, allowing an attacker to execute arbitrary code with the service account privileges, with no authentication required. References indicate this i...

9.8CVSS6.5AI score0.01815EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 3:26 a.m.33 views

CVE-2026-0755 gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability

gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS0.03336EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 3:20 a.m.17 views

CVE-2025-15061

CVE-2025-15061 affects Framelink Figma MCP Server. The flaw is in the fetchWithRetry method, where a user-supplied string is not properly validated before being used in a system call, enabling remote command execution with the service account’s privileges. Attack requires network access and no au...

9.8CVSS6.5AI score0.02127EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/23 3:1 a.m.5 views

CVE-2026-0795 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS6.5AI score0.013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 3:1 a.m.3 views

CVE-2026-0795

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS6.3AI score0.013EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/01/23 3:1 a.m.24 views

CVE-2026-0786

CVE-2026-0786 affects ALGO 8180 IP Audio Alerter devices via the SCI module. The issue is a lack of input validation on a user-supplied string used in a system call, enabling remote code execution in the device context after authentication. Multiple sources confirm the vulnerability, including ZD...

8.8CVSS6.5AI score0.01186EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/01/20 6:16 p.m.6 views

CVE-2025-55423

A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...

9.8CVSS5.8AI score0.03333EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000955)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000955 advisory. The startthread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local...

7.8CVSS7.1AI score0.00446EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001043)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001043 advisory. The rdsibladdrcheck function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service NULL pointer dereference and system...

4.7CVSS7.2AI score0.00476EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 7 : kernel-3.10.0-693.21.1.el7 (AXSA:2018-2625:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2625:03 advisory. Kernel: KVM: MMU potential stack buffer overrun during page walks CVE-2017-12188, Important Kernel: KVM: debug exception via syscall emulation...

7.8CVSS7.1AI score0.00698EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000954)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000954 advisory. The rdsiwladdrcheck function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service NULL pointer dereference and system cra...

4.7CVSS7.2AI score0.00403EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001218)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001218 advisory. The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service double free or...

7.8CVSS6.6AI score0.01372EPSS
Exploits5References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001597 advisory. The initnewcontext function in arch/x86/include/asm/mmucontext.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when...

7CVSS6.8AI score0.00376EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000942)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000942 advisory. Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service BUG or possibly have unspecified other...

7.8CVSS7.2AI score0.00493EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000641)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000641 advisory. Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vecto...

10CVSS7.3AI score0.24299EPSS
Exploits0References23
Rows per page
Query Builder