Schneider Electric EcoStruxure Automation Expert 代码注入漏洞

Schneider Electric EcoStruxure Automation Expert is a software platform for industrial automation systems from the French company Schneider Electric Schneider Electric. A code injection vulnerability exists in Schneider Electric EcoStruxure Automation Expert, which can be exploited by an attacker...

EUVD-2025-23573

Malicious code in bioql PyPI...

CVE-2025-58764 Claude Code rg command had Command Injection that allowed bypass of user approval prompt for command execution

Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claud...

PT-2025-37055

Name of the Vulnerable Software and Affected Versions: Claude Code versions prior to 1.0.105 Description: Claude Code is an agentic coding tool. A flaw in command parsing allowed a bypass of the Claude Code confirmation prompt, potentially triggering the execution of untrusted commands...

Mandriva Linux Security Advisory : weechat (MDVSA-2013:136)

Updated weechat packages fix security vulnerability : A buffer overflow is causing a crash or freeze of WeeChat 0.36 to 0.39 when decoding IRC colors in strings. The packages have been patched to fix this problem CVE-2012-5854. Untrusted command for function hookprocess in WeeChat before 0.3.9.2...