CVE-2026-44358

Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path for both binary...

Adobe FrameMaker 2022 < 17.0.9 (2022.0.9) Multiple Vulnerabilities (APSB26-36)

The version of Adobe FrameMaker installed on the remote Windows host is prior to Adobe FrameMaker 2022 17.0.9. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-36 advisory. - Access of Resource Using Incompatible Type 'Type Confusion' CWE-843 potentially leading ...

EUVD-2025-209103

Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR...

CVE-2025-15616 Wazuh Agent and Manager OS Command Injection and Untrusted Search Path

Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR...

CVE-2025-15616

Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR...

PT-2026-28279

Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR...

CVE-2026-25792

Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and below have untrusted executable search path / binary hijacking vulnerability that allows a local attacker to execute arbitrary code when the affected Windows application launches explorer.exe without using an absolute...

CVE-2026-25792 Greenshot Vulnerable to OS Command Injection via ExternalCommand Plugin

Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and below have untrusted executable search path / binary hijacking vulnerability that allows a local attacker to execute arbitrary code when the affected Windows application launches explorer.exe without using an absolute...

CVE-2026-21333 Illustrator | Untrusted Search Path (CWE-426)

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21333 Illustrator | Untrusted Search Path (CWE-426)

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

GHSA-JQPQ-MGVM-F9R6 OpenClaw: Command hijacking via unsafe PATH handling (bootstrapping + node-host PATH overrides)

Command hijacking via PATH handling Discovered: 2026-02-04 Reporter: @akhmittra Summary OpenClaw previously accepted untrusted PATH sources in limited situations. In affected versions, this could cause OpenClaw to resolve and execute an unintended binary "command hijacking" when running host...

OpenClaw has an arbitrary transcript path file write via gateway sessionFile

Summary In OpenClaw versions prior to 2026.2.12, the gateway accepted an untrusted sessionFile path when resolving the session transcript file. This could allow an authenticated gateway client to create and append OpenClaw session transcript records at an arbitrary path on the gateway host...

CVE-2026-0662

A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized...

CVE-2026-0662

A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized...

MiracleLinux 4 : xorg-x11-apps-7.6-6.AXS4, xorg-x11-utils-7.5-6.AXS4, xorg-x11-server-utils-7.5-13.AXS4 (AXSA:2013-314:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-314:01 advisory. xorg-x11-apps A collection of common X Window System applications. xorg-x11-server-utils A collection of utilities used to tweak and query the runtime...

MiracleLinux 3 : elinks-0.11.1-6AXS3.1 (AXSA:2009-406:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2009-406:01 advisory. Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage...

MiracleLinux 3 : python-2.4.3-43.0.1.AXS3 (AXSA:2011-10:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-10:01 advisory. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules,...

Adobe Acrobat < 20.005.30838 / 24.001.30307 / 25.001.20997 Multiple Vulnerabilities (APSB25-119)

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 20.005.30838, 24.001.30307, or 25.001.20997. It is, therefore, affected by multiple vulnerabilities. - Out-of-bounds Read CWE-125 potentially leading to Arbitrary code execution CVE-2025-64899 - Untrusted Sear...

Adobe Reader < 20.005.30838 / 25.001.20997 Multiple Vulnerabilities (APSB25-119)

The version of Adobe Reader installed on the remote Windows host is a version prior to 20.005.30838 or 25.001.20997. It is, therefore, affected by multiple vulnerabilities. - Out-of-bounds Read CWE-125 potentially leading to Arbitrary code execution CVE-2025-64899 - Untrusted Search Path CWE-426...

CVE-2025-12819

Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage...