Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/04/07 5:3 p.m.3 views

CVE-2026-34977

Aperi'Solve is an open-source steganalysis web platform. Prior to 3.2.1, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. This password is then directly passed into an expect command, which is then subsequently passed into a bash -c command, without any form o...

9.8CVSS5.9AI score0.00775EPSS
Exploits1References1
NVD
NVD
added 2026/04/06 5:17 p.m.10 views

CVE-2026-34977

Aperi'Solve is an open-source steganalysis web platform. In versions 3.1.3 through 3.2.0, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. This password is then directly passed into an expect command, which is then subsequently passed into a bash -c command,...

9.8CVSS0.00775EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/04/06 4:16 p.m.20 views

CVE-2026-34977 Aperi'Solve Affected by Unauthenticated RCE via JPSeek Analyzer Command

Aperi'Solve is an open-source steganalysis web platform. In versions 3.1.3 through 3.2.0, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. This password is then directly passed into an expect command, which is then subsequently passed into a bash -c command,...

9.3CVSS0.00775EPSS
Exploits1References7
EUVD
EUVD
added 2026/04/06 4:16 p.m.3 views

EUVD-2026-19361

Aperi'Solve is an open-source steganalysis web platform. Prior to 3.2.1, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. This password is then directly passed into an expect command, which is then subsequently passed into a bash -c command, without any form o...

9.3CVSS5.9AI score0.00775EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/06 4:16 p.m.1 views

CVE-2026-34977 Aperi'Solve Affected by Unauthenticated RCE via JPSeek Analyzer Command

Aperi'Solve is an open-source steganalysis web platform. In versions 3.1.3 through 3.2.0, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. This password is then directly passed into an expect command, which is then subsequently passed into a bash -c command,...

9.3CVSS5.9AI score0.00775EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/04/06 4:16 p.m.2 views

CVE-2026-34977

Aperi'Solve is an open-source steganalysis web platform. In versions 3.1.3 through 3.2.0, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. This password is then directly passed into an expect command, which is then subsequently passed into a bash -c command,...

9.8CVSS5.9AI score0.00775EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2026/04/06 4:16 p.m.27 views

CVE-2026-34977

Aperi'Solve is an open-source steganalysis web platform. Prior to version 3.2.1, uploading a JPEG with an optional password leads the password to be passed into an expect command and then into a bash -c command without sanitization. An unauthenticated attacker can achieve root-level RCE inside th...

9.8CVSS5.9AI score0.00775EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.11 views

PT-2026-30676

Name of the Vulnerable Software and Affected Versions Aperi'Solve versions prior to 3.2.1 Description Aperi'Solve, an open-source steganalysis web platform, is susceptible to an unauthenticated remote code execution RCE vulnerability. When uploading a JPEG file, a user-provided password is direct...

9.8CVSS6.5AI score0.00775EPSS
Exploits1References12
Rows per page
Query Builder