CVE-2026-42271 LiteLLM: Authenticated command execution via MCP stdio test endpoints

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration i...

Atlona ATOMERX21 - Authenticated Command Injection

// Exploit Title: Atlona AT-OME-RX21 Authenticated Command Injection // Google Dork: N/A // Date: 2025-12-28 // Exploit Author: RIZZZIOM // Vendor Homepage: https://atlona.com // Software Link: https://atlona.com/product/at-ome-rx21/ // Version: Firmware -u -p -l -P -c package main import "bytes"...

EUVD-2026-23521

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resulting in root‑level access...

CVE-2026-35682

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resulting in root‑level access...

CVE-2026-35682 Anviz CX2 Lite Command Injection

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resulting in root‑level access...

CVE-2026-24893 openITCOCKPIT has Authenticated Command Injection Leading to Remote Code Execution via Host Address Macro Expansion

openITCOCKPIT is an open source monitoring tool built for different monitoring engines. openITCOCKPIT Community Edition prior to version 5.5.2 contains a command injection vulnerability that allows an authenticated user with permission to add or modify hosts to execute arbitrary OS commands on th...

CVE-2026-24893

openITCOCKPIT Community Edition

EUVD-2026-17041

In Sofia on Xiongmai DVR/NVR AHB7008T-MH-V2 and NBD7024H-P 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol TCP port 34567 request to the NetWork.NetCommon configuration handler, because system is used...

CVE-2026-33648

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the restreamer endpoint constructs a log file path by embedding user-controlled usersid and liveTransmitionHistoryid values from the JSON request body without any sanitization. This log file path is then...

CVE-2026-27811 Roxy-WI has a Command Injection via diff parameter in config comparison allows authenticated RCE

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.3, a command injection vulnerability exists in the /config/compare///show endpoint, allowed authenticated users to execute arbitrary system commands on the app host. The vulnerability...

CVE-2026-23816

The CVE-2026-23816 entry describes a vulnerability in the command line interface of AOS-CX Switches that could allow an authenticated remote attacker to execute arbitrary OS commands. The CVSSv3.1 base score is 7.2 (HIGH) with network access, low attack complexity, and privileges required: HIGH, ...

CVE-2026-23816 Authenticated Command Injection found in admin AOS-CX CLI command

A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

CVE-2026-23814 Authenticated Command Injection found in AOS-CX CLI Command

A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior...

Exploit for OS Command Injection in Gl-Inet Gl-Mt300N-V2_Firmware

GL-InjectoR: CVE-2022-31898 Authenticated Command Injection in...

CVE-2026-28774

The CVE concerns IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface (version 101) where the web-based Traceroute diagnostic utility is vulnerable. An authenticated attacker can inject arbitrary shell metacharacters into the flags parameter, resulting in OS command execution with ...

CVE-2025-63911

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability...

CVE-2024-55022

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter...

CVE-2024-55022

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter...

PT-2026-22772

Multiple authenticated OS command injection vulnerabilities exist in the Cohesity formerly Stone Ram TranZman 4.0 Build 14614 through TZM 1757588060 SEP2025 FULL.depot web application API endpoints including Scheduler and Actions pages. The appliance directly concatenates user-controlled paramete...

CVE-2025-63911

CVE-2025-63911 affects Cohesity TranZman Migration Appliance Release 4.0 Build 14614. The issue is an authenticated command injection in the CLISH restricted shell (CLISH Command Injection). According to connected advisories, the vulnerability is rated CVSS v3.1 by the CVE entry with a base score...