CVE-2026-45628 Dokploy: Command Injection via Unescaped Branch Fields in Deployment Pipeline

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.2 and earlier, Dokploy constructs shell commands using JavaScript template literals and executes them via childprocess.exec which runs through /bin/sh -c. User-supplied branch names, repository URLs, and Docker credentials are...

EUVD-2026-33360

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.2 and earlier, Dokploy constructs shell commands using JavaScript template literals and executes them via childprocess.exec which runs through /bin/sh -c. User-supplied branch names, repository URLs, and Docker credentials are...

CVE-2026-2695 Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises)

A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...

CVE-2025-54460

The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...

redis,valkey -- Denial-of-service valnerability due to malformed ACL selectors

Redis core team reports: An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service.The problem exists in Redis 7.0.0 or newer...

CVE-2024-46890

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 3. The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code...

CVE-2023-25596 Authenticated Sensitive Information Disclosure in ClearPass Policy Manager

A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network...

Multiple Cisco Products Cisco NX-OS System Software TCL Scripting Subsystem Security Bypass Vulnerability

Cisco Multilayer Director Switches are products of Cisco Corporation.Cisco Multilayer Director Switches are switches.Nexus 2000 Series Fabric Extenders are Nexus 2000 Series Array Extenders.NX-OS System Software is a set of operating systems used in them.TCL scripting subsystem is a TCL scripting...