174 matches found
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the check field in metadata files due to unsafe execution using /bin/bash -c. An attacker can craft malicious metadata that executes arbitrary shell commands on the victim’s system when common uniget operations suc...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the check field in metadata files due to unsafe execution using /bin/bash -c. An attacker can craft malicious metadata that executes arbitrary shell commands on the victim’s system when common uniget operations suc...
CVE-2026-45036 Tabby auto-confirms ZMODEM detection on terminal output, leading to shell command execution from displayed file content under fish, bash, and zsh
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...
CVE-2026-45036 Tabby auto-confirms ZMODEM detection on terminal output, leading to shell command execution from displayed file content under fish, bash, and zsh
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...
uniget is Vulnerable to Command Injection in tool.Check Leading to Arbitrary Code Execution
I discovered a command injection vulnerability in uniget that allows arbitrary command execution through the metadata loading and version check mechanism. Summary A command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c...
CVE-2026-0596 Command Injection in mlflow/mlflow
A command injection vulnerability exists in mlflow/mlflow when serving a model with enablemlserver=True. The modeluri is embedded directly into a shell command executed via bash -c without proper sanitization. If the modeluri contains shell metacharacters, such as $ or backticks, it allows for...
CVE-2026-32094 Shescape escape() leaves bracket glob expansion active on Bash, BusyBox, and Dash
Shescape is a simple shell escape library for JavaScript. Prior to 2.1.10, Shescapeescape does not escape square-bracket glob syntax for Bash, BusyBox sh, and Dash. Applications that interpolate the return value directly into a shell command string can cause an attacker-controlled value like...
interpreter.htb-SSTI-exploit
Exploitation py...
Brocade Fabric OS < 9.2.1c2 / 9.2.2 < 9.2.2b / 10.0.0 Information Disclosure (CVE-2026-0383)
The version of Brocade FabricOS installed on the remote host is prior to 9.2.1c2, or 9.2.2 prior to 9.2.2b, or 10.0.0 prior to 10.0.0a. It is, therefore, affected by an information disclosure vulnerability: - A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with...
CVE-2026-0383
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...
CVE-2026-0383
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...
CVE-2026-0383
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...
EUVD-2026-5262
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...
CVE-2026-0383 Information disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...
AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities
From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates h...
CVE-2026-24739
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...
Information disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0 (CVE-2026-0383)
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities
Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. Th...
CVE-2021-28497
In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...
Exploit for Deserialization of Untrusted Data in Facebook React
🎯 CVE-2025-55182-advanced-scanner- - Detect and Exploit Vulner...