CVE-2026-25044

Budibase (open-source low-code platform) contains a command-injection vulnerability prior to version 3.33.4. The bash automation step executes user-provided commands via execSync without proper sanitization or validation. User input is processed through processStringSync, which allows template in...

CVE-2026-25044 Budibase: Command Injection in Bash Automation Step

Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided commands using execSync without proper sanitization or validation. User input is processed through processStringSync which allows template interpolation, potentially allowing...

CVE-2026-25044 Budibase: Command Injection in Bash Automation Step

Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided commands using execSync without proper sanitization or validation. User input is processed through processStringSync which allows template interpolation, potentially allowing...

PT-2026-30192

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.33.4 Description Budibase, an open-source low-code platform, is susceptible to Remote Code Execution RCE. An unauthenticated attacker can trigger this by exploiting a public webhook endpoint to execute a Bash step...

PT-2026-30171

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.33.4 Description Budibase, an open-source low-code platform, prior to version 3.33.4, allows arbitrary command execution through the bash automation step. This occurs because user-provided commands are executed usi...

Budibase 操作系统命令注入漏洞

Budibase is an open-source low-code platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.33.4 contained a vulnerability related to operating system command injection. This...

CVE-2026-34430

ByteDance DeerFlow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...

CVE-2026-0596

A command injection vulnerability exists in mlflow/mlflow when serving a model with enablemlserver=True. The modeluri is embedded directly into a shell command executed via bash -c without proper sanitization. If the modeluri contains shell metacharacters, such as $ or backticks, it allows for...

CVE-2026-34430

ByteDance DeerFlow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...

CVE-2026-34430 ByteDance DeerFlow LocalSandboxProvider Host Bash Escape

ByteDance Deer-Flow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...

CVE-2026-34430

CVE-2026-34430 affects ByteDance DeerFlow versions before commit 92c7a20. A sandbox escape exists in the bash tool handling, allowing an attacker to bypass regex-based validation via shell features (e.g., directory changes, relative paths) and exploit incomplete shell semantics modeling to read/m...

CVE-2026-34430 ByteDance DeerFlow LocalSandboxProvider Host Bash Escape

ByteDance DeerFlow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...

PT-2026-29827

CHAMP: Description Summary The ollamaStartupProbeScript function in internal/modelcontroller/engine ollama.go constructs a shell command string using fmt.Sprintf with unsanitized model URL components ref, modelParam. This shell command is executed via bash -c as a Kubernetes startup probe. An...

PT-2026-29522

Name of the Vulnerable Software and Affected Versions ByteDance Deer-Flow versions prior to commit 92c7a20 Description ByteDance Deer-Flow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling. This allows attackers to execute arbitrary commands on the host...

EUVD-2026-17415

A command injection vulnerability exists in mlflow/mlflow when serving a model with enablemlserver=True. The modeluri is embedded directly into a shell command executed via bash -c without proper sanitization. If the modeluri contains shell metacharacters, such as $ or backticks, it allows for...

CVE-2026-0596 Command Injection in mlflow/mlflow

A command injection vulnerability exists in mlflow/mlflow when serving a model with enablemlserver=True. The modeluri is embedded directly into a shell command executed via bash -c without proper sanitization. If the modeluri contains shell metacharacters, such as $ or backticks, it allows for...

PT-2026-29269

Name of the Vulnerable Software and Affected Versions mlflow/mlflow affected versions not specified Description A command injection issue exists in mlflow/mlflow when serving a model with enable mlserver=True. The model uri is directly incorporated into a shell command executed using bash -c...

MLflow 操作系统命令注入漏洞

MLFlow is an open-source platform that simplifies machine learning development. It includes features for tracking experiments, packaging code for reproducible executions, and sharing and deploying models. MLFlow has a vulnerability related to operating system command injection. This vulnerability...

GHSA-3298-56P6-RPW2 OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts`

Fixed in OpenClaw 2026.3.24, the current shipping release. Advisory Details Title: Incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in !stop Chat Command via shell-utils.ts Description: Summary The !stop and /bash stop chat command kills background bash processes using SIGKILL directly,...

OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts`

Fixed in OpenClaw 2026.3.24, the current shipping release. Advisory Details Title: Incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in !stop Chat Command via shell-utils.ts Description: Summary The !stop and /bash stop chat command kills background bash processes using SIGKILL directly,...