4 matches found
CVE-2026-30313
DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on string-based parsing to validate commands; while it intercepts dangerous operators such as ;, &&, ||, |, and...
PT-2026-24747
Name of the Vulnerable Software and Affected Versions Cursor versions prior to 2.0 Description Cursor is a code editor designed for programming with AI. Prior to version 2.0, if a visited website contained maliciously crafted instructions, the model could attempt to follow them to assist the user...
CVE-2022-2310
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of...
CVE-2018-7932
Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious Javascript loaded and run in the sma...