8056 matches found
Important: Red Hat Security Advisory: RHTAS 1.4.2 - CLI Stack Release
The 1.4.2 release of the RHTAS CLIs. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.4 The RHTAS CLI Stack images for RHTAS 1.4.2...
Issabel Authenticated - Remote Code Execution
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...
Malicious code in base58-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60a7d188e2cd79918987f2008e93bb80ea9979d791b357f8f7cfd892321ded6c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
PYSEC-2026-1147 Apache Airflow Fab Provider Insufficient Session Expiration vulnerability
Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...
GHSA-R275-FR43-PM7Q vulnerabilities
Vulnerabilities for packages: gemini-cli...
CVE-2026-28292 vulnerabilities
Vulnerabilities for packages: gemini-cli...
GHSA-JCXM-M3JX-F287 vulnerabilities
Vulnerabilities for packages: gemini-cli...
CVE-2026-28291 vulnerabilities
Vulnerabilities for packages: gemini-cli...
GHSA-P47F-322F-WHFH vulnerabilities
Vulnerabilities for packages: knative-kafka-broker-fips, zookeeper-fips, cassandra-reaper, kafbat-ui, nacos-docker, akhq, airbyte-server, keycloak-config-cli, zookeeper, ontop, management-api-for-apache-cassandra-4.1, ontop-fips, sonar-scanner-cli, airbyte-server-fips, s3proxy, cassandra-fips,...
GHSA-P47F-322F-WHFH vulnerabilities
Vulnerabilities for packages: zookeeper, cassandra-reaper, akhq, nextflow, keycloak-config-cli, sonar-scanner-cli, cassandra...
EUVD-2026-41463
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025....
CVE-2026-13053 WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI Command Handler
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025....
CVE-2026-13053
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025....
CVE-2026-13053
WatchGuard Fireware OS has an authenticated out-of-bounds write vulnerability in the CLI command handler (CVE-2026-13053). A privileged, authenticated attacker could trigger code execution via a crafted CLI input. Affected versions include Fireware OS 11.0–11.12.4_Update1, 12.0–12.12, and 2025.1–...
CVE-2026-54074 @tinacms/cli: Remote Code Execution via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels
Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...
CVE-2026-54074
Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...
Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts
Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface CLI, compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address range 2a0a:d683::/32 controlled by...
PT-2026-54637
Name of the Vulnerable Software and Affected Versions AWS CLI versions prior to 1.44.78 v1 AWS CLI versions prior to 2.34.29 v2 Description On Unix-like systems where the umask is not configured to restrict file permissions, overly permissive file permissions may allow local users on the same hos...
Malicious code in console-fmt-cli (npm)
Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. console-fmt-cli uses a side-loader technique: it declares decimal-format-core =3.0 as a dependency, which contains a dropper that executes at install time via a postinstall hook. The dropper fetches a...
CVE-2026-13752
Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit this by supplying crafted values to vulnerable command paths, causing Snowflake CLI to execute unintended SQL in the context of the user’s Snowflake session...