8009 matches found
CVE-2026-12537
Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI versions prior to 0.39.1 and run-gemini-cli GitHub Action versions prior to 0.1.22 on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously...
CVE-2026-12537
Summary (CVE-2026-12537) : The vulnerability affects Google Gemini CLI container launcher (versions prior to 0.39.1) and the run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI platforms. It stems from improper neutralization in an OS command, enabling an unprivileged attacker ...
EUVD-2026-38790
Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI versions prior to 0.39.1 and run-gemini-cli GitHub Action versions prior to 0.1.22 on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously...
CVE-2026-12537 Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows
Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI versions prior to 0.39.1 and run-gemini-cli GitHub Action versions prior to 0.1.22 on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously...
Issabel Authenticated - Remote Code Execution
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...
CVE-2026-53492 vulnerabilities
Vulnerabilities for packages: docker-cli-buildx-fips, trivy, kube-mgmt-fips, trivy-fips, syft, zot, wolfictl, grype-fips, zarf-fips, zarf, cloudbeat, trivy-operator-fips, docker-cli-buildx, kube-mgmt, docker-compose-fips, grype, neuvector-scanner-fips, fuse-overlayfs-snapshotter, kaniko-fips,...
CVE-2026-53489 vulnerabilities
Vulnerabilities for packages: docker-cli-buildx-fips, trivy, kube-mgmt-fips, trivy-fips, syft, zot, wolfictl, grype-fips, zarf-fips, zarf, cloudbeat, trivy-operator-fips, docker-cli-buildx, kube-mgmt, docker-compose-fips, grype, neuvector-scanner-fips, fuse-overlayfs-snapshotter, kaniko-fips,...
CVE-2026-50195 vulnerabilities
Vulnerabilities for packages: docker-cli-buildx-fips, trivy, kube-mgmt-fips, trivy-fips, syft, zot, wolfictl, grype-fips, zarf-fips, zarf, cloudbeat, trivy-operator-fips, docker-cli-buildx, kube-mgmt, docker-compose-fips, grype, neuvector-scanner-fips, fuse-overlayfs-snapshotter, kaniko-fips,...
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: wolfictl, chaos-mesh-fips, steampipe, kube-arangodb-fips, chartmuseum, kgateway-fips, kube-mgmt, docker-compose-fips, neuvector-scanner-fips, helm, gatekeeper, helmfile, kubescape-operator, jfrog-cli, spegel-fips, tw, grype-db, buildkitd, skaffold-fips, xeol-fips,...
CVE-2026-54271 protobufjs-cli: Code injection in pbjs static output from crafted JSON descriptor names
protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.3.2 and 2.5.0, a previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emit unsafe JavaScript references when generating static outp...
CVE-2026-54271
The CVE-2026-54271 entry concerns protobufjs-cli (pbjs) static code generation, where insecure handling of pre-parsed JSON descriptors could lead to attacker-controlled JavaScript in generated output. Concrete details across connected sources show that protobufjs-cli versions prior to the fixed r...
CVE-2026-56236
Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary files or expose credentials with world-readable permissions...
CVE-2026-56236
Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary files or expose credentials with world-readable permissions...
CVE-2026-56236
CVE-2026-56236 affects Capgo CLI prior to 12.128.2. The issue is arbitrary file overwrite in login and build credentials operations that follow symlinks without validation. An attacker can place malicious symlinks in a repository to overwrite arbitrary files or expose credentials with world-reada...
Entire CLI: Path traversal in checkpoint session metadata allows arbitrary file write during resume/rewind
Impact A path traversal vulnerability in Entire CLI allows an attacker with push access to the checkpoints repository to craft malicious checkpoint metadata that causes entire session resume or entire checkpoint rewind to write attacker-controlled transcript data outside of the expected session...
Astra Linux – Vulnerability in docker.io
Docker CLI is the command-line interface for the Docker container runtime. A bug was discovered in Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json, which lists a credsStore or credhelpers that cannot be...
ROOT-APP-GOBINARY-CVE-2025-15558 CVE-2025-15558 in rootio-github.com/docker/cli - Patched by Root
Root has patched CVE-2025-15558 in the rootio-github.com/docker/cli package for Root:Go. Multiple fixed versions available...
CVE-2026-20246
Summary: CVE-2026-20246 affects Cisco Umbrella Virtual Appliance. A vulnerability in the vmadmin CLI allows an authenticated, local attacker with vmadmin privileges to escalate to root by abusing certain commands at the CLI. The root-cause is insufficient validation of user-supplied commands in v...
protobufjs-cli: Code injection in pbjs static output from crafted JSON descriptor names
Summary A previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emit unsafe JavaScript references when generating static output from crafted JSON descriptor input. The common case of parsing schemas fro...
Arbitrary Code Injection
Overview protobufjs-cli is a Translates between file formats and generates static code as well as TypeScript definitions. Affected versions of this package are vulnerable to Arbitrary Code Injection via the pbjs static code generation. An attacker can execute arbitrary code by providing crafted...