PT-2026-33086

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

CVE-2026-25691

A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with...

CVE-2025-61624

An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...

CVE-2026-25691

A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with...

GHSA-XRXF-JGV3-QMRM OpenAI Codex CLI enables code execution through malicious MCP (Model Context Protocol) configuration files

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

CVE-2025-61260

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

CVE-2025-61260

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

OpenAI Codex CLI 安全漏洞

OpenAI Codex CLI is a lightweight coding agent software developed by OpenAI and run in the terminal. OpenAI Codex CLI versions prior to v0.23.0 have security vulnerabilities; these vulnerabilities stem from automatically loading malicious MCP configuration files, which may allow arbitrary code to...

Fortinet FortiSandbox 路径遍历漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device offers features such as dual sandbox technology, dynamic threat intelligence systems, a real-time control panel, and reporting capabilities. Fortinet FortiSandbox h...

Fortinet Fortigate Path Traversal in CLI (FG-IR-26-122)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-122 advisory. - An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS...

CVE-2025-61260

The CVE-2025-61260 issue affects the OpenAI Codex CLI, specifically versions prior to 0.23.0. The root cause is improper handling of repository-local configuration files (notably .env and .codex/config.toml) that are loaded automatically when the codex command is executed in a malicious or compro...

oci-cli-3.76.2-1.1 on GA media (moderate)

oci-cli-3.76.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10539-1 Rating: moderate Cross-References: CVE-2024-37891 CVE-2024-47081 CVE-2025-47273 CVE-2025-50181 CVE-2025-66418 CVE-2026-21441 CVE-2026-26007 CVSS scores: CVE-2024-37891 SUSE : 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N...

CVE-2026-33948 jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input

jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows validation bypass via embedded NUL bytes. When reading JSON from files or stdin, jq uses strlen to determine buffer length instead of the actual byte...

CVE-2026-21915

A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...

CVE-2026-21916

A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file lin...

Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)

Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...

OPENSUSE-SU-2026:10539-1 oci-cli-3.76.2-1.1 on GA media

These are all security issues fixed in the oci-cli-3.76.2-1.1 package on the GA media of openSUSE Tumbleweed...

GHSA-HR2V-4R36-88HR vulnerabilities

Vulnerabilities for packages: flux, tw, nova, cert-manager-cmctl-fips, helm-operator-fips, kuma, kots, flux-source-controller-fips, nova-fips, trivy-operator, pluto-fips, k8ssandra-client-fips, headlamp-fips, zot, kubescape, trivy-operator-fips, trivy-fips, helm-push, linkerd2-fips, zarf,...

CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: kube-arangodb, kots, istio, zot, cilium-cli, kyverno, flux, gatekeeper, prometheus-operator, cloud-provider-aws, external-dns, nerdctl, fuse-overlayfs-snapshotter, libnvidia-container, kuma, net-kourier, kube-fluentd-operator, chezmoi, kine, aactl, dask-gateway,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: redpanda, kubescape-operator, buildah, go-discover, nri-elasticsearch, opentelemetry-operator, crane, dask-gateway, cortex, rancher-telemetry, kube-state-metrics, oauth2-proxy, kubewatch, logstash-exporter, kubernetes-dashboard, aws-flb-kinesis, spegel, keda, dgraph,...