CVE-2026-20063

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

CVE-2026-20008

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

CVE-2026-20017

Cisco Secure FTD Software CLI contains a vulnerability due to insufficient input validation of user-supplied CLI arguments. An authenticated, local attacker with valid admin credentials could execute arbitrary OS commands as root. Impact is privilege escalation with potential for high confidentia...

CVE-2025-15558

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries docker-compose.exe, docker-buildx.exe, etc. that are executed when a...

CVE-2026-20008 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element in the legacy system-wide cli-plugin path. An attacker can gain elevated privileges by placing a crafted binary in C:\ProgramData\Docker\cli-plugins directory that is searched by the application when...

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause a device to execute commands with elevated privileges or reload unexpectedly,...

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

PT-2026-23022

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

Docker CLI 安全漏洞

Docker CLI is a command-line management tool for containerized applications, open-sourced by Docker. Versions of Docker CLI prior to 29.1.5 contain security vulnerabilities. These vulnerabilities stem from an insecure search path for plugin binary files on Windows, which could allow low-privilege...

PT-2026-22939

Name of the Vulnerable Software and Affected Versions Docker CLI versions through 29.1.5 Docker Compose versions 2.31.0 through 5.0.0 Description The Docker CLI for Windows searches for plugin binaries in C:ProgramDataDockercli-plugins, a directory that does not exist by default. An attacker with...

PT-2026-22969

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

GHSA-XC68-RRQC-QGQ3 MCP NMAP Server has an Injection vulnerability

A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function childprocess.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may...

CVE-2026-3484

A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function childprocess.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may...

@oneuptime/cli (>=10.0.10 <=10.0.11) potentially affected by CVE-2026-28787 via @oneuptime/common (>=10.0.10 <=10.0.11)

@oneuptime/common NPM version =10.0.10, =10.0.10, =10.0.11 Source cves: CVE-2026-28787 Source advisory: OSV:GHSA-GJJC-PCWP-C74M...

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: headlamp-fips, k3s, policy-controller, pulumi-kubernetes-operator, keda, spire-server, coredns, seaweedfs, trufflehog-fips, docker-cli-buildx-fips, packer-fips, elastic-agent-fips, conftest-fips, skaffold, rancher-webhook, sftpgo-plugin-kms, eks-distro-fips,...

indexdoc-converter (>=0.2.4 <=0.2.7), pdd-cli (>=0.0.70 <=0.0.233) +1 more potentially affected by CVE-2026-28231 via pillow-heif (>=1.1.1 <=1.2.0)

pillow-heif PYPI version =1.1.1, =0.2.4, =0.0.70, =0.4.0, =0.13.1 Source cves: CVE-2026-28231 Source advisory: SNYK:PYTHON-PILLOWHEIF-15426536...

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions in the clihistory feature. An attacker can access sensitive command history and API request/response data by reading the history database file if it is created with default permissions on a multi-user Unix...

GO-2026-4556 Vikunja has Path Traversal in CLI Restore in code.vikunja.io/api

Vikunja has Path Traversal in CLI Restore in code.vikunja.io/api...

digger-cli-0.6.143-1.1 on GA media (moderate)

digger-cli-0.6.143-1.1 on GA media Announcement ID: openSUSE-SU-2026:10260-1 Rating: moderate Cross-References: CVE-2025-61729 CVSS scores: CVE-2025-61729 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61729 SUSE : 8.7...