54 matches found
CVE-2026-61434
PraisonAI versions before 4.6.78 contain an allowlist bypass vulnerability in shell command execution that allows attackers to execute restricted commands via find's built-in -exec, -execdir, and -delete actions. Attackers can craft find commands with these built-in actions to read blocked files,...
EUVD-2026-42899
PraisonAI versions before 4.6.78 contain an allowlist bypass vulnerability in shell command execution that allows attackers to execute restricted commands via find's built-in -exec, -execdir, and -delete actions. Attackers can craft find commands with these built-in actions to read blocked files,...
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate...
GHSA-77PV-3W4Q-VRJ5 OpenClaw: QQBot pre-dispatch slash commands could skip allowFrom checks
Summary QQBot pre-dispatch slash commands could skip allowFrom checks. In affected versions, a QQBot sender able to invoke slash commands could dispatch the command before applying the configured allowFrom policy. This advisory is scoped to the named feature and configuration. It does not change...
CVE-2026-48721
Warp is an agentic development environment. From 0.2025.10.08.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command execution permission-check bypass in the default unsandboxed CLI agent profile. The CLI profile is non-interactive and relies on a command denylist as a safety...
CVE-2026-53850
OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenticated callers to execute the command without proper authorization checks. Attackers can trigger the focus command to change focus state outside intended caller authority,...
CVE-2026-53828 OpenClaw < 2026.5.6 - Native Command Authorization Bypass via Owner-Command Enforcement
OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured owner-command access contro...
CVE-2026-39420
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LDPRELOAD-based sandbox. By env command the attacker can clear the environment variables and drop...
GHSA-6V7Q-WJVX-W8WG basic-ftp: Incomplete CRLF Injection Protection Allows Arbitrary FTP Command Execution via Credentials and MKD Commands
Summary basic-ftp's CRLF injection protection added in commit 2ecc8e2 for GHSA-chqc-8p9q-pq6q is incomplete. Two code paths bypass the protectWhitespace control character check: 1 the login method directly concatenates user-supplied credentials into USER/PASS FTP commands without any validation,...
zeptoclaw has Android device shell blocklist bypass via argument permutation
Summary zeptoclaw implements a blocklist to prevent dangerous commands running in android device shell, but this blocklist has several blocked commands with argements in the pattern literal, such as rm -f and rm -rf, this can be simply bypassed by using different orders for these arguments, such ...
CVE-2025-66032 Claude Code Command Validation Bypass Allows Arbitrary Code Execution
Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted...
GHSA-7MV8-J34Q-VP7Q @anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes
Due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the...
EUVD-2018-7199
Malware in sbrugna...
EUVD-2014-9455
Malware in sbrugna...
EUVD-2017-15270
Malware in sbrugna...
EUVD-2001-0800
Malware in sbrugna...
EUVD-2024-2796
Malicious code in bioql PyPI...
EUVD-2022-42881
Malicious code in bioql PyPI...
EUVD-2025-8425
Malicious code in bioql PyPI...
CVE-2025-58764
Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claud...