44800 matches found
CVE-2026-20094 Cisco Integrated Management Controller Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation o...
EUVD-2026-17903
ByteDance Deer-Flow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...
CVE-2026-34430
ByteDance DeerFlow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...
Security Bulletin: IBM Content Navigator uses Apache Commons Collections resulting in multiple CVEs
Summary IBM Content Navigator is affected by CVE-2015-4852, a Deserialization of Untrusted Data vulnerability CWE-502 in Apache Commons Collections, originally identified in Oracle WebLogic Server. A remote attacker could exploit this vulnerability by sending a crafted serialized Java object over...
CVE-2026-30310
In its design for automatic terminal command execution, Sixth offers two options: Execute safe commands and Execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges a command to be...
CVE-2026-30309
InfCode's terminal auto-execution module contains a critical command filtering vulnerability that renders its blacklist security mechanism completely ineffective. The predefined blocklist fails to cover native high-risk commands in Windows PowerShell such as powershell, and the matching algorithm...
PT-2026-29827
CHAMP: Description Summary The ollamaStartupProbeScript function in internal/modelcontroller/engine ollama.go constructs a shell command string using fmt.Sprintf with unsanitized model URL components ref, modelParam. This shell command is executed via bash -c as a Kubernetes startup probe. An...
Debian dsa-6188 : golang-github-canonical-lxd-dev - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6188 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6188-1 [email protected]...
PT-2026-29824
Summary run python in praisonai constructs a shell command string by interpolating user-controlled code into python3 -c "" and passing it to subprocess.run..., shell=True. The escaping logic only handles and ", leaving $ and backtick substitutions unescaped, allowing arbitrary OS command executio...
Cisco Smart Software Manager On-Prem 安全漏洞
Cisco Smart Software Manager On-Prem is a component developed by Cisco, Inc., used for managing licenses of Cisco products. Cisco Smart Software Manager On-Prem has a security vulnerability that arises from the unintentional exposure of internal services, which may allow unverified remote attacke...
PT-2026-29600
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow an unauthenticated user to execute arbitrary commands as lowe...
PT-2026-29664
Name of the Vulnerable Software and Affected Versions goshs versions 1.1.0 through 2.0.0-beta.2 Description goshs, a SimpleHTTPServer written in Go, has a flaw where the Share Token mechanism can be bypassed. This bypass allows unauthorized access to all goshs functionalities, including code...
Incorrect Privilege Assignment
Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the signupHandler in File Browser. An attacker can gain unauthorized command execution capabilities by self-registering when server-side...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the signupHandler in File Browser. An attacker can gain unauthorized command execution capabilities by self-registering when server-side execution is enabled and the default user template includes...
SiYuan: Stored XSS in Attribute View Gallery/Kanban Cover Rendering Allows Arbitrary Command Execution in Desktop Client
Summary An attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From - Asset Field” enabled. The vulnerable code accepts arbitrary https URLs without extensions as images, stores the...
CVE-2026-34448
SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From - Asset Field” enabled. The vulnerable code accepts arbitrary...
CVE-2026-34448 SiYuan: Stored XSS in Attribute View gallery/kanban cover rendering allows arbitrary command execution in the desktop client
SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From - Asset Field” enabled. The vulnerable code accepts arbitrary...
CVE-2026-34448 SiYuan: Stored XSS in Attribute View gallery/kanban cover rendering allows arbitrary command execution in the desktop client
SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From - Asset Field” enabled. The vulnerable code accepts arbitrary...
CVE-2026-34448 SiYuan: Stored XSS in Attribute View gallery/kanban cover rendering allows arbitrary command execution in the desktop client
SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From - Asset Field” enabled. The vulnerable code accepts arbitrary...
CVE-2026-34448
SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From - Asset Field” enabled. The vulnerable code accepts arbitrary...