CVE-2025-35028

By providing a command-line argument starting with a semi-colon ; to an API endpoint created by the EnhancedCommandExecutor class of the HexStrike AI MCP server, the resultant composed command is executed directly in the context of the MCP server’s normal privilege; typically, this is root. There...

MAL-2025-191761 Malicious code in hooktest3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d1104ab742749c40acd3c4c989dba15890db64fd22f688dea72727fbc5b9d23 During installation, the package starts a code to retrieve and execute commands from Discord --- Category: MALICIOUS - The campaign has clearly malicious inten...

EUVD-2025-200081

Grav is vulnerable to RCE via SSTI through Twig Sandbox Bypass...

Cacti 安全漏洞

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. A security vulnerability exists in Cacti versions prior to 1.2.29 that...

PT-2025-48744

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.29 Description Cacti is a performance and fault management framework. A flaw exists in the SNMP device configuration functionality due to insufficient input validation. An authenticated Cacti user can provide crafte...

Improper Neutralization of Special Elements Used in a Template Engine

Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the Twig processing feature enabled through page frontmatter. An...

CVE-2025-66294 Grav is vulnerable to RCE via SSTI through Twig Sandbox Bypass

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Server-Side Template Injection SSTI vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, under certain conditions, may also be exploited by...

CVE-2025-66294

CVE-2025-66294 affects Grav CMS. A Server-Side Template Injection (SSTI) exists due to weak regex validation in the core method cleanDangerousTwig, enabling an authenticated editor to trigger arbitrary commands on the server; in some cases, unauthenticated exploitation is possible. Public materia...

CVE-2024-39148

The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker to execute arbitrary OS commands as root when the service is reachable over network. Typically, the service is protected via local firewall...

CVE-2024-39148

The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker to execute arbitrary OS commands as root when the service is reachable over network. Typically, the service is protected via local firewall...

Exploit for OS Command Injection in Postgresql

usage: CVE-2019-9193.py -h -i IP -p PORT -d DATABASE...

Kerlink KerOS 安全漏洞

Kerlink KerOS is an operating system from the French company Kerlink. A security vulnerability exists in Kerlink KerOS versions prior to 5.12 that stems from the wmp-agent service not properly validating magic URLs, which could allow an unauthenticated remote attacker to execute arbitrary OS...

Grav 安全漏洞

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a server-side template injection vulnerability that stems from insufficient regular expression validation of the cleanDangerousTwig...

PT-2025-48554

Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.8.0-beta.27 Description Grav is a file-based Web platform with a Server-Side Template Injection SSTI issue. Authenticated attackers with editor permissions can execute arbitrary commands on the server. Under certain...

CVE-2024-39148

CVE-2024-39148 affects KerOS prior to 5.12. The issue is in the wmp-agent service, which does not properly validate the so‑called ‘magic URLs’, allowing an unauthenticated attacker to execute arbitrary OS commands as root if the service is reachable over the network. Documents from Red Hat, ENISA...

CVE-2025-35028 HexStrike AI MCP Server Command Injection

By providing a command-line argument starting with a semi-colon ; to an API endpoint created by the EnhancedCommandExecutor class of the HexStrike AI MCP server, the resultant composed command is executed directly in the context of the MCP server’s normal privilege; typically, this is root. There...

Malicious code in wds-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 827b1d3e49cfad3ca5aa4eeb1a7afedc234ed734e13948ba28b0e3b3b71180cc The package wds-icons was found to contain malicious code. Source: ghsa-malware 24d19b105cd9931a78806b2c2f9a30d8ef982b16e1ed4620c185a75dbbbf610d Any...

Malicious code in com.unity.sharp-zip-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cedde339d72e05699d5f33d7c16779f926f419baded72d7cd78d2610395cc807 The package com.unity.sharp-zip-lib was found to contain malicious code. Source: ghsa-malware...

Malicious code in eslint-plugin-react-hooks-published (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 647dedd2c8ea8a9cef54b85666b74459095d17369da310d54a0c1960f87dafe6 The package eslint-plugin-react-hooks-published was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191486 Malicious code in vitest-environment-jsdom-patched (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e0d8ae07807d73026bd13988c3341aecf8375b53ae436d03f80110884c5d84e The package vitest-environment-jsdom-patched was found to contain malicious code. Source: ghsa-malware...