EUVD-2026-31350

Webmin before 2.641 contains a stored cross-site scripting vulnerability in the email template description field of the System and Server Status module that allows low-privileged authenticated attackers to execute arbitrary commands by injecting unsanitized input stored in savetmpl.cgi and render...

RockyLinux 9 : openssh (RLSA-2026:13381)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13381 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...

RockyLinux 10 : openssh (RLSA-2026:13380)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13380 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...

shell-quote 安全漏洞

Shell-quote is a software package developed by Jordan Harband. It is used for parsing and quoting shell commands. Shell-quote has a security vulnerability. This vulnerability stems from the quote function not verifying the object token input and the operator model used in parse. As a result, line...

GHSA-VPR4-P6FQ-85JC Snappy: Binary path is never shell-escaped due to an inverted is_executable check

Impact On POSIX, escapeshellarg‘/usr/bin/wkhtmltopdf’ returns the literal string ‘/usr/bin/wkhtmltopdf’ with the single-quote characters included. isexecutable then looks for a file whose actual name contains those quote characters, which essentially never exists. The safe branch is dead code and...

Malicious code in cryptoco-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46f83b7a7a5e28fe4fadbd72b0d38ff322210501ef54807160a13b7d797e6c68 On require, index.js opens TCP connections to the cloud link-local metadata address 169.254.169.254 across ports 80, 443, 8080, 3000, 5432, and 6379,...

CVE-2026-47114 IINA < 1.4.3 Command Execution via iina://open URL Scheme

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...

CVE-2026-47114

IINA before 1.4.3 contains a user-assisted command execution vulnerability in the iina://open URL scheme handler. An attacker can deliver a crafted URL via a browser that passes unvalidated mpv_options/input-commands parameters into the mpv runtime, causing arbitrary command execution as the curr...

CVE-2026-47114

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...

CVE-2026-47114 IINA < 1.4.3 Command Execution via iina://open URL Scheme

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...

EUVD-2026-31331

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...

RLSA-2026:13380 Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

openssh security update

An update is available for openssh. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux,...

RLSA-2026:13381 Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

CVE-2025-71210

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via...

CVE-2025-71211

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

CVE-2026-44072

A flaw was found in Netatalk. A highly privileged local attacker could exploit a vulnerability where the system function is called after a failed chdir operation. This could lead to unintended command execution, potentially resulting in low impact to system integrity or availability...

CVE-2025-71211

CVE-2025-71211 concerns Trend Micro Apex One Console; a directory traversal vulnerability enables remote code execution on affected installations. The ZDI advisory notes that the Apex One Console, listening on ports 8080 and 4343, allows remote attackers to execute arbitrary code without authenti...

CVE-2026-45255

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...

Malicious code in omnius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2aceac0879b587bc711c3f156bf0de4bab90f3774816a6cbeb36a2cf9bb03e12 The package's postinstall lifecycle hook launches dist/postinstall-daemon.cjs, which combines childprocess.execSync, os.userInfo, filesystem probes,...