CVE-2026-54555

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did not conservatively split or reject several shell constructs that Bash treats as command execution boundaries or nested execution. As a result, a command beginning with an...

CVE-2008-7016

tnftpd before 20080929 splits large command strings into multiple commands, which allows remote attackers to conduct cross-site request forgery CSRF attacks via unknown vectors, probably involving a crafted ftp:// link to a tnftpd server...