CVE-2026-31854

Cursor is a code editor built for programming with AI. Prior to 2.0 ,if a visited website contains maliciously crafted instructions, the model may attempt to follow them in order to “assist” the user. When combined with a bypass of the command whitelist mechanism, such indirect prompt injections...

CVE-2025-10622

A flaw was found in Red Hat Satellite Foreman component. This vulnerability allows an authenticated user with editsettings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting. Mitigation Mitigation f...

CVE-2016-5714

Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol PXP Command...

Input validation

Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol PXP Command...

CVE-2016-5714

CVE-2016-5714 affects Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0. The vulnerability allows remote attackers to bypass the host whitelist protection and execute arbitrary code on Puppet nodes, via issues in the Puppet Execution Protocol (PXP) Comman...