Cisco Secure Firewall Adaptive Security Appliance 安全漏洞

The Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software developed by Cisco, a US company. There is a security vulnerability in the Cisco Secure Firewall Adaptive Security Appliance software. This vulnerability stems from insufficient input validation during...

PT-2026-22887

Name of the Vulnerable Software and Affected Versions SEPPmail Secure Email Gateway versions prior to 15.0.1 Description The SEPPmail Secure Email Gateway does not properly handle PDF encryption passwords, potentially allowing for operating system command execution. The issue arises from...

PT-2026-22876

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 Description An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility. An authenticated...

CVE-2026-1775

The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device...

OpenClaw Improperly Neutralizes Line Breaks in systemd Unit Generation Enables Local Command Execution (Linux)

Summary A command injection vulnerability exists in OpenClaw’s Linux systemd unit generation path. When rendering Environment= entries, attacker-controlled values are not rejected for CR/LF, and systemdEscapeArg uses an incorrect whitespace-matching regex. This allows newline injection to break o...

GHSA-VFFC-F7R7-RX2W OpenClaw Improperly Neutralizes Line Breaks in systemd Unit Generation Enables Local Command Execution (Linux)

Summary A command injection vulnerability exists in OpenClaw’s Linux systemd unit generation path. When rendering Environment= entries, attacker-controlled values are not rejected for CR/LF, and systemdEscapeArg uses an incorrect whitespace-matching regex. This allows newline injection to break o...

GHSA-FF98-W8HJ-QRXF OpenClaw plugin runtime command execution is part of trusted plugin boundary

Summary OpenClaw plugins/extensions run in-process and are treated as trusted code. This advisory tracks trust-boundary clarification around plugin runtime command execution runtime.system.runCommandWithTimeout. Impact Plugins already execute with the same OS privileges as the OpenClaw process...

OpenClaw Windows Scheduled Task script generation allowed local command injection via unsafe cmd argument handling

Summary OpenClaw Windows Scheduled Task script generation allowed unsafe argument handling in generated gateway.cmd files. In vulnerable versions, cmd metacharacter-only values could be emitted without safe quoting/escaping, which could lead to unintended command execution when the scheduled task...

Qinglong-Auth-bypass-to-RCE-poc

Qinglong Auth Bypass to Command Execution A proof-of-concept...

GHSA-5GJ7-JF77-Q2Q2 OpenClaw: safeBins static default trusted dirs allow writable-dir binary hijack (`jq`)

Summary In openclaw= 2026.2.24 planned next npm release - Latest published npm version at triage time 2026-02-24: 2026.2.23 Root Cause - Default safe-bin trusted directories included package-manager/user-managed paths. - Trust decision was directory-membership only for resolved executable paths...

OpenClaw: safeBins static default trusted dirs allow writable-dir binary hijack (`jq`)

Summary In openclaw= 2026.2.24 planned next npm release - Latest published npm version at triage time 2026-02-24: 2026.2.23 Root Cause - Default safe-bin trusted directories included package-manager/user-managed paths. - Trust decision was directory-membership only for resolved executable paths...

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview mcp-nmap-server is a MCP server for performing network scanning using NMAP Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the childprocess.exec function in the Nmap CLI Command...

CVE-2026-1775

The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device...

CVE-2025-13688

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component...

CVE-2025-13687 DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

CVE-2025-13687

DataStage on Cloud Pak for Data (DataStage on Cloud Pak for Data) is affected by CVE-2025-13687, with an OS command injection risk due to improper validation of user-supplied input in the user-defined function component. The vulnerability allows an authenticated user to execute arbitrary commands...

EUVD-2025-208261

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component...

CVE-2025-13688 DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component...

CVE-2025-13688

DataStage on Cloud Pak for Data is affected by CVE-2025-13688. The IBM bulletin documents that an authenticated user could execute arbitrary commands with normal user privileges due to improper validation of user-supplied input through the wrapped command component. Affected versions are DataStag...

CVE-2024-55026

An issue in the resetpj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request...