📄 Splunk Enterprise 8.2.9 / 9.0.2 Authenticated Remote Code Execution

Proof of concept exploit for CVE-2022-43571, a critical authenticated remote code execution vulnerability affecting Splunk Enterprise versions 8.2.9 and 9.0.2. The flaw resides in the SimpleXML dashboard PDF generation process, where insufficient input sanitization allows a privileged authenticat...

Brocade Fabric OS < 9.2.1c2 / 9.2.2 < 9.2.2b Multiple Vulnerabilities

The version of Brocade FabricOS installed on the remote host is prior to 9.2.1c2, or 9.2.2 prior to 9.2.2b. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in Brocade Fabric OS could allow an authenticated attacker with admin privileges using the shell commands source,...

CVE-2026-26323

CVE-2026-26323 overview : OpenClaw’s maintainer/updater script in source checkouts (versions 2026.1.8–2026.2.13) is vulnerable to OS command injection. The script update-clawcontributors.ts builds a shell command from git author metadata (via execSync) and interpolates a GitHub login, which can b...

CVE-2026-26320

Summary: CVE-2026-26320 affects OpenClaw macOS desktop client versions 2026.2.6–2026.2.13. The app registers the openclaw:// URL scheme and, for openclaw://agent deep links without an unattended key, shows a truncated confirmation dialog (first 240 characters) but executes the full message after ...

CVE-2026-26320

OpenClaw is a personal AI assistant. OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full...

CVE-2026-26320 OpenClaw macOS deep link confirmation truncation can conceal executed agent message

OpenClaw is a personal AI assistant. OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full...

CVE-2026-26320 OpenClaw macOS deep link confirmation truncation can conceal executed agent message

OpenClaw is a personal AI assistant. OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the POST /api/v2/dag-runs endpoint, which accepts and executes inline YAML specifications without authentication in the default configuration. An attacker can execute arbitrary commands o...

CVE-2026-27476 RustFly 2.0.0 Command Injection via UDP Remote Control

RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...

CVE-2025-59920

When hours are entered in time@work, version 7.0.5, it performs a query to display the projects assigned to the user. If the query URL is copied and opened in a new browser window, the ‘IDClient’ parameter is vulnerable to a blind authenticated SQL injection. If the request is made with the TWAdm...

CVE-2026-26189 Trivy Action has a script injection via sourced env file in composite action

Trivy Action runs Trivy as GitHub action to scan a Docker container image for vulnerabilities. A command injection vulnerability exists in aquasecurity/trivy-action versions 0.31.0 through 0.33.1 due to improper handling of action inputs when exporting environment variables. The action writes...

CVE-2026-26189 Trivy Action has a script injection via sourced env file in composite action

Trivy Action runs Trivy as GitHub action to scan a Docker container image for vulnerabilities. A command injection vulnerability exists in aquasecurity/trivy-action versions 0.31.0 through 0.33.1 due to improper handling of action inputs when exporting environment variables. The action writes...

CVE-2026-26189

CVE-2026-26189 affects aquasecurity/trivy-action (GitHub Action) where command injection is possible via unsafely exporting environment variables to trivy_envs.txt and sourcing it in entrypoint.sh. Affected versions are 0.31.0 through 0.33.1; a patch was released in 0.34.0. The issue arises from ...

CVE-2025-4960

CVE-2025-4960 affects macOS via the EPSON printer driver installer’s com.epson.InstallNavi.helper, which exposes privileged functionality due to improper authorization handling and weak client authentication over XPC. The API flow uses overly permissive custom rights registered in /var/db/auth.db...

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an OS command injection vulnerability in the server API endpoint GUID parameter. This vulnerability could allow for the execution of...

📄 Serendipity 2.5.0 PHP Code Injection

Serendipity version 2.5.0 proof of concept PHP code injection exploit. ============================================================================================================================================= | Title : Serendipity 2.5.0 PHP COde Injection Vulnerability | | Author : indoushka ...

Trivy Action 操作系统命令注入漏洞

Trivy Action is a container vulnerability scanning tool developed by Aqua Security. Versions of Trivy Action prior to 0.33.1 contain an operating system command injection vulnerability. This vulnerability arises from improper handling of input during the process of exporting environment variables...

CVE-2026-27182

The CVE describes a local, unauthenticated command injection in Saturn Remote Mouse Server. An attacker on the same local network can send specially crafted UDP JSON frames to port 27000, where the service forwards unsanitized command data to OS execution functions, resulting in remote code execu...

Exploit for Expression Language Injection in Vmware Spring_Data_Mongodb

SpringData - SpEL RCE Exploit - CVE-2022-22980 Exploit pour l...

Malicious code in abcxyzz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b953a8183a1a7ba906c9117e8afe658b2606311b606d8b3ecad680076fc51e9 The package abcxyzz was found to contain malicious code. Source: ossf-package-analysis b22a45e3a267d5930d5e8dfdb52954bf049c7b63a9bdb0818e5daff1191e74...