TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar Anti-Ransomware does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files,...

PT-2026-20301

Name of the Vulnerable Software and Affected Versions Dell SmartFabric OS10 Software versions prior to 10.5.6.12 Description Dell SmartFabric OS10 Software is affected by an issue related to improper neutralization of special elements used in a command, potentially leading to command execution. A...

PT-2026-20950

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.6 through 2026.2.13 Description The OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links lacking an unattended key, the application displays a confirmation dialog...

CVE-2025-65753

An issue in the TLS certification mechanism of Guardian Gryphon v01.06.0006.22 allows attackers to execute commands as root...

📄 n8n Workflow Automation Remote Configuration / Admin Data Extraction

This Metasploit module exploits multiple vulnerabilities in n8n workflow automation tool. It leverages a file read vulnerability to steal encryption keys and database, then uses stolen credentials to authenticate and execute arbitrary commands via the Execute Command node...

PT-2026-20259

Name of the Vulnerable Software and Affected Versions Guardian Gryphon version 01.06.0006.22 Description An issue in the TLS certification mechanism allows attackers to execute commands as root. Recommendations At the moment, there is no information about a newer version that contains a fix for...

VulnCheck KEV: CVE-2025-54068

Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is...

VulnCheck KEV: CVE-2024-7694

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server...

Malicious code in cicibot-fix-message-naming (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7fb20d1d9da8ede0270346034bb6fdca56ef578e35a73b4cb0301664ab4a27ab Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Advisory ROSA-SA-2026-3204

Software: vim 8.0.1763 OS: ROSA Virtualization 2.1 unaffected versions = vim-8.0.1763-21.0.1.rv3 affected versions vim-8.0.1763-21.0.0.1.rv3 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of the...

CVE-2026-2527

A vulnerability was determined in Wavlink WL-WN579A3 up to 20210219. Affected is an unknown function of the file /cgi-bin/login.cgi. Executing a manipulation of the argument key can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be...

Malicious code in dns-execution-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4fc1fd65caa9c7f199fba16c9d3772c7db895ed78b29130a7ddc3347a4b34ba7 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2026-910 Malicious code in dns-execution-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4fc1fd65caa9c7f199fba16c9d3772c7db895ed78b29130a7ddc3347a4b34ba7 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2026-902 Malicious code in crc32fast (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b89c674974bf58c7388a27bf1c6ea954a890de45a3e9ba4830c1eada3a3ea6a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

PT-2026-8056

Name of the Vulnerable Software and Affected Versions directorytree/imapengine versions prior to 1.22.3 Description The software contains a flaw due to improper handling of user-supplied data before it is used in IMAP ID commands within the ImapConnection.php file. Specifically, the id function...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

Exploit for CVE-2025-40552

CVE-2025-40552 and CVE-2025-40553 SolarWinds Web Help Desk Pre...

Vulnerability fixed in BeyondTrust Remote Support

BeyondTrust has fixed a vulnerability in BeyondTrust Remote Support and some older versions of Privileged Remote Access. The vulnerability is in the software's pre-authentication, which allows unauthenticated attackers to execute operating system commands by sending specially crafted requests to...

FileZen vulnerable to OS command injection

Overview FileZen provided by Soliton Systems K.K. contains the following vulnerability. OS command injection CWE-78 - CVE-2026-25108 This vulnerability can be exploited when FileZen Antivirus Check Option is enabled The developer states that attacks exploiting the vulnerability has been observed...