gitoxide: CommandForbiddenInModulesConfiguration Bypass in gix_submodule::File::update() Enables Arbitrary Command Execution via .gitmodules

Summary gixsubmodule::File::update is the API that gates whether an attacker-supplied .gitmodules file may set update = !. The function is designed to return ErrCommandForbiddenInModulesConfiguration unless the !command value came from a trusted local source .git/config. Git CVE CVE-2019-19604...

OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

Summary The agent-facing gateway tool protects config.apply and config.patch with a model-to-operator trust boundary. That guard used a hand-maintained denylist of protected config paths. The config schema outgrew that denylist, leaving sensitive subtrees writable through model-driven gateway...

MAL-2026-3347 Malicious code in gemini-analyzer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c8996b17229185440fe7523f20f72ea848f3a001baa8946ca80fa6b5d3221ad The package is a RAT performing full exfiltration and executing remote commands through a custom RPC protocol over WebSockets, and eventually establishing a...

Malicious code in gemini-analyzer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c8996b17229185440fe7523f20f72ea848f3a001baa8946ca80fa6b5d3221ad The package is a RAT performing full exfiltration and executing remote commands through a custom RPC protocol over WebSockets, and eventually establishing a...

LobeHub has a Cross-Site Scripting issue that escalates to Remote Code Execution

Summary The vulnerability was automatically discovered by an ai agent and then manually verified. LobeChat's message rendering mechanism has a stored cross-site scripting XSS vulnerability. Combined with the Electron main process's exposed insecure IPC interface, attackers can construct malicious...

EUVD-2026-26995

VM2 Has a WASM Sandbox Escape Node 25 only...

Security Bulletin: Vulnerability in IBM's Common Cryptographic Architecture (CCA) (CVE-2025-13375)

Summary IBM Common Cryptographic Architecture CCA is used to interface with the IBM Hardware Security Module HSM. A security vulnerability exists that has a high confidentiality, integrity and availability impact on card and consuming applications. Vulnerability Details CVEID:CVE-2025-13375...

CVE-2026-31196

The traceroute diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters usi...

CVE-2026-27644 traccar allows CSV formula injection via exported position data

Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled device and computed attributes, to CSV output without proper escaping. An attacker can inject spreadsheet formulas through exported...

CVE-2026-27644

Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled device and computed attributes, to CSV output without proper escaping. An attacker can inject spreadsheet formulas through exported...

CVE-2026-27644 traccar allows CSV formula injection via exported position data

Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled device and computed attributes, to CSV output without proper escaping. An attacker can inject spreadsheet formulas through exported...

CVE-2026-27644

CVE-2026-27644 affects Traccar (versions 6.11.1–6.13.0). CSV export writes position data and computed attributes without proper escaping, enabling an attacker to inject spreadsheet formulas via exported fields. When opened in spreadsheet software, this can lead to formula execution and potential ...

EUVD-2026-27306

Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled device and computed attributes, to CSV output without proper escaping. An attacker can inject spreadsheet formulas through exported...

CVE-2023-54345

Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. Attackers can create a server script via the /app/server-script endpoint and access the...

ROS-20260505-73-0002

Vulnerability in zabbix7.4 related to argument injection or modification. Exploitation of the vulnerability can allow an attacker to execute arbitrary commands...

Pi-hole 注入漏洞

Pi-hole is a web-level ad blocking application developed by Pi-hole Inc. Versions of Pi-hole prior to 6.6.1 had a injection vulnerability. This vulnerability stemmed from the lack of validation of line breaks in the dns.interface configuration field, allowing attackers to inject arbitrary command...

Crestron Touchpanels 参数注入漏洞

Crestron Touchpanels are a series of intelligent network touchscreen devices developed by Crestron Corporation in the United States. These devices are used for scheduling in enterprise meeting rooms, controlling audio-visual systems, and automating smart buildings. Crestron Touchpanels have a...

PT-2026-37058

Name of the Vulnerable Software and Affected Versions ALTICE LABS / SFR France GR140DG affected versions not specified ALTICE LABS / SFR France GR140IG affected versions not specified Description The traceroute diagnostic handler in the '/bin/httpd clientside' endpoint of the affected devices...

CVE-2026-31195

The ping diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using she...

CVE-2026-31196

The traceroute diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters usi...