PT-2026-40376

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

MongoDB Ops Manager 命令注入漏洞

MongoDB Ops Manager is a solution developed by the American company MongoDB, designed for managing, monitoring, and backing up MongoDB deployments. MongoDB Ops Manager has a command injection vulnerability, which stems from executing arbitrary commands when configuring Webhooks. The following...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from command injection in the web-based management...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from command injection in the web-based management...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from command injection, and they could allow...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from command injection in the web-based management...

D-Link DIR-816 注入漏洞

The D-Link DIR-816 is a wireless router produced by D-Link Corporation. The D-Link DIR-816 1.10CNB05R1B011D88210 version has a vulnerability related to command injection, which stems from operations on the ipaddress parameter...

PT-2026-40363

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a...

PT-2026-40065

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...

PT-2026-40461

Name of the Vulnerable Software and Affected Versions Claris FileMaker Cloud versions prior to 2.22.0.5 Description A Remote Code Execution issue allows a user with Admin Console privileges to inject arbitrary operating system commands. This occurs due to unsanitized input within the External ODB...

CVE-2026-31226

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...

PT-2026-40364

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a...

SAP Forecasting and Replenishment 命令注入漏洞

SAP Forecasting and Replenishment is a demand forecasting and inventory replenishment management system developed by SAP, a German company, for retail and supply chain scenarios. SAP Forecasting and Replenishment has a command injection vulnerability. This vulnerability stems from OS command...

Claris FileMaker Cloud 安全漏洞

Claris FileMaker Cloud is a cloud platform provided by the American company Claris, designed for enterprise-level low-code database application development and hosting scenarios. Versions of Claris FileMaker Cloud prior to 2.22.0.5 contained security vulnerabilities. These vulnerabilities stemmed...

JunoClaw 操作系统命令注入漏洞

JunoClaw is a decentralized AI proxy platform developed by Dragonmonk111. Versions prior to JunoClaw 0.x.y-security-1 contained an operating system command injection vulnerability. This vulnerability stemmed from a substring blacklist in the plugin-shell command security check, which could be...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from command injection in the command-line interface...

Zyxel WRE6505 操作系统命令注入漏洞

The Zyxel WRE6505 is a wireless signal expansion device produced by the Chinese company Zyxel. The Zyxel WRE6505 v2 V1.00ABDV.3C0 version contains a vulnerability related to operating system command injection. This vulnerability stems from CGI programs that allow command injection, potentially...

Hewlett Packard Enterprise ArubaOS 操作系统命令注入漏洞

Hewlett Packard Enterprise ArubaOS is a network wireless operating system developed by Hewlett Packard Enterprise. Hewlett Packard Enterprise ArubaOS has a vulnerability related to operating system command injection. This vulnerability stems from a flaw in the command-line interface, which may...

Hewlett Packard Enterprise ArubaOS 操作系统命令注入漏洞

Hewlett Packard Enterprise ArubaOS is a network wireless operating system developed by Hewlett Packard Enterprise. Hewlett Packard Enterprise ArubaOS has a vulnerability related to operating system command injection. This vulnerability stems from vulnerabilities in the configuration processing...

Microsoft Visual Studio Code 命令注入漏洞

Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a command injection vulnerability. Attackers can exploit this vulnerability to execute code remotely...