Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

70843 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/07 9:0 p.m.5 views

CVE-2026-8112

A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.2AI score0.02941EPSS
Exploits1References7
Cvelist
Cvelistadded 2026/05/07 9:0 p.m.35 views

CVE-2026-8112 8421bit MiniClaw kernel.ts executeCognitivePulse os command injection

A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.02941EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2026/05/07 9:0 p.m.7 views

CVE-2026-8112 8421bit MiniClaw kernel.ts executeCognitivePulse os command injection

A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.2AI score0.02941EPSS
Exploits1References7
ATTACKERKB
ATTACKERKBadded 2026/05/07 8:58 p.m.5 views

CVE-2026-35428

Improper neutralization of special elements used in a command 'command injection' in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network...

9.6CVSS5.8AI score0.00933EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/07 8:58 p.m.8 views

CVE-2026-33111

Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.01135EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/05/07 8:21 p.m.8 views

CVE-2026-30818

An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow the attacker...

8.5CVSS7.7AI score0.01232EPSS
Exploits0References1
CVE
CVEadded 2026/05/07 6:17 p.m.20 views

CVE-2026-42215

GitPython CVE-2026-42215: A vulnerability in GitPython allows arbitrary command execution when attacker-controlled kwargs are passed to Repo.clone_from(), Remote.fetch(), Remote.pull(), or Remote.push() via the Python kwargs upload_pack/receive_pack. The default unsafe-options guard (allow_unsafe...

8.8CVSS6AI score0.00719EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/05/07 6:17 p.m.31 views

CVE-2026-42215 GitPython: Command injection via Git options bypass

GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an...

8.8CVSS0.00719EPSS
Exploits1References2
OSV
OSVadded 2026/05/07 5:2 p.m.5 views

CLSA-2026-1778021665 vim: Fix of CVE-2026-39881

CVE-2026-39881: fix netbeans defineAnnoType command injection by validating typeName, fg and bg against an allowlist before passing them to coloncmd; also restrict specialKeys tokens to alphanumeric characters to prevent map command injection...

7.8CVSS5.8AI score0.0062EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/05/07 3:38 p.m.9 views

next-npm-version is vulnerable to Command injection

NPM package next-npm-version1.0.1 is vulnerable to Command injection...

9.8CVSS5.8AI score0.01523EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blogadded 2026/05/07 3:38 p.m.15 views

node-ts-ocr is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...

8.8CVSS5.8AI score0.01185EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/07 3:38 p.m.9 views

EUVD-2025-209724

NPM package next-npm-version1.0.1 is vulnerable to Command injection...

5.8AI score0.01523EPSS
Exploits0References4
OSV
OSVadded 2026/05/07 3:38 p.m.6 views

GHSA-8JH2-3MW6-6PFM node-ts-ocr is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...

8.8CVSS5.8AI score0.01185EPSS
Exploits0References4
OSV
OSVadded 2026/05/07 3:38 p.m.5 views

GHSA-2XX6-QF7X-GRQH next-npm-version is vulnerable to Command injection

NPM package next-npm-version1.0.1 is vulnerable to Command injection...

9.8CVSS5.8AI score0.01523EPSS
Exploits0References5
Snyk
Snykadded 2026/05/07 3:27 p.m.10 views

Command Injection

Overview node-ts-ocr is an A simple wrapper around command-line utils to assist in PDF / Image OCR Optical Character Recognition processing using Tesseract. Affected versions of this package are vulnerable to Command Injection via the invokeImageOcr function. An attacker can execute arbitrary...

9.8CVSS6AI score0.01185EPSS
Exploits0References2
NVD
NVDadded 2026/05/07 3:16 p.m.10 views

CVE-2025-63705

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...

8.8CVSS0.01185EPSS
Exploits0References2
NVD
NVDadded 2026/05/07 3:16 p.m.11 views

CVE-2025-63706

NPM package next-npm-version1.0.1 is vulnerable to Command injection...

9.8CVSS0.01523EPSS
Exploits0References3
GithubExploit
GithubExploitadded 2026/05/07 2:40 p.m.77 views

Exploit for OS Command Injection in Exim

No d...

10CVSS7.5AI score0.99961EPSS
Exploits27
Microsoft CVE
Microsoft CVEadded 2026/05/07 2:0 p.m.11 views

Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.01135EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/05/07 2:0 p.m.23 views

Azure Cloud Shell Spoofing Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network...

9.6CVSS5.8AI score0.00933EPSS
Exploits0
Rows per page
Query Builder