PT-2026-38439

Name of the Vulnerable Software and Affected Versions next-npm-version version 1.0.1 Description NPM package next-npm-version is subject to command injection, a flaw that allows an attacker to execute arbitrary operating system commands on the server. Recommendations At the moment, there is no...

GitPython 操作系统命令注入漏洞

GitPython is a Python library developed by gitpython-developers, used for interacting with Git repositories. Versions of GitPython from 3.1.30 to 3.1.47 contained an operating system command injection vulnerability. This vulnerability stemmed from allowing dangerous Git options without proper...

PT-2026-38438

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...

PT-2026-38378

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.133.Final Netty versions prior to 4.2.13.Final Description The Netty Redis codec encoder RedisEncoder writes user-controlled string content directly to the network output buffer without validating or sanitizing CRLF...

CVE-2025-63705

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...

CVE-2025-63706

NPM package next-npm-version1.0.1 is vulnerable to Command injection...

next-npm-version 1.0.1 安全漏洞

next-npm-version is a tool developed by Aric, a personal developer, for retrieving npm package versions. The version 1.0.1 of next-npm-version contains a security vulnerability, which stems from command injection...

MiniClaw 命令注入漏洞

MiniClaw is an AI memory and evolution tool developed by a 8421bit individual developer. MiniClaw has a command injection vulnerability, which originates from the executeCognitivePulse function in the src/kernel.ts file. This vulnerability may lead to OS command injection attacks...

CVE-2025-63706

The CVE-2025-63706 entry concerns the NPM package next-npm-version1.0.1 , reported as vulnerable to command injection . Multiple connected records corroborate the issue across NVD/CVE and related feeds. The vulnerability is described as critical with a CVSS 3.1 base score of 9.8 (vectors: AV:N/AC...

PT-2026-38578

Name of the Vulnerable Software and Affected Versions Microsoft Edge Copilot Chat affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to disclose information over a network...

Hitachi Virtual Storage Platform One Block 操作系统命令注入漏洞

Hitachi Virtual Storage Platform One Block is a high-performance block storage system device developed by Hitachi, Ltd. Versions 23, 24, 26, and 28 of Hitachi Virtual Storage Platform One Block contain vulnerabilities related to operating system command injection. These vulnerabilities stem from ...

CVE-2025-63706

NPM package next-npm-version1.0.1 is vulnerable to Command injection...

PT-2026-38591

Name of the Vulnerable Software and Affected Versions 8421bit MiniClaw versions up to 223c16a1088e138838dcbd18cd65a37c35ac5a84 Description Remote OS command injection can occur via the executeCognitivePulse function located in the src/kernel.ts file. This allows a remote attacker to execute...

CVE-2025-63705

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...

CVE-2025-63705

The CVE-2025-63705 entry concerns the NPM package node-ts-ocr version 1.0.15, with a reported OS Command Injection via the invokeImageOcr function in src/index.js. The vulnerability is described as enabling arbitrary command execution with a network attack vector, as indicated by the CVSS 3.1 met...

PT-2026-38582

Name of the Vulnerable Software and Affected Versions Azure Cloud Shell affected versions not specified Description Improper neutralization of special elements used in a command allows an unauthorized attacker to perform command injection, which can enable network-based spoofing attacks...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2303 Tp-Link Archer AX53 v1.0 Openvpn configuration restore scriptsecurity OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore scriptsecurity...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore route_up OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2309 Tp-Link Archer AX53 v1.0 Openvpn configuration restore routeup OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore routeup functionality of...