CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/06/01 4:15 p.m.•27 views

CVE-2026-10273 php-censor Webhook Endpoint GitBuild.php os command injection

7.5CVSS0.02138EPSS

Vulnrichment•added 2026/06/01 4:15 p.m.•5 views

CVE-2026-10273 php-censor Webhook Endpoint GitBuild.php os command injection

7.5CVSS6.6AI score0.02138EPSS

CVE•added 2026/06/01 4:15 p.m.•18 views

CVE-2026-10273

Affected software: php-censor (up to 2.1.6). The vulnerability is in the Webhook Endpoint, specifically the file src/Model/Build/GitBuild.php, where manipulating the commitId argument can lead to operating system command injection. Impact is remote: attacker can exploit over the network. The expl...

7.5CVSS6.6AI score0.02138EPSS

RedhatCVE•added 2026/06/01 4:3 p.m.•10 views

CVE-2026-10180

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...

6.5CVSS5.6AI score0.01433EPSS

Exploits0References1

GithubExploit•added 2026/06/01 9:25 a.m.•59 views

bastion-waf-simulator

BASTION — Web Application Firewall Simulator A real-time We...

6AI score

Exploits0

Nuclei•added 2026/06/01 5:38 a.m.•76 views

cPH2 Charging Station v1.87.0 - OS Command Injection

An OS command injection vulnerability in Hardy Barth cPH2 Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature. id: CVE-2023-46359 info: name: cPH2...

9.8CVSS7.6AI score0.93033EPSS

Exploits2References5

Nuclei•added 2026/06/01 5:38 a.m.•87 views

Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection

Nortek Linear eMerge E3-Series devices before 0.32-08f are susceptible to remote command injection via ReaderNo. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. NOTE: this...

9.8CVSS7.3AI score0.93251EPSS

Exploits3References5

Nuclei•added 2026/06/01 5:38 a.m.•55 views

Atlassian Bitbucket - Remote Command Injection

Atlassian Bitbucket Server and Data Center is susceptible to remote command injection. Multiple API endpoints can allow an attacker with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request, thus making it possible to obtain...

8.8CVSS7.8AI score0.944EPSS

Exploits24References5

Snyk•added 2026/06/01 5:10 a.m.•3 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the FsBridge.WriteFile function. An attacker can execute arbitrary operating system commands by supplying crafted input remotely. Remediation There is no fixed version for...

7.5CVSS7.4AI score0.01761EPSS

Exploits0References2

NVD•added 2026/06/01 4:16 a.m.•8 views

CVE-2026-10219

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component writefile Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. T...

7.5CVSS0.01761EPSS

NVD•added 2026/06/01 3:16 a.m.•11 views

CVE-2026-10214

A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the function getsafetywarning of the file agent/tools/bash/bash.py of the component Bash Tool. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit h...

7.5CVSS0.01761EPSS

EUVD•added 2026/06/01 3:15 a.m.•9 views

EUVD-2026-33540

ATTACKERKB•added 2026/06/01 3:15 a.m.•6 views

CVE-2026-10219

Exploits0References7Affected Software1

Cvelist•added 2026/06/01 3:15 a.m.•36 views

CVE-2026-10219 nextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injection

7.5CVSS0.01761EPSS

Vulnrichment•added 2026/06/01 3:15 a.m.•8 views

CVE-2026-10219 nextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injection

CVE•added 2026/06/01 3:15 a.m.•16 views

CVE-2026-10219

CVE-2026-10219 affects NextLevelBuilder GoClaw up to version 3.11.3. The vulnerability lies in the function FsBridge.WriteFile (internal/sandbox/fsbridge.go) where manipulation can cause an OS command injection. The issue is exploitable remotely and an exploit has been made public. A patch is not...

CVE•added 2026/06/01 2:0 a.m.•18 views

CVE-2026-10214

The CVE affects zhayujie chatgpt-on-wechat Bash Tool (up to 2.0.8). The vulnerability is in agent/tools/bash/bash.py, _get_safety_warning, enabling os command injection via manipulated input and allowing remote exploitation. Exploit code is public (PoC), with the patch in version 2.0.9 (commit 16...

Vulnrichment•added 2026/06/01 2:0 a.m.•6 views

CVE-2026-10214 zhayujie chatgpt-on-wechat Bash Tool bash.py _get_safety_warning os command injection

EUVD•added 2026/06/01 2:0 a.m.•9 views

EUVD-2026-33535