Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

70377 matches found

Vulnrichment
Vulnrichmentadded 2026/05/29 4:10 p.m.10 views

CVE-2026-45633 Dokploy: Command Injection in /docker-container-logs Endpoint

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.6 and earlier, Dokploy contains a command injection vulnerability in the /docker-container-logs WebSocket endpoint. The tail and since parameters are not validated and are directly concatenated into shell commands, allowing...

9.9CVSS6.1AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/29 4:10 p.m.31 views

CVE-2026-45633 Dokploy: Command Injection in /docker-container-logs Endpoint

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.6 and earlier, Dokploy contains a command injection vulnerability in the /docker-container-logs WebSocket endpoint. The tail and since parameters are not validated and are directly concatenated into shell commands, allowing...

9.9CVSS0.0025EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/29 4:10 p.m.9 views

EUVD-2026-33353

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.6 and earlier, Dokploy contains a command injection vulnerability in the /docker-container-logs WebSocket endpoint. The tail and since parameters are not validated and are directly concatenated into shell commands, allowing...

9.9CVSS6.1AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/29 4:4 p.m.28 views

CVE-2026-45662 Dokploy: Command Injection via incomplete shell escaping in docker logout (registry deletion)

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.0 and earlier, the deleteRegistry function in Dokploy packages/server/src/services/registry.ts executes docker logout $response.registryUrl without shell escaping. In the same file, the docker login command correctly uses shEsca...

8.8CVSS0.00218EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/29 4:4 p.m.7 views

CVE-2026-45662

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.0 and earlier, the deleteRegistry function in Dokploy packages/server/src/services/registry.ts executes docker logout $response.registryUrl without shell escaping. In the same file, the docker login command correctly uses shEsca...

8.8CVSS5.8AI score0.00218EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2026/05/29 4:4 p.m.7 views

EUVD-2026-33349

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.0 and earlier, the deleteRegistry function in Dokploy packages/server/src/services/registry.ts executes docker logout $response.registryUrl without shell escaping. In the same file, the docker login command correctly uses shEsca...

8.8CVSS5.8AI score0.00218EPSS
Exploits0References1
CVE
CVEadded 2026/05/29 4:4 p.m.11 views

CVE-2026-45662

Dokploy (PaaS) vulnerability CVE-2026-45662 affects deleteRegistry in packages/server/src/services/registry.ts. In 0.29.0 and earlier, docker logout ${response.registryUrl} is executed without shell escaping, while docker login uses shEscape() to prevent injection. This inconsistency enables a po...

8.8CVSS5.8AI score0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/29 4:4 p.m.8 views

CVE-2026-45662 Dokploy: Command Injection via incomplete shell escaping in docker logout (registry deletion)

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.0 and earlier, the deleteRegistry function in Dokploy packages/server/src/services/registry.ts executes docker logout $response.registryUrl without shell escaping. In the same file, the docker login command correctly uses shEsca...

8.8CVSS5.8AI score0.00218EPSS
Exploits0References1
OSV
OSVadded 2026/05/29 4:3 p.m.9 views

RLSA-2026:19019 Important: python3.14 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.1CVSS6.6AI score0.0017EPSS
Exploits0References10
Rockylinux
Rockylinuxadded 2026/05/29 4:3 p.m.15 views

python3.14 security update

An update is available for python3.14. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

9.1CVSS6.4AI score0.0017EPSS
Exploits0
EUVD
EUVDadded 2026/05/29 4:3 p.m.7 views

EUVD-2026-33348

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file upload functionality. When an authenticated user uploads a file to a container, the destinationPath parameter is not properly sanitized and is directly...

9.9CVSS6.1AI score0.0025EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/29 4:3 p.m.7 views

CVE-2026-45663

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file upload functionality. When an authenticated user uploads a file to a container, the destinationPath parameter is not properly sanitized and is directly...

9.9CVSS6.1AI score0.0025EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/29 4:3 p.m.9 views

CVE-2026-45663 Dokploy: Remote Code Execution via destinationPath in Container File Upload

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file upload functionality. When an authenticated user uploads a file to a container, the destinationPath parameter is not properly sanitized and is directly...

9.9CVSS6.1AI score0.0025EPSS
Exploits0References1
CloudLinux
CloudLinuxadded 2026/05/29 3:17 p.m.6 views

vim: Fix of CVE-2026-46483

CVE-2026-46483: fix command injection in the tar plugin's tarVimuntar function by using the correct shellescapetartail, 1 form so that a crafted .tgz filename cannot trigger cmdline-special expansion in the :! command...

7CVSS5.4AI score0.00017EPSS
Exploits0
NVD
NVDadded 2026/05/29 2:16 p.m.8 views

CVE-2026-10060

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

9.8CVSS0.00383EPSS
Exploits1References4
NVD
NVDadded 2026/05/29 2:16 p.m.10 views

CVE-2026-10061

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the file /goform/formWPS. The manipulation of the argument peerPin results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor...

9.8CVSS0.00383EPSS
Exploits1References4
OSV
OSVadded 2026/05/29 1:33 p.m.9 views

OESA-2026-2483 hplip security update

The Hewlett-Packard Linux Imaging and Printing Project provides drivers for HP printers and multi-function peripherals. Security Fixes: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the us...

9.8CVSS6.3AI score0.00124EPSS
Exploits0References4
OSV
OSVadded 2026/05/29 1:33 p.m.8 views

OESA-2026-2476 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7CVSS5.9AI score0.00017EPSS
Exploits0References2
OSV
OSVadded 2026/05/29 1:33 p.m.9 views

OESA-2026-2475 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7CVSS5.9AI score0.00017EPSS
Exploits0References2
OSV
OSVadded 2026/05/29 1:33 p.m.6 views

OESA-2026-2473 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7CVSS5.9AI score0.00017EPSS
Exploits0References2
Rows per page
Query Builder