CVE-2025-71316

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

EUVD-2025-210067

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

PT-2026-46313

Name of the Vulnerable Software and Affected Versions SQLite sqldiff.exe versions prior to 2025-12-26 Description The sqldiff.exe utility does not securely handle the conversion of Unicode characters to ANSI codepages by the Microsoft Windows C runtime. An attacker can exploit this by using the...

GHSA-WRH2-89VG-4J9G vulnerabilities

Vulnerabilities for packages: hubble, flux, opentelemetry-collector, crossplane-provider-azure-storage, terraform-provider-acme, kubernetes, telegraf, glab, minio, kots, gptscript, kubernetes-dashboard, hydra, loki, k3s, gitea, caddy, snyk-cli, step, crossplane-provider-aws-elasticache,...

EUVD-2026-33843

Memory Corruption when processing display command line information due to improper initialization of a variable...

Cisco Application Policy Infrastructure Controller DoS (cisco-sa-apic-dos-rNus8EFw)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a vulnerability. - A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, local attacker to cause an affect...

CVE-2026-24085

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-24085

Technical details about CVE-2026-24085 are not publicly available in the provided documents; the memory corruption description is noted but no affected products, affected versions, root cause specifics, or fixes are disclosed. Monitor for updates.

CVE-2026-24085

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-24085 Stack-based Buffer Overflow in Display

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-24085 Stack-based Buffer Overflow in Display

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-49134 CodexBar < 0.32.0 Privilege Escalation via CLI Installer Temp File

CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that allows local attackers to execute arbitrary commands as root by exploiting a race condition in temporary file handling. The installer creates a temporary file with mktemp, writes a privileged shell...

CVE-2026-49134

CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that allows local attackers to execute arbitrary commands as root by exploiting a race condition in temporary file handling. The installer creates a temporary file with mktemp, writes a privileged shell...

CVE-2026-49134 CodexBar < 0.32.0 Privilege Escalation via CLI Installer Temp File

CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that allows local attackers to execute arbitrary commands as root by exploiting a race condition in temporary file handling. The installer creates a temporary file with mktemp, writes a privileged shell...

OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username

A flaw was found in OpenSSH. This vulnerability allows a remote attacker to achieve arbitrary command execution by injecting shell metacharacters into a username provided on the command line. Exploitation requires an untrusted username and a non-default configuration of the '%' character in...

CodexBar security vulnerabilities

CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.32.0 contained a security vulnerability. This vulnerability stemmed from a race condition in the handling of temporary files during CLI installation, which could allow local...

📄 Notepad++ 8.9.6 Arbitrary Code Execution

Notepad++ versions 8.9.6 and below proof of concept arbitrary code execution exploit. Exploit Title: Notepad++ 8.9.6 - Arbitrary Code Execution Date: 2026-05-30 Exploit Author: Kavin Jindal Avyukt Security https://www.linkedin.com/in/kavin-jindal/ Vendor Homepage: https://notepad-plus-plus.org...

PT-2026-45641

Memory Corruption when processing display command line information due to improper initialization of a variable...

Exploit for CVE-2026-48778

CVE-2026-48...

CVE-2026-39829 affecting package cf-cli for versions less than 8.7.11-6

CVE-2026-39829 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...