PT-2026-27794

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the Cisco IOS XE Software Command Line Interface CLI that could allow a local, authenticated attacker to trigger a denial of service DoS condition on a vulnerab...

Nats-Server 安全漏洞

Nats-Server is a high-performance server developed by Nats Open Source, used for native message delivery systems on Nats.io, cloud, and edge environments. There were security vulnerabilities in versions of NATS-Server prior to 2.11.15 and 2.12.6. These vulnerabilities stemmed from credentials...

NATS credentials are exposed in monitoring port via command-line argv

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server provides an optional monitoring port, which provides access to sensitive data. The nats-server can take certain configuratio...

GHSA-X6G4-F6Q3-FQVV NATS credentials are exposed in monitoring port via command-line argv

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server provides an optional monitoring port, which provides access to sensitive data. The nats-server can take certain configuratio...

ImageMagick: Memory allocation with excessive without limits in the internal SVG decoder

A memory exhaustion vulnerability has been identified in ImageMagick when processing specially crafted SVG image files. In vulnerable versions, a maliciously crafted SVG element may trigger an excessively large internal memory allocation on the order of hundreds of gigabytes, causing the...

PT-2026-27620

Name of the Vulnerable Software and Affected Versions NATS-Server versions prior to 2.11.15 NATS-Server versions prior to 2.12.6 Description NATS-Server is a high-performance server for NATS.io, a cloud and edge native messaging system. If a nats-server is run with static credentials for all...

Reconx

🔍 reconx - Modular Penetration Testing Framework !Python 3...

CVE-2025-15518

Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...

CVE-2026-3587

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device...

CVE-2026-3587

CVE-2026-3587 describes an unauthenticated remote vulnerability where an attacker can exploit a hidden function in the CLI prompt to escape the restricted interface on a Linux-based OS, resulting in full device compromise. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) yields a base sc...

CVE-2026-3587 Hidden CLI Function Allows Root Access

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device...

WAGO Lean Managed Switch 安全漏洞

WAGO Lean Managed Switch is a software developed by the German company WAGO, used for managing and monitoring WAGO Lean series switches. There is a security vulnerability in the WAGO Lean Managed Switch, which stems from hidden functions in the CLI prompt. This vulnerability could potentially lea...

PT-2026-27163

Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...

SUSE CVE-2026-4519

The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to webbrowser.open...

CVE-2026-4519

A flaw was found in Python. The webbrowser.open API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options,...

CVE-2026-4519 webbrowser.open() allows leading dashes in URLs

The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to webbrowser.open...

CVE-2026-4519

CVE-2026-4519 affects the Python webbrowser.open() API, where URLs with a leading dash could be treated as command‑line options by certain browsers. The published CVE description shows that the new behavior rejects leading dashes and recommends sanitizing URLs before passing them to webbrowser.op...

BIT-RABBITMQ-C-2023-35789

An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for amqp-publish or amqp-consume and are thus visible to local attackers by listing a process and its arguments...

BIT-JENKINS-2026-33002

Jenkins 2.442 through 2.554 both inclusive, LTS 2.426.3 through LTS 2.541.2 both inclusive performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or X-Forwarded-Host HTTP request headers, making it vulnerable t...

ROS-20260320-73-0002

A vulnerability in the command line interface of the SQLite database management system is associated with errors in the implementation of the azAllowedFunctions protection mechanism. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to prohibited user functions...