7974 matches found
CVE-2026-31975
Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...
CVE-2026-31975 Cloud CLI WebSocket shell injection
Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...
CVE-2026-31975 Cloud CLI WebSocket shell injection
Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...
CVE-2026-20046
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...
CVE-2026-20046 Cisco IOS XR Software CLI Privilege Escalation Vulnerability
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...
CVE-2026-20040
The vulnerability CVE-2026-20040 affects Cisco IOS XR Software CLI. It stems from insufficient validation of user arguments passed to specific CLI commands, allowing an authenticated, low-privilege attacker to elevate privileges to root and execute arbitrary commands on the underlying OS. The iss...
CVE-2026-20040 Cisco IOS XR Software CLI Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...
CVE-2026-20040 Cisco IOS XR Software CLI Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...
CVE-2026-20040
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...
Anytype Heart's gRPC API client challenge verification can be bypassed on localhost
Impact The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. Affected components: - Anytype Desktop all platforms ≤ v0.48.2 - Anytype-CLI headless deployments ≤ v0.1.9 Not affected: - Anytype mobile apps iOS...
EUVD-2026-11075
A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands...
EUVD-2026-11077
A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...
CVE-2026-23816 Authenticated Command Injection found in admin AOS-CX CLI command
A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...
CVE-2026-23815
CVE-2026-23815 describes a vulnerability in a custom binary used in AOS-CX Switches CLI that could allow an authenticated remote attacker with high privileges to perform command injection via the affected binary. The CVSS 3.1 base metrics indicate NETWORK attack vector, low attack complexity, hig...
PT-2026-24728
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...
HPE AOS-CX 安全漏洞
HPE AOS-CX is a network operating system developed by Hewlett-Packard Enterprise HPE for data centers, campuses, and edge locations. It is designed to provide flexible and innovative network services while enhancing network performance. HPE AOS-CX contains a security vulnerability, which stems fr...
Cisco IOS XR 操作系统命令注入漏洞
Cisco IOS XR is an operating system developed by the American company Cisco for its network devices. Cisco IOS XR has a vulnerability related to operating system command injection, which stems from insufficient validation of user parameters in certain CLI commands. This vulnerability may lead to...
Multi‑Layer Python Payload Encryptor, Decryptor, and Loader Generator
This Python program is a utility designed to encrypt, decrypt, and package Python payloads using multiple layers of encoding and obfuscation. It provides a simple command‑line menu that allows users to convert a Python script into an encoded payload and automatically generate a loader that can...
PT-2026-24571
Name of the Vulnerable Software and Affected Versions AOS-CX Switches affected versions not specified Description A flaw exists in the command line interface of AOS-CX Switches that could allow a remote attacker with valid credentials to execute arbitrary commands on the operating system...
PT-2026-24570
Name of the Vulnerable Software and Affected Versions AOS-CX Switches affected versions not specified Description A flaw exists in a custom binary within the AOS-CX Switches' Command Line Interface CLI. A remotely authenticated attacker with high privileges can exploit this issue to inject...