CVE-2025-55717

A cleartext storage of sensitive information vulnerability CWE-312 vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all versions, FortiRecorder...

CVE-2026-25836

FortiSandbox Cloud 5.0.4 is affected by an OS command injection vulnerability. A privileged attacker with super-admin profile and CLI access can craft HTTP requests to execute arbitrary commands on the system. The CVSSv3.1 base score is 7.2 (HIGH) with network access, low attack complexity, and h...

CVE-2026-25836

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests...

CVE-2026-25836

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests...

Fortinet多款产品 安全漏洞

Fortinet FortiManager is a product of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiAnalyzer Cloud is a cloud-based logging platform based on...

PT-2026-24235

🚨 CVE-2025-55717 A cleartext storage of sensitive information vulnerability CWE-312 vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all...

[SECURITY] Fedora 42 Update: k9s-0.50.18-1.fc42

Kubernetes CLI To Manage Your Clusters In Style!...

[SECURITY] Fedora 42 Update: gh-2.87.3-1.fc42

A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...

CVE-2026-30791

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

CLSA-2026-1772815097 Fix of 72 CVEs

CVE-2025-38699 - scsi: bfa: Double-free fix CVE-2025-38699 CVE-2025-38697 - jfs: upper bound check of tree index in dbAllocAG CVE-2025-38697 CVE-2025-39823 - KVM: x86: use arrayindexnospec with indices that come from guest CVE-2025-39823 CVE-2025-39689 - ftrace: Also allocate and copy hash for...

GitHub Copilot CLI 操作系统命令注入漏洞

GitHub Copilot CLI is a terminal AI programming assistant open sourced by GitHub. Versions of GitHub Copilot CLI 0.0.422 and earlier had an operating system command injection vulnerability. This vulnerability stemmed from defects in shell security assessments, which could lead to arbitrary code...

Symfony-RCE

Symfony-RCE Exploit for the Symfony fragment Remote Code E...

CVE-2026-20016

A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attack...

CVE-2026-20017

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

[SECURITY] Fedora 44 Update: yt-dlp-2026.02.21-1.fc44

yt-dlp is a command-line program to download videos from many different online video platforms, such as youtube.com. The project is a fork of youtube-dl with additional features and fixes...

EUVD-2026-9825

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

EUVD-2025-208275

Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows...

GHSA-P436-GJF2-799P Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows

This issue affects Docker CLI through 29.1.5 Impact Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries docker-compose.exe,...

Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows

This issue affects Docker CLI through 29.1.5 Impact Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries docker-compose.exe,...

EUVD-2026-9476

A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attack...