Important: kernel-livepatch-6.1.170-208.319

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.1.170-208.319 Issue Correction: Please ensure you have live patching enabled...

CVE-2026-4480

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

PT-2026-43259

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user...

PT-2026-43355

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description An OS command injection issue exists in the MikroTik router integration plugin. The log function in src/mikrotik plugin/fastnetmon mikrotik.php constructs shell commands by...

EUVD-2026-31949

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The log function in src/mikrotikplugin/fastnetmonmikrotik.php lines 107-108 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

EUVD-2026-31843

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

PT-2026-43274

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniper plugin/fastnetmon juniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

Das Parking Management System SQL注入漏洞

Das Parking Management System is a parking management system developed by Das Real Technology Co., Ltd. Version 6.2.0 of Das Parking Management System has a SQL injection vulnerability. This vulnerability stems from the improper use of the xpcmdshell function in the API Endpoint component’s...

CVE-2026-48695

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The log function in src/mikrotikplugin/fastnetmonmikrotik.php lines 107-108 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov. It is built using multiple packet capture engines. Versions of FastNetMon Community Edition 1.2.9 and earlier contained a security vulnerability. This vulnerability stemmed from the log function in the MikroTik...

CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

Lumiverse 参数注入漏洞

Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained a parameter injection vulnerability. This vulnerability occurred when the toSmbPath call failed, resulting in a fallback to dirname/basename...

CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

Unauthenticated Remote Code Execution

Description Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. This leads to a remote code execution vulnerability. Print servers configured with "printing...

PT-2026-43193

A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument fwUrl/magicid results in os command injection. It is possible to initiate...

PT-2026-43300

Vowpal Wabbit is a machine learning system. The workflow .github/workflows/python checks.yml embeds $ github.event.pull request.title directly inside double-quoted bash strings in four separate steps across four jobs, each passing it as a CLI argument to the Python test script run tests model gen...

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the PIN parameter in the setWiFiWpsConfig...

PT-2026-43192

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. The attack may be performe...

Lumiverse 操作系统命令注入漏洞

Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained an operating system command injection vulnerability. This vulnerability stemmed from the Spindle extension’s build pipeline, which called bun insta...

luci-app-https-dns-proxy 命令注入漏洞

Luci-app-https-dns-proxy is an OpenWrt DNS-over-HTTPS proxy with a web management interface, developed by Stan Grishin. Versions of Luci-app-https-dns-proxy dated back to December 29, 2025, and earlier have a command injection vulnerability. This vulnerability stems from command injection in the...