EUVD-2026-33843

Memory Corruption when processing display command line information due to improper initialization of a variable...

PT-2026-45696

CVE-2026-47187, CVE-2026-48711: sshfs = 3.7.5 symlink escape local file read/write and ssh argument injection local command execution https://t.co/CDODWFAiSy Fixed in 3.7.6...

RockyLinux 10 : openssh (RLSA-2026:19069)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19069 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...

Cisco Application Policy Infrastructure Controller DoS (cisco-sa-apic-dos-rNus8EFw)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a vulnerability. - A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, local attacker to cause an affect...

SUSE SLES16 Security Update : vim (SUSE-SU-2026:21859-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21859-1 advisory. This update for vim fixes the following issues - CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary fil...

CVE-2026-41010 - Release Job Name Command Injection on BOSH Director | Cloud Foundry

CVSSv4: High 8.7 CVSS:4.0:/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H CVSSv3: High 8.2 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Vendor Cloud Foundry Foundation Versions Affected Severity is HIGH unless otherwise noted. BOSH Director – All versions prior to v282.1.12 Description...

📄 Samba Print Command Injection

This Python proof of concept framework analyzes Samba printing configurations for unsafe print command usage involving the %J variable and demonstrates how command injection conditions could arise in vulnerable setups. It's written to target versions 4.22.10, 4.23.8 and 4.24.3...

Samba Print Configuration Checker

This Python script is a lightweight configuration analysis tool designed to inspect Samba smb.conf printing settings and identify potentially unsafe print command configurations associated with command injection risks. It's written to target versions 4.22.10, 4.23.8 and 4.24.3...

PT-2026-45723

Name of the Vulnerable Software and Affected Versions Wirtualna Uczelnia versions prior to wu2016.437.295020260327 105545 Description Server-Side Template Injection SSTI occurs when an unauthenticated attacker injects arbitrary template expressions into the server, which are then executed. This...

CVE-2026-41011 - Package Name Command Injection | Cloud Foundry

CVSSv4: High 8.7 CVSS:4.0: /AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H CVSSv3: High 8.2 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Vendor Cloud Foundry Foundation Versions Affected Severity is HIGH unless otherwise noted. BOSH – All versions prior to v282.1.12 Description...

RockyLinux 9 : vim (RLSA-2026:19224)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19224 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the RockyLinux...

PT-2026-45697

CVE-2026-47187, CVE-2026-48711: sshfs = 3.7.5 symlink escape local file read/write and ssh argument injection local command execution https://t.co/CDODWFAiSy Fixed in 3.7.6...

📄 Samba SMB Printer Queue Command Injection / Remote Task Delivery

This Python script is a structured exploitation framework targeting Samba print services exposed over SMB port 445. It focuses on printer-share interaction, payload delivery testing, and command execution workflows through manipulated print job submissions. It's written to target versions 4.22.10...

PT-2026-45678

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

CVE-2026-24085

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2024-52011

A flaw was found in launch-editor, a tool that allows users to open files with line numbers in an editor from Node.js. Due to insufficient sanitization of the file argument in the launchEditor function, an attacker can execute arbitrary commands on Windows systems by supplying a filename that...

CVE-2026-25259

Memory corruption while processing multiple IOCTL command for escape operations...

CVE-2026-24085

Technical details about CVE-2026-24085 are not publicly available in the provided documents; the memory corruption description is noted but no affected products, affected versions, root cause specifics, or fixes are disclosed. Monitor for updates.

CVE-2026-24085

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-24085 Stack-based Buffer Overflow in Display

Memory Corruption when processing display command line information due to improper initialization of a variable...