EUVD-2026-31588

A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument regDomain/ABandregDomain/nic0Addr/nic1Addr/wlanAddr/inicAddr results in command injection. It is...

CVE-2026-9367

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...

CVE-2026-9369

A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function discoverdashboardplugins of the file hermescli/webserver.py of the component CLI web-dashboard Interface. Performing a manipulation of the argument HERMESENABLEPROJECTPLUGINS results in incorrect...

Exploit for OS Command Injection in Arcane

CVE-2026-23520: Model Context Protocol MCP Connect RCE - Edu...

CVE-2026-9367 NousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injection

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...

CVE-2026-9367

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...

CVE-2026-9367 NousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injection

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...

CVE-2026-9367

CVE-2026-9367 affects NousResearch hermes-agent (component: terminal_tool, file: tools/approval.py, function: detect_dangerous_command). The issue enables an OS command injection due to a manipulation in detect_dangerous_command, with a remote attack possible. Public exploit information is report...

EUVD-2026-31579

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...

CVE-2026-9363

A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack ...

CVE-2026-9361

A weakness has been identified in Edimax EW-7438RPn 1.12. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument submit-url causes command injection. The attack may be initiated remotely. The exploit has been mad...

EUVD-2026-31578

A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack ...

CVE-2026-9363 Edimax EW-7438RPn POST Request formEZCHNwlanSetu formEZCHNwlanSetup command injection

A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack ...

CVE-2026-9363

CVE-2026-9363 affects Edimax EW-7438RPn firmware 1.12. The vulnerability resides in the POST Request Handler function formEZCHNwlanSetup (file /goform/formEZCHNwlanSetu), where argument manipulation enables remote command injection. Remote exploitation is possible; an exploit is public. The vendo...

CVE-2026-9363 Edimax EW-7438RPn POST Request formEZCHNwlanSetu formEZCHNwlanSetup command injection

A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack ...

CVE-2026-9363

A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack ...

CVE-2026-9362 Edimax EW-7438RPn Setting formConnectionSetting command injection

A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument maxConn/timeOut leads to command injection. The attack...

CVE-2026-9362 Edimax EW-7438RPn Setting formConnectionSetting command injection

A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument maxConn/timeOut leads to command injection. The attack...

EUVD-2026-31573

A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument maxConn/timeOut leads to command injection. The attack...

CVE-2026-9362

CVE-2026-9362: Edimax EW-7438RPn firmware 1.12 has a command-injection in the Setting Handler’s formConnectionSetting (/goform/formConnectionSetting). Manipulating max_Conn/timeOut parameters can lead to remote execution. Attack vector is network with low complexity; authentication required is LO...