CVE-2026-3820

There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-2115HS-TNR. An attacker may obtain administrator privileges and inject specially crafted characters into the SMTP service configuration. This may cause the underlying system to execute unintended commands during process...

CVE-2026-21719

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...

CVE-2026-47114

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...

CVE-2026-41497

PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist or argument validation to parsemcpcommand, allowing arbitrary executables like bash, python, or /bin/sh with inline code execution flags to pass through t...

CVE-2026-41501

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

CVE-2026-41304

WWBN AVideo is an open source video platform. In versions 29.0 and below, the cloneServer.json.php endpoint in the CloneSite plugin constructs shell commands using user-controlled input url parameter without proper sanitization. The input is directly concatenated into a wget command executed via...

CVE-2026-41218

When BIG-IP PEM iRules are configured on a virtual server iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End ...

CVE-2026-41137

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and executed by the...

CVE-2026-41500

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an...

CVE-2026-41036

This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device. Successful exploitation of this...

CVE-2026-23821

A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying...

CVE-2026-23500

Dolibarr is an enterprise resource planning ERP and customer relationship management CRM software package. In versions prior to 23.0.0 , the ODT to PDF conversion process in odf.php concatenates the MAINODTASPDF configuration constant directly into a shell command passed to exec without...

CVE-2026-23823

A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. NOTE: This vulnerability only...

CVE-2026-32649

A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...

CVE-2026-5844

A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...

CVE-2026-50206

Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files...

CVE-2026-5853

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument addrPrefixLen leads to os command injection. The attack...

CVE-2026-5851

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be executed remotely. The exploi...

CVE-2026-5994

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument telnetenabled results in os command injection. The attack is possible ...

CVE-2026-5208

Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...