Malicious npm packages abuse dependency confusion to profile developer environments

In this article 1. Attack chain overview 2. Threat actor attribution 3. Mitigation and protection guidance 4. Indicators of Compromise IOC 5. References 6. Learn more Microsoft Threat Intelligence has uncovered an active supply chain attack involving malicious npm packages registered under...

Notepad++ 8.9.6 - Arbitrary Code Execution

Exploit Title: Notepad++ 8.9.6 - Arbitrary Code Execution Date: 2026-05-30 Exploit Author: Kavin Jindal Avyukt Security https://www.linkedin.com/in/kavin-jindal/ Vendor Homepage: https://notepad-plus-plus.org Software Link: https://notepad-plus-plus.org/downloads/v8.9.6/ Version: from config.xml...

Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. YAMCS has a security vulnerability that stems from the lack of rate limits...

Edimax BR-6478AC 命令注入漏洞

The Edimax BR-6478AC is a dual-band Gigabit router produced by Edimax Corporation. The Edimax BR-6478AC version 1.23 has a command injection vulnerability. This vulnerability stems from the operation of the formStaDrvSetup function in the component POST Request Handler, specifically the parameter...

PT-2026-45129

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has...

RockyLinux 9 : cockpit (RLSA-2026:21468)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:21468 advisory. cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI CVE-2026-4802 Tenable has extracted the preceding description block directly fr...

Linux Distros Unpatched Vulnerability : CVE-2026-44462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash variable expansion chaining $var@P, allowing arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2026-44604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified...

RockyLinux 9 : dovecot (RLSA-2026:19364)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19364 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via crafted...

Protection Mechanism Failure

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

Protection Mechanism Failure

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Protection Mechanism Failure in the executecode function. An attacker can achieve arbitrary command execution on the host system by leveragi...

PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)

Summary executecode in praisonaiagents/tools/pythontools.py v1.6.37, subprocess sandbox mode can be fully bypassed using print.self to retrieve the real Python builtins module, from which import can be extracted via vars and runtime string construction. This achieves arbitrary OS command executio...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the direct-prompt CLI. An attacker can access sensitive local...

CVE-2026-45324

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmdsearch.c:bytepatternsearch due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe...

CVE-2026-44287

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import with the regex /\bimport\s/.testcode. JavaScript syntax accepts a block comment between import and ; the regex matches only ASCII...

CVE-2026-9452

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...

CVE-2026-9404

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

CVE-2026-44462

Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash variable expansion chaining $var@P, allowing arbitrary command execution under an allowlisted command prefix. This vulnerability is fixed in 0.229.0...

CVE-2026-36044

@pensar/apex = 0.0.58 is vulnerable to OS command injection via the smartenumerate tool. The createSmartEnumerateTool function in src/core/agent/tools.ts constructs a shell command by concatenating unsanitized values from the extensions array and url parameter into a string passed to Node.js...

EUVD-2026-33431

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import with the regex /\bimport\s/.testcode. JavaScript syntax accepts a block comment between import and ; the regex matches only ASCII...