CVE-2025-69600

Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options...

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

UFO³ 操作系统命令注入漏洞

UFO³ is an open-source cross-device collaboration multi-agent task orchestration tool developed by Microsoft. Versions of UFO³ prior to v3.0.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the use of ShellReceiver.runshell, which directly...

systeminformation 操作系统命令注入漏洞

SystemInformation is a NPM software library developed by Sebastian Hildebrandt, which allows access to operating system information. Versions of SystemInformation from 4.17.0 to 5.31.5 contain a vulnerability related to operating system command injection. This vulnerability arises on Linux when t...

PT-2026-43846

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpu cs parser bos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpu bo list put as it's been handled in the amdgpu cs parser fin...

CVE-2026-36540

Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the /cgi-bin/skkset.cgi endpoint. The password and newpwdconfirm POST parameters are passed directly to the underlying OS shell without sanitization. An attacker can inject arbitrary shell commands by...

pam_usb 操作系统命令注入漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained an operating system command injection vulnerability. This vulnerability stemmed from pamusb-pinentry reading the PINENTRYFALLBACKAPP...

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

CVE-2026-36044

CVE-2026-36044 affects @pensar/apex

CVE-2026-45994

ibmasm: fix OOB reads in commandfilewrite due to missing size checks...

PT-2026-43494

Name of the Vulnerable Software and Affected Versions HTTP::Daemon versions prior to 6.17 Description OS command injection is possible through the send file function. This occurs because send file utilizes Perl's 2-arg open function, which interprets magic prefixes. Specifically, prefixes like '|...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of size checking in the commandfilewrite function of ibmasm, potentially leading to...

HTTP::Daemon 安全漏洞

HTTP::Daemon is a simple HTTP class developed under the open-source license of libwww-perl. Versions of HTTP::Daemon prior to version 6.17 contained security vulnerabilities. These vulnerabilities stemmed from the use of the Perl’s 2-arg open method to open string parameters, which could lead to ...

MB Connect Line mbNET和MB Connect Line mbNET.mini 操作系统命令注入漏洞

MB Connect Line mbNET and MB Connect Line mbNET.mini are both products of the German company MB Connect Line. MB Connect Line mbNET is an industrial router. MB Connect Line mbNET.mini is a remote access router. Both MB Connect Line mbNET and MB Connect Line mbNET.mini have operating system comman...

CVE-2026-36045

picoclaw =v0.1.2 and earlier is vulnerable to OS command injection via the ExecTool component pkg/tools/shell.go. The guardCommand function attempts to restrict shell command execution using a denylist of 8 regular expressions, but the denylist is incomplete...

CVE-2026-36044

@pensar/apex = 0.0.58 is vulnerable to OS command injection via the smartenumerate tool. The createSmartEnumerateTool function in src/core/agent/tools.ts constructs a shell command by concatenating unsanitized values from the extensions array and url parameter into a string passed to Node.js...

PT-2026-44040

Name of the Vulnerable Software and Affected Versions Raynet rvia versions prior to 12.6 Update 8 Description Command injection occurs when the software performs a Java search using the find command. An adversary can execute arbitrary Java code by providing a crafted path that matches improperly...

PT-2026-44137

Description Symfony Mailer selects a transport via the MAILER DSN environment variable / configuration e.g. smtp://..., sendmail://..., native://default. SendmailTransport invokes the local sendmail binary and supports two modes: -bs speak SMTP over stdin: the default and -t read the message on...

PT-2026-43702

@pensar/apex = 0.0.58 is vulnerable to OS command injection via the smart enumerate tool. The createSmartEnumerateTool function in src/core/agent/tools.ts constructs a shell command by concatenating unsanitized values from the extensions array and url parameter into a string passed to Node.js chi...

PT-2026-44065

Name of the Vulnerable Software and Affected Versions Archer BE450 v1 Archer BE7200 v1 Description An authenticated command injection allows an administrator to execute arbitrary system commands through the web management interface. By using the browser developer console, a crafted input can be...