Lucene search
K

146624 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 11:50 a.m.17 views

Malicious code in atel-mcp-openclaw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1e4255e19fdb4f0352f184f35599be81651badab879e4f39d0f3bb4fda4a58e The package contains multiple structural fingerprints of an active credential-stealer / C2 implant. bin/install.js performs lifecycle-time HTTP POSTs...

5.8AI score
Exploits0References2
EUVD
EUVD
added 2026/05/25 11:45 a.m.12 views

EUVD-2026-31673

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...

10CVSS5.5AI score0.01909EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 11:45 a.m.10 views

CVE-2026-9455

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...

10CVSS6.9AI score0.01909EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/25 11:45 a.m.36 views

CVE-2026-9455 Totolink A8000RU Web Management cstecgi.cgi UploadOpenVpnCert os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...

10CVSS0.01909EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 11:45 a.m.11 views

CVE-2026-9455 Totolink A8000RU Web Management cstecgi.cgi UploadOpenVpnCert os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...

10CVSS6.9AI score0.01909EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 11:45 a.m.24 views

CVE-2026-9455

CVE-2026-9455 affects Totolink A8000RU Web Management, specifically the UploadOpenVpnCert function in /cgi-bin/cstecgi.cgi. The vulnerability stems from manipulating the FileName argument, causing a remote OS command injection with network access, and a public exploit is indicated (exploit maturi...

10CVSS6.9AI score0.01909EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 11:30 a.m.12 views

CVE-2026-9454

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS7AI score0.01909EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/25 11:30 a.m.8 views

CVE-2026-9454 Totolink A8000RU Web Management cstecgi.cgi setOpenVpnCertGenerationCfg os command injection

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS7AI score0.01909EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 11:30 a.m.39 views

CVE-2026-9454 Totolink A8000RU Web Management cstecgi.cgi setOpenVpnCertGenerationCfg os command injection

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS0.01909EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 11:30 a.m.12 views

EUVD-2026-31670

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS5.6AI score0.01909EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 11:30 a.m.24 views

CVE-2026-9454

The CVE concerns Totolink A8000RU Web Management (version 7.1cu.643_b20200521). The vulnerable component is the function setOpenVpnCertGenerationCfg in /cgi-bin/cstecgi.cgi. The root cause is a manipulation of the argument servername that leads to an OS command injection. The issue appears to be ...

10CVSS7AI score0.01909EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/05/25 11:16 a.m.86 views

dvwa_web_security_labs

DVWA Web Security Labs Project Description This project c...

6AI score
Exploits0
NVD
NVD
added 2026/05/25 11:16 a.m.24 views

CVE-2026-9452

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...

7.5CVSS0.01385EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 11:15 a.m.13 views

EUVD-2026-31671

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS5.6AI score0.01385EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 11:15 a.m.38 views

CVE-2026-9453 FoundDream miniclawd SkillsLoader skills-loader.ts which command injection

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS0.01385EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 11:15 a.m.9 views

CVE-2026-9453 FoundDream miniclawd SkillsLoader skills-loader.ts which command injection

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS6.8AI score0.01385EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 11:15 a.m.11 views

CVE-2026-9453

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS6.8AI score0.01385EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 11:15 a.m.20 views

CVE-2026-9453

Technical details (affected products, versions, root cause, exploit specifics) are not publicly available in the provided documents. Monitor for updates.

7.5CVSS6.8AI score0.01385EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 11:0 a.m.16 views

CVE-2026-9452

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...

7.5CVSS6.7AI score0.01385EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 11:0 a.m.41 views

CVE-2026-9452 FoundDream miniclawd exec.ts ExecTool.execute os command injection

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...

7.5CVSS0.01385EPSS
Exploits0References5
Rows per page
Query Builder