Lucene search
K

230 matches found

NVD
NVD
added 2026/06/30 7:17 p.m.10 views

CVE-2026-58138

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS0.00938EPSS
Exploits1References5
CVE
CVE
added 2026/06/30 6:44 p.m.30 views

CVE-2026-58138

CVE-2026-58138 affects Orkes Conductor 3.21.21 up to, but not including, 3.30.2. The vulnerability arises from unsandboxed GraalVM evaluators built with HostAccess.ALL (or allowAllAccess(true)) used by INLINE, LAMBDA, DO_WHILE, and SWITCH task types, enabling an unauthenticated attacker to submit...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/06/30 6:44 p.m.4 views

CVE-2026-58138 Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/30 6:44 p.m.8 views

EUVD-2026-40377

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/30 6:44 p.m.6 views

CVE-2026-58138

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/06/30 6:44 p.m.3 views

CVE-2026-58138 Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.3CVSS6.8AI score0.00938EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.15 views

PT-2026-53941

Name of the Vulnerable Software and Affected Versions Orkes Conductor versions 3.21.21 through 3.30.1 Description An unauthenticated remote code execution issue exists that allows remote attackers to execute arbitrary OS commands. This occurs when malicious JavaScript or Python expressions are...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References8
NVD
NVD
added 2026/06/04 4:17 a.m.12 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS0.00283EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46138

Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions prior to 35.0.2 Description An authenticated project admin or manager can read local files on the Ironic conductor by exploiting the pxe template variable. Recommendations Update to version 35.0.2 or later...

4.9CVSS5.4AI score0.00283EPSS
Exploits0References16
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.8 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/04 12:0 a.m.14 views

EUVD-2026-34202

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application. It is used to configure bare machines rather than virtual machines. Versions of OpenStack Ironic prior to 35.0.2 contained a security vulnerability. This vulnerability stemmed from allowing malicious project administrators or managers to re...

4.9CVSS5.2AI score0.00283EPSS
Exploits0References3
CVE
CVE
added 2026/06/04 12:0 a.m.24 views

CVE-2026-44917

OpenStack Ironic (prior to 35.0.2) is vulnerable to an information-disclosure issue where a malicious authenticated project admin or manager can read local files on the Ironic conductor via a pxe_template. This CVE is documented across multiple sources (OpenStack Ironic, Debian tracker, CVE lists...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.8 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

7.8CVSS6.2AI score0.00199EPSS
Exploits1References1
NVD
NVD
added 2026/04/18 6:16 a.m.4 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

7.8CVSS0.00199EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/18 5:27 a.m.40 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS0.00199EPSS
Exploits1References4
CVE
CVE
added 2026/04/18 5:27 a.m.28 views

CVE-2026-41253

Affected software: iTerm2 versions up to 3.6.9 (with notes in Red Hat and EU sources also referencing iTerm2 &lt; 3.6.10 and

7.8CVSS6.2AI score0.00199EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/04/18 5:27 a.m.6 views

EUVD-2026-23656

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS6.2AI score0.00199EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/18 5:27 a.m.3 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS6.2AI score0.00199EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/18 5:27 a.m.6 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS6.2AI score0.00199EPSS
Exploits1References5
Rows per page
Query Builder