Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2026/06/05 7:25 p.m.12 views

CVE-2026-44972

GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 to 2.9.0, GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-readable output without escaping terminal control characters. A malicious package can therefore inject...

5CVSS5.5AI score0.00113EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/27 2:42 p.m.10 views

CVE-2026-44972 GuardDog: Unsanitized human-readable scan output allows terminal escape injection from malicious package content

GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 to 2.9.0, GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-readable output without escaping terminal control characters. A malicious package can therefore inject...

5CVSS5.9AI score0.00113EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/13 3:36 p.m.6 views

CVE-2026-44479

Vercel’s AI Cloud is a unified platform for building modern applications. From 50.16.0 to 52.0.0, hen the Vercel CLI runs in non-interactive mode --non-interactive or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the us...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/05/13 3:36 p.m.20 views

CVE-2026-44479

CVE-2026-44479 affects Vercel’s AI Cloud CLI between versions 50.16.0 and 52.0.0. In non-interactive mode, commands that cannot complete autonomously emit JSON payloads with follow-up commands, and if a token is supplied on the CLI (via --token/-t), the token value is included verbatim in those s...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder