Lucene search
K

26 matches found

NVD
NVD
added 2026/06/24 9:16 p.m.9 views

CVE-2026-52806

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs allows authenticated users to achieve Remote Code Execution RCE on the server by creating a pull request with a specially crafted branch name that injects the --exec flag into the git rebase command during the "Rebase before...

9.9CVSS0.01029EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 6:17 p.m.8 views

CVE-2026-48719

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...

8CVSS0.00948EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 5:33 p.m.30 views

CVE-2026-48719 Warp branch selector command injection via Git branch names

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...

8CVSS0.00948EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 5:33 p.m.6 views

EUVD-2026-39001

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...

8CVSS5.8AI score0.00948EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 p.m.5 views

CVE-2026-48719

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...

8CVSS5.8AI score0.00948EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.19 views

PT-2026-48391

Name of the Vulnerable Software and Affected Versions Warp versions 0.2025.08.06.08.12.stable 00 through 0.2026.05.06.15.41.stable 01 Description A command injection exists in the prompt branch selector. An attacker who publishes a crafted branch name to a Git repository can execute arbitrary...

8CVSS6.2AI score0.00948EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-27113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.7 views

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 10:16 p.m.7 views

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS0.00428EPSS
Exploits0References2
OSV
OSV
added 2026/02/20 10:16 p.m.4 views

UBUNTU-CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/20 10:16 p.m.5 views

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References3
CVE
CVE
added 2026/02/20 9:34 p.m.14 views

CVE-2026-27113

CVE-2026-27113 concerns Liquid Prompt (bash/zsh prompt helper). The vulnerability affects the master branch prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c, where arbitrary command injection can occur when a user navigates to a Git directory whose branch name contains shell syntax (e.g.,...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/20 9:34 p.m.28 views

CVE-2026-27113 Liquid Prompt arbitrary command injection via crafted Git branch names in gitstatusd backend

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS0.00428EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/02/20 9:34 p.m.5 views

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.2AI score0.00428EPSS
Exploits0
OSV
OSV
added 2026/02/20 9:34 p.m.8 views

CVE-2026-27113 Liquid Prompt arbitrary command injection via crafted Git branch names in gitstatusd backend

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.4AI score0.00428EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.5 views

PT-2026-21303

Name of the Vulnerable Software and Affected Versions Liquid Prompt affected versions not specified Description Liquid Prompt, an adaptive prompt for Bash and Zsh, contains a flaw where arbitrary command injection can lead to code execution. This occurs when a user enters a directory within a Git...

6.3CVSS6AI score0.00428EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.4 views

CVE-2021-22196

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. It was possible to exploit a stored cross-site-scripting in merge request via a specifically crafted branch name...

6.3CVSS6.7AI score0.00939EPSS
Exploits0References1
OSV
OSV
added 2024/06/10 10:15 p.m.5 views

UBUNTU-CVE-2024-35242

Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the composer install command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories. Patches are availab...

8.8CVSS5.8AI score0.03255EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/06/10 12:0 a.m.4 views

composer security vulnerability

composer is a software application. It provides a statement to manage and install dependencies for PHP projects. A security vulnerability exists in composer versions prior to 2.2.24 and 2.7.7, which stems from the fact that the composer install command run from a git/hg repository with a speciall...

8.8CVSS6.9AI score0.03255EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/06/10 12:0 a.m.6 views

composer security vulnerability

composer is a software application. It provides a declaration to manage and install dependencies of PHP projects. A security vulnerability exists in composer versions prior to 2.2.24 and 2.7.7, which stems from the ability to execute code using the status, reinstall, and remove commands, as well ...

8.8CVSS7.2AI score0.0105EPSS
Exploits0References7
Rows per page
Query Builder