EUVD-2026-27009

Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a command injection vulnerability in the extractLLM function allows attackers to execute arbitrary shell commands on the server. The function constructs a curl command using string concatenation and passes it to...

CVE-2026-42076

CVE-2026-42076 affects Evolver, a GEP-powered self-evolving engine for AI agents. A command injection flaw exists in the _extractLLM() function prior to version 1.69.3: the code builds a curl command via string concatenation and passes it to execSync() without proper sanitization, enabling remote...

Evolver: Command Injection via `execSync` in `_extractLLM()` function allows Remote Code Execution

Summary A command injection vulnerability in the extractLLM function allows attackers to execute arbitrary shell commands on the server. The function constructs a curl command using string concatenation and passes it to execSync without proper sanitization, enabling remote code execution when the...

GHSA-J5W5-568X-RQ53 Evolver: Command Injection via `execSync` in `_extractLLM()` function allows Remote Code Execution

Summary A command injection vulnerability in the extractLLM function allows attackers to execute arbitrary shell commands on the server. The function constructs a curl command using string concatenation and passes it to execSync without proper sanitization, enabling remote code execution when the...

Advisory ROSA-SA-2026-3138

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 unaffected versions = curl-7.61.1-34.0.2.rv30.9 affected versions curl-7.61.1-34.0.2.rv30.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

curl: Missing enforcement of SFTP quote syntax can lead to operation on wrong object

Summary: curl supports -Q or --quote and libcurl CURLOPTQUOTE to specify "commands" to execute for ftp and SFTP connections. The SFTP supports commands that perform operations on filesystem objects. When the object path has a filename, the caller is supposed to quote the parameter example: -Q...

Command Injection

figma-developer-mcp is vulnerable to Command Injection. The vulnerability is due to unsanitized input to shell metacharacters in a POST being passed to a fetchWithRetry curl command, and an unauthenticated attacker with network access can inject and execute arbitrary OS commands as the MCP proces...

EUVD-2021-20335

Malware in sbrugna...

EUVD-2019-19166

Malware in sbrugna...

EUVD-2021-15592

Malware in sbrugna...

EUVD-2022-4541

Malicious code in bioql PyPI...

EUVD-2024-26974

Malicious code in bioql PyPI...

RLSA-2025:11797 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird:...

CVE-2025-5265

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...

CVE-2025-5265

CVE-2025-5265 concerns Firefox on Windows where the Copy as cURL feature improperly escapes the ampersand, enabling a crafted command to trigger local code execution. The impact is described as potentially allowing arbitrary code execution on the user’s system when the user runs the affected curl...

CVE-2025-5264

CVE-2025-5264 involves insufficient escaping of the newline character in Firefox/Thunderbird Copy as cURL functionality, enabling a user to be tricked into executing a crafted command locally. Affected: Firefox < 139, Firefox ESR < 115.24/128.11, Thunderbird

Mozilla Thunderbird < 128.11

The version of Thunderbird installed on the remote Windows host is prior to 128.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-46 advisory. - Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory...

curl: curl -OJ allows creating custom .curlrc file which allows exfiltrating private data, among other things

Summary: If someone convinces someone to use curl -OJ http://example.com/somefile.txt, the Content-Disposition header can be used to create a .curlrc file if one doesn't exist and one is running curl from the home directory. From that point on, the attack controls any argument to all curl...

CVE-2025-4084

Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Thi...

Advisory ROSA-SA-2025-2748

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 packageevrstring: curl-7.61.1-34.0.2.rv3.2 CVE-ID: CVE-2022-32221 BDU-ID: 2022-07403 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the cURL command line utility is related to a logical error in the reused descriptor when processing subsequent...