2 matches found
CVE-2026-34112
creationtimestamp| type| source ---|---|--- 2026-07-01 21:27:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpmhhxvhug2v 2026-07-02 08:39:39+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnmzuspge2y...
CVE-2026-34112
Guardian Language-System is vulnerable to unauthenticated OS command injection via speechmac.php. The code passes the GET id parameter directly into an exec("php jobs/speech_audio_mac.php … "+id) without sanitization, enabling an attacker to append shell metacharacters and run arbitrary commands ...