CVE-2026-45662

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.0 and earlier, the deleteRegistry function in Dokploy packages/server/src/services/registry.ts executes docker logout $response.registryUrl without shell escaping. In the same file, the docker login command correctly uses shEsca...

Dokploy 操作系统命令注入漏洞

Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy prior to 0.29.0 contained a vulnerability related to operating system command injection. This vulnerability arose because the deleteRegistry function executed the docker logout command without proper shell escapin...

PT-2026-44903

Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.29.1 Description Dokploy is a self-hostable Platform as a Service PaaS. A command injection issue exists in the deleteRegistry function within the packages/server/src/services/registry.ts file. The application...

The vulnerabilities of Kaspersky’s antivirus protection tools—Kaspersky Virus Removal Tool for Windows, Kaspersky Endpoint Security for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Anti-Virus SDK for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, and Kaspersky Security Cloud—are related to authentication mechanism flaws. These flaws allow attackers to delete arbitrary files or registry keys.

The vulnerabilities of Kaspersky’s antivirus protection tools—Kaspersky Virus Removal Tool for Windows, Kaspersky Endpoint Security for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Anti-Virus SDK for Windows, Kaspersky Small Office Security, Kaspersky for Windows Standard...