17 matches found
CVE-2026-7061
A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. This manipulation causes os command injection. Remote exploitation of the attack is possible. The...
EUVD-2026-25731
A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. This manipulation causes os command injection. Remote exploitation of the attack is possible. The...
CVE-2026-7061 Toowiredd chatgpt-mcp-server MCP/HTTP docker.service.ts os command injection
A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. This manipulation causes os command injection. Remote exploitation of the attack is possible. The...
CVE-2026-7061
A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. This manipulation causes os command injection. Remote exploitation of the attack is possible. The...
CVE-2026-7061 Toowiredd chatgpt-mcp-server MCP/HTTP docker.service.ts os command injection
A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. This manipulation causes os command injection. Remote exploitation of the attack is possible. The...
CVE-2026-7061
The CVE-2026-7061 entry affects Toowiredd chatgpt-mcp-server up to version 0.1.0. The vulnerability is in the MCP/HTTP component, specifically the file src/services/docker.service.ts, where a manipulation leads to an OS command injection. Remote exploitation is possible and the exploit has been m...
ChatGPT MCP Server 命令注入漏洞
The ChatGPT MCP Server is a MCP server managed through natural language by Toowiredd’s individual developer. Versions of the ChatGPT MCP Server 0.1.0 and earlier had a command injection vulnerability, which stemmed from the os command injection present in the src/services/docker.service.ts file...
PT-2026-35268
Name of the Vulnerable Software and Affected Versions Toowiredd chatgpt-mcp-server versions prior to 0.1.1 Description An OS command injection flaw exists in the MCP/HTTP component within the src/services/docker.service.ts file. This allows remote attackers to execute arbitrary operating system...
CVE-2025-53376
Dokploy is a self-hosted PaaS where an authenticated, low-privileged user can execute arbitrary OS commands on the host via the tRPC procedure docker.getContainersByAppNameMatch, which interpolates an attacker-controlled appName into a Docker CLI call without sanitisation. The root cause is unsan...
SUSE SLES12 Security Update : docker-stable (SUSE-SU-2024:4205-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4205-1 advisory. - Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some...
Virtuozzo Hybrid Infrastructure 5.2 Update 1 (5.2.1-57)
This update provides full support for Authorization Code Flow, as well as bug fixes and improvements. Vulnerability id: VSTOR-57337 It is impossible to set the disk role to "Unassigned" while joining a node to the cluster. Vulnerability id: VSTOR-57187 Unable to add an iSCSI target with multiple...
Virtuozzo Hybrid Infrastructure 5.2 (5.2.0-135)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that enhance compute services, the cluster management and upgrade process, monitoring and alerts, the user interface, and the documentation. Additionally, this release delivers stability improvements and addresses...
OPENSUSE-SU-2021:1162-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: ansible: - The support level for ansible is l2, not l3 dracut-saltboot: - Force installation of libexpat.so.1 bsc1188846 - Use kernel parameters from PXE formula also for local boot golang-github-prometheus-prometheus: - Provide and reload firewalld...
Security update for golang-github-prometheus-prometheus (moderate)
openSUSE Security Update: Security update for golang-github-prometheus-prometheus Announcement ID: openSUSE-SU-2021:2664-1 Rating: moderate References: 1186242 SLE-18254 Cross-References: CVE-2021-29622 CVSS scores: CVE-2021-29622 NVD : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected...
Docker Elevation of Privilege Vulnerability
Docker is an open source application container engine from the American company Docker. The product supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrading of applications...
Updated docker packages fix security vulnerability
Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork: CVE-2018-16873: cmd/go: remote command execution during "go get -u" bsc1118897 CVE-2018-16874: cmd/go: directory traversal in "go get" via curly braces in import paths bsc1118898 CVE-2018-16875:...
Docker Service Detection
Binary data dockerservice.nbin...