CVE-2026-28279

osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the osctrl-admin environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing environments. These...

SUSE-SU-2026:0628-1 Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization around source building golang-github-boynux-squidexporter: - Update to version 1.13.0 jscPED-14971 - Add support for squid-internal-mgr path for metrics. - Update to version...

EUVD-2025-124155

Malicious code in octans-cross-env-config-cassini npm...

Ruby on Rails: HTTP Host injection in redirect_to function

Hi team, Here is the sample vulnerable code ruby class TesttestController You are being redirected." end Then it will check if the options, because the input is String, so it will be the concatenate of request.protocol + request.hostwithport + options File actioncontroller\metal\redirecting.rb li...