CVE-2026-9452 FoundDream miniclawd exec.ts ExecTool.execute os command injection

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...

CVE-2026-9437

A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...

CVE-2026-9437

DTStack Taier 1.4.0 REST API Runtime.exec is affected. The vulnerability arises from manipulation of the sqlText argument, enabling OS command injection that could be exploited remotely. Exploit information is publicly disclosed; no remediation details are provided in the documents. The connected...

PT-2026-43039

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...

miniclawd 操作系统命令注入漏洞

miniclawd is a lightweight personal AI assistant with multi-LLM and multi-channel support by Ziwen Personal Developer. miniclawd suffers from an OS command injection vulnerability that originates from the parameter manipulation of the function ExecTool.execute in the file /src/tools/exec.ts, whic...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allows exposure of file descriptors to an unintended control sphere, because rdainterpret uses a privileged pipe without the closeonexec flag...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for the usmmigrateexecqueue. The GuC context scheduling queue contains 2 entries. Therefore, it is possible for a migration job to get stuck behind a fault if the migrateexecqueue shares...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ELF: fixed the double read of kernel.randomizevaspace. The ELF loader uses “randomizevaspace” twice. This is a sysctl setting that can be changed at any time. Therefore, two reads could potentially access different values,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit numsyncs to prevent oversized allocations. The exec and vmbind ioctls allow userspace to specify an arbitrary numsyncs value. Without bounds checking, a very large numsyncs value can force an excessively large...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: exec: Fix for the issue involving the comparison between permission checks and setuid/gid usage When opening a file for execution using dofilpopen, permission checks are performed based on the file’s metadata at that moment. If t...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021539 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec...

crun: crun: Privilege escalation due to incorrect parsing of the `--user` option

A flaw was found in crun, an open-source OCI Container Runtime. A local user can exploit this vulnerability due to incorrect parsing of the --user option when using crun exec. The value 1 is misinterpreted as root privileges User ID 0 and Group ID 0 instead of the intended User ID 1 and Group ID ...

GHSA-M7CR-M3PV-HGRP go-git: Improper single-quote escaping in go-git SSH transport

Impact go-git's SSH transport constructs the remote exec command by wrapping the repository path in single quotes without escaping single quotes embedded inside the path. This diverges from canonical Git, which shell-quotes the path through sqquotebuf so that an embedded ' becomes the '''...

crun: crun: Privilege escalation due to incorrect parsing of the `--user` option

A flaw was found in crun, an open-source OCI Container Runtime. A local user can exploit this vulnerability due to incorrect parsing of the --user option when using crun exec. The value 1 is misinterpreted as root privileges User ID 0 and Group ID 0 instead of the intended User ID 1 and Group ID ...

Sitecore Experience Platform Pre-Auth RCE

Sitecore XP 7.5 to Sitecore XP 8.2 Update 7 is vulnerable to an insecure deserialization attack where remote commands can be executed by an attacker with no authentication or special configuration required. id: CVE-2021-42237 info: name: Sitecore Experience Platform Pre-Auth RCE author: pdteam...

webdriverio 操作系统命令注入漏洞

WebdriverIO is an open-source automation testing framework for browsers and mobile devices developed by WebdriverIO. Versions of WebdriverIO prior to 9.24.0 had a vulnerability related to operating system command injection. This vulnerability stemmed from the getGitMetadataForAISelection function...

CVE-2026-8752 h2oai h2o-3 Rapids setproperty Primitive AstSetProperty.java exec access control

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

CVE-2026-31220

PySyft Syft Datasite/Server versions 0.9.5 and earlier are vulnerable to remote code execution due to insufficient validation and sandboxing of user-submitted code. The system allows low-privileged users to submit Python functions via @sy.syftfunction for remote execution on the server. While a...

CVE-2026-31231

Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec function without any sandboxing, validation, or security...

Electerm: Importing unsafe bookmark data could lead to unsafe operation when clicking local type bookmark

Impact Persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookmark JSON files or who have electerm sync configured gist/WebDAV. The attacker can inject exec fields or global config to cause remote code to run when a bookmark is opened ...