104 matches found
CVE-2026-55249 @rtk-ai/rtk-rewrite: OpenClaw Rewrite Plugin Command Injection via execSync Template String
@rtk-ai/rtk-rewrite transparently rewrites shell commands executed via OpenClaw's exec tool to their RTK equivalents. In 1.0.0, the @rtk-ai/rtk-rewrite OpenClaw plugin passes attacker-controlled input directly into a shell-backed execSync template string without shell-safe escaping. JSON.stringif...
CVE-2026-48547 KanaDojo < 0.1.18 Command Injection via patchNotesData.json in release.yml
KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the version or changes fields of patchNotesData.json, which are interpolated unsanitized into a childprocess.execSync cal...
CVE-2026-25244
WebdriverIO is a test automation framework for unit, e2e and component testing using WebDriver, WebDriver BiDi and Appium. Versions below 9.24.0 contain a command injection vulnerability leading to remote code execution RCE in test orchestration. Git permits branch names containing shell...
WebdriverIO BrowserStack Service has a Command Injection issue
Summary A command injection vulnerability exists in @wdio/browserstack-service that allows remote code execution RCE when processing git branch names in test orchestration. An attacker can exploit this by providing a malicious git repository with a branch name containing shell command injection...
PT-2026-39872
Name of the Vulnerable Software and Affected Versions WebdriverIO versions prior to 9.24.0 Description A command injection issue exists in @wdio/browserstack-service that allows remote code execution. The problem occurs during test orchestration when processing git branch names. An attacker can...
CVE-2026-42076 Evolver: Command Injection via `execSync` in `_extractLLM()` function allows Remote Code Execution
Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a command injection vulnerability in the extractLLM function allows attackers to execute arbitrary shell commands on the server. The function constructs a curl command using string concatenation and passes it to...
PT-2026-36854
Name of the Vulnerable Software and Affected Versions Evolver versions prior to 1.69.3 Description A command injection issue exists in the extractLLM function. The function constructs a curl command using string concatenation and passes it to execSync without proper sanitization. This allows...
CVE-2026-25044
Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided commands using execSync without proper sanitization or validation. User input is processed through processStringSync which allows template interpolation, potentially allowing...
Command Injection
Overview @budibase/types is a Budibase types Affected versions of this package are vulnerable to Command Injection via the bash automation step, which executes user-supplied input using execSync without proper sanitization or validation. An attacker can execute arbitrary system commands by crafti...
CVE-2026-25044 Budibase: Command Injection in Bash Automation Step
Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided commands using execSync without proper sanitization or validation. User input is processed through processStringSync which allows template interpolation, potentially allowing...
CVE-2026-25044
Budibase (open-source low-code platform) contains a command-injection vulnerability prior to version 3.33.4. The bash automation step executes user-provided commands via execSync without proper sanitization or validation. User input is processed through processStringSync, which allows template in...
CVE-2026-5125 raine consult-llm-mcp server.ts child_process.execSync os command injection
A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...
CVE-2026-5125
A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...
Command Injection
MCP Watch is vulnerable to Command Injection. The vulnerability is due to unsanitized user input being passed to execSync in the cloneRepo method, which allows an attacker to append shell metacharacters to the URL and execute arbitrary commands on the host system...
Command Injection
Overview systeminformation is a simple system and OS information library. Affected versions of this package are vulnerable to Command Injection via the wifiNetworks function. Although the iface parameter is sanitized, it is passed unsanitized to execSync when a timeout triggers a retry. An attack...
CVE-2026-25046
Kimi Agent SDK is a set of libraries that expose the Kimi Code Kimi CLI agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to execSync as shell command strings. Prior to version 0.1.6, filenames containing shell metacharacters like $cmd could execute...
Command Injection
Wrangler is vulnerable to Command Injection. The vulnerability is due to unsanitized interpolation of the --commit-hash parameter into a shell command, where attacker-controlled input is passed directly to execSync, allowing arbitrary command execution in environments such as CI/CD pipelines that...
TencentOS Server 3: conmon (TSSA-2022:0258)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0258 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
EUVD-2021-0852
Malware in sbrugna...
EUVD-2025-27152
Malicious code in bioql PyPI...