EUVD-2025-208962

Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments. To successfully execute this attack, the attacker needs to be on the sam...

CVE-2026-1995 IDrive Cloud Backup Client for Windows contains a privilege escalation vulnerability

IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...

CVE-2026-1995

IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...

CVE-2026-1995 IDrive Cloud Backup Client for Windows contains a privilege escalation vulnerability

IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...

CVE-2025-11571

CVE-2025-11571 relates to command execution via vulnerable endpoints in Simplicity Installer. Description indicates endpoints accept user-controlled input through a URL in JSON format, allowing execution of commands that can open executables, but commands cannot pass parameters. Attack requires t...

MAL-2026-2201 Malicious code in privaton-beacon-img-8f3603448690bdde-png (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron be565465ab48d5cf9d07625d2414c21814f63826ea9325c35dca838e40aa24e9 This package is an install-time-executable sdist that uses setup.py paired with an opaque data.bin payload and a beacon name...

EUVD-2026-14593

OpenClaw before 2026.3.1 contains an approval bypass vulnerability in system.run where non-path-like argv0 tokens fail to bind executable identity, allowing post-approval executable rebind. Attackers can modify PATH resolution after approval to execute a different binary than the operator approve...

IDrive 安全漏洞

IDrive is a cloud backup and cloud storage service solution provided by the American company IDrive. There is a security vulnerability in IDrive, which stems from the idservice.exe process using privileged access to read files. This vulnerability could allow attackers to specify any executable pa...

CVE-2026-32910

Rejected reason: This CVE ID has been rejected...

CVE-2026-32910

...

CVE-2026-32910

CVE-2026-32910 affects OpenClaw prior to 2026.3.1. The vulnerability is an approval bypass in the system.run flow where non-path-like argv[0] tokens fail to bind executable identity, allowing post-approval executable rebind. Practically, an attacker can modify PATH resolution after approval to ex...

CVE-2026-33717

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...

CVE-2026-33717

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...

CVE-2026-33647

WWBN AVideo (versions up to 26.0) is affected by a RCE in ImageGallery::saveFile(), where MIME-type validation via finfo passes a polyglot file with a .php extension because the saved filename extension is derived from the user-provided name without an allowlist. An attacker can upload a file wit...

CVE-2026-33647 AVideo Vulnerable to Remote Code Execution via MIME/Extension Mismatch in ImageGallery File Upload

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the user-supplied original filename without an allowlist check. An...

Malicious code in apply-hive-table (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cd10a24231fb7b6830827a26ee11d450938fce94e811f0c233c6a63a8e3c98d9 In specific environments, during installation, the package attempts to exfiltrate some basic information using DNS requests and then cover tracks by installing...

MAL-2026-2112 Malicious code in apply-hive-table (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cd10a24231fb7b6830827a26ee11d450938fce94e811f0c233c6a63a8e3c98d9 In specific environments, during installation, the package attempts to exfiltrate some basic information using DNS requests and then cover tracks by installing...

MAL-2026-2106 Malicious code in dmclc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 895439e6afba407fb85d315e2c99f0d1434905a1ee72b172e62d55abbb8c93a3 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...

MAL-2026-2107 Malicious code in financial-crimes-general-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21f201c2aada618cb80f926b029f6b83b3f3bd9ffd0b35d5a4bb0c3aa1afd792 In specific environments, during installation, the package attempts to exfiltrate some basic information using DNS requests and then cover tracks by installing...

Malicious code in financial-crimes-general-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21f201c2aada618cb80f926b029f6b83b3f3bd9ffd0b35d5a4bb0c3aa1afd792 In specific environments, during installation, the package attempts to exfiltrate some basic information using DNS requests and then cover tracks by installing...