CVE-2026-45672 Open WebUI: Jupyter code execution works despite `ENABLE_CODE_EXECUTION=false` — feature gate bypassed

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/v1/utils/code/execute endpoint executes arbitrary Python code via Jupyter for any verified user, even when the admin has set ENABLECODEEXECUTION=false. The feature gate is...

PT-2026-41202

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.12 Description Any verified user can execute arbitrary Python code via Jupyter because the '/api/v1/utils/code/execute' endpoint does not enforce the ENABLE CODE EXECUTION configuration flag. Even when an...

CVE-2018-25258 RGui 3.5.0 Local Buffer Overflow SEH DEP Bypass

RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...

CVE-2026-32979 OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host Approval

OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute rewritten local code by modifying scripts between approval and execution when exact file binding cannot occur. Remote attackers can change approved local scripts before execution to achieve...

CVE-2026-22175

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

CVE-2026-32043

OpenClaw versions prior to 2026.2.25 contain a time-of-check-time-of-use vulnerability in approval-bound system.run execution where the cwd parameter is validated at approval time but resolved at execution time. Attackers can retarget a symlinked cwd between approval and execution to bypass comma...

CVE-2026-22175

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

EUVD-2026-12718

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

CVE-2026-22175 OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

EUVD-2026-9891

OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests, allowing attackers to bypass command approval restrictions. Remote attackers can craft command strings with shell metacharacters like & or %...% to execute unapproved...

CVE-2019-25435 Sricam DeviceViewer 3.12.0.1 Local Buffer Overflow DEP Bypass

Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User...

AWS VDP: Arbitrary Code Execution via Scanner Bypass in **aws-diagram-mcp-server** `exec()` Namespace

Description: The aws-diagram-mcp-server contains an arbitrary code execution vulnerability in diagramstools.py. User-supplied Python code is executed via execcode, namespace at line 305 with a namespace containing the full os module, urlretrieve, and Python builtins. A security scanner scanner.py...

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1374)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1374 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...

PT-2026-6581

Name of the Vulnerable Software and Affected Versions 10-Strike Network Inventory Explorer version 9.03 Description The software contains a buffer overflow issue in the file import functionality that enables remote attackers to run code without authorization. An attacker can create a specially...

EUVD-1999-1328

Malware in sbrugna...

EUVD-2013-7219

Malware in sbrugna...

EUVD-2015-5733

Malware in sbrugna...

EUVD-2015-3141

Malware in sbrugna...

CVE-2025-54795

Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...

CVE-2025-49131

The CVE-2025-49131 affects FastGPT’s sandbox container (fastgpt-sandbox) prior to 4.9.11. The issue is insufficient isolation and overly permissive syscalls that allow bypassing Python import restrictions, enabling reads/writes of arbitrary files and potential sandbox escape. A PoC exploit exists...