CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

107 matches found

RedhatCVE•added 2026/02/21 1:28 a.m.•1 views

CVE-2026-27476

RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...

9.8CVSS6.1AI score0.00389EPSS

Exploits1References1

Positive Technologies•added 2026/02/19 12:0 a.m.•4 views

PT-2026-20937

Name of the Vulnerable Software and Affected Versions RustFly version 2.0.0 Description RustFly 2.0.0 contains a command injection issue in its remote UI control mechanism. The software accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted...

9.8CVSS6AI score0.00389EPSS

Exploits1References5

CNNVD•added 2026/02/19 12:0 a.m.•3 views

Bixat RustFly 操作系统命令注入漏洞

Bixat RustFly is a cross-platform remote control tool developed by the Moroccan company Bixat. Version Bixat RustFly 2.0.0 contains a vulnerability related to operating system command injection. This vulnerability arises from the improper handling of hexadecimal-encoded commands received via UDP...

9.8CVSS5.9AI score0.00389EPSS

Exploits1References2

OSSF Malicious Packages•added 2025/11/18 11:47 p.m.•3 views

Malicious code in aws-enumerateiam (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c108190780b32337fdce8748948935ac4229f0236710653f363b80a95dfbcd17 Before creating the boto3 client, package exfiltrates user's credentials. In this version, the exfiltrating is masked as connecting to an AWS component. The UR...

6.9AI score

Exploits0References1