Lucene search
K

6 matches found

Snyk
Snyk
added 2026/03/27 7:24 p.m.3 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the software installer pipeline that generates uninstall shell scripts without sanitization. An attacker can execute arbitrary system commands with elevated privileges by crafting malicious software package metadat...

9.8CVSS6.1AI score0.01282EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/27 7:24 p.m.2 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the software installer pipeline that generates uninstall shell scripts without sanitization. An attacker can execute arbitrary system commands with elevated privileges by crafting malicious software package metadat...

9.8CVSS6.1AI score0.01282EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/27 7:24 p.m.8 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the software installer pipeline that generates uninstall shell scripts without sanitization. An attacker can execute arbitrary system commands with elevated privileges by crafting malicious software package metadat...

9.8CVSS6.1AI score0.01282EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/27 7:24 p.m.2 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the software installer pipeline that generates uninstall shell scripts without sanitization. An attacker can execute arbitrary system commands with elevated privileges by crafting malicious software package metadat...

9.8CVSS6.1AI score0.01282EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 6:31 p.m.4 views

CVE-2026-34387

Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root macOS/Linux or SYSTEM Windows on managed hosts when an uninstall is triggered for a crafted...

8.4CVSS6.4AI score0.01282EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/27 6:31 p.m.4 views

EUVD-2026-16758

Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root macOS/Linux or SYSTEM Windows on managed hosts when an uninstall is triggered for a crafted...

8.4CVSS6.4AI score0.01282EPSS
Exploits0References1
Rows per page
Query Builder