2179 matches found
EUVD-2026-43312
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...
CVE-2026-10106
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...
CVE-2026-10106 Unauthorized users can trigger interactive post actions in private channels via action cookie channel mismatch in Mattermost
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...
CVE-2026-10106
Mattermost vulnerable versions: 11.7.x ≤ 11.7.2, 11.6.x ≤ 11.6.4, and 10.11.x ≤ 10.11.19. The issue stems from failing to verify that the channel referenced in an action cookie matches the target post’s channel, enabling an authenticated user without access to a private channel to trigger interac...
Malicious code in stella-coder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0c3ed879ef15a68d537ad7b6ddb59508aba58eee49c8ca19b916ef59a0c2da6 stella-cli/telegram-bot.mjs hardcodes a Telegram bot API token BOTTOKEN = "8923551485:AAFw4wG8ZwOtp5rzFsnguxhu4AH-2ebSi0" that is controlled by the...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the ssh process. An attacker can execute arbitrary commands on the operator's workstation by injecting malicious OpenSSH options when the operator runs non-interactive SSH commands. Remediation Upgrade...
CVE-2026-47829
CVE-2026-47829 describes an argument injection flaw in bosh-cli that lets a compromised BOSH Director inject arbitrary OpenSSH options into the locally-spawned ssh process when operators run non-interactive SSH paths (e.g., bosh ssh -c, bosh logs -f). This can lead to local command execution on t...
MAL-2026-6757 Malicious code in vps-maintenance-paperclip-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48d7d517534385e3776097217c197836517e4f4d84ef29598724c4398bfc875e On import of the server entry module, a top-level try block detaches a shell process that 1 appends an attacker-controlled ssh-ed25519 public key to...
GHSA-W5WW-7CHG-MXCQ OpenClaw: Telegram interactive callbacks could skip commands.allowFrom
Summary Telegram interactive callbacks could skip commands.allowFrom. In affected versions, a Telegram user able to invoke an affected callback could mark the callback as an authorized sender before applying commands.allowFrom. This advisory is scoped to the named feature and configuration. It do...
EUVD-2025-210391
picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...
CVE-2025-71371
picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...
CVE-2025-71371
CVE-2025-71371 affects picklescan
PT-2026-54011
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description The software fails to detect malicious pickle files that utilize the code.InteractiveInterpreter.runcode function within reduce methods. This allows attackers to craft pickle payloads that bypass...
CVE-2026-48721 Warp: Env-var prefixes can lead to denylisted command autoexecution
Warp is an agentic development environment. From 0.2025.10.08.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command execution permission-check bypass in the default unsandboxed CLI agent profile. The CLI profile is non-interactive and relies on a command denylist as a safety...
CVE-2026-48721
Warp: The default unsandboxed CLI agent profile uses a command denylist as a safety boundary. From 0.2025.10.08.08.12.stable_00 to 0.2026.05.06.15.42.stable_01, Warp’s command output can be influenced by environment-variable prefixes, causing denylisted commands to be treated as allowed. This byp...
CVE-2026-48721 Warp: Env-var prefixes can lead to denylisted command autoexecution
Warp is an agentic development environment. From 0.2025.10.08.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command execution permission-check bypass in the default unsandboxed CLI agent profile. The CLI profile is non-interactive and relies on a command denylist as a safety...
PT-2026-52176
Name of the Vulnerable Software and Affected Versions Drupal Salesforce Suite versions 0.0.0 through 5.1.3 Description A Cross-Site Request Forgery CSRF issue exists where the software fails to properly validate the OAuth handshake during interactive authentication. This allows an attacker to...
CVE-2026-47633
Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network...
CVE-2026-47633
Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network...
Unix Command Shell, Bind TCP (via socat)
Creates an interactive shell via socat Module Options msf use payload/cmd/unix/bindsocattcp msf payloadbindsocattcp show actions ...actions... msf payloadbindsocattcp set ACTION msf payloadbindsocattcp show options ...show and set options... msf payloadbindsocattcp run This module requires...