CVE-2026-56696

OpenHarness /issue and /prcomments slash commands lack remoteinvocable=False protection, allowing remote channel senders to write attacker-controlled Markdown into project context files. Admitted remote attackers can inject malicious content into .openharness/issue.md and .openharness/prcomments....

EUVD-2023-42138

Malicious code in bioql PyPI...

EUVD-2025-9391

Malicious code in bioql PyPI...

CVE-2025-1610 LB-LINK AC1900 Router set_blacklist websGetVar os command injection

A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this issue is the function websGetVar of the file /goform/setblacklist. The manipulation of the argument mac/enable leads to os command injection. The attack may be launched remotely. The exploit has...

CVE-2018-7440

An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $command approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836...

Solaris 2.5.1 - automount Local Privilege Escalation

Solaris 2.5.1 - automount Local Privilege Escalation / source: https://www.securityfocus.com/bid/235/info The automounter daemon automountd answers file system mount and unmount requests from the autofs filesystem via RPC. A vulnerability has been discovered that may allow an unauthorized user to...