Lucene search
K

296 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/23 1:48 p.m.1 views

CVE-2019-25624

Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the vulnerability by entering arbitrary characters during application runtime, causing the...

6.9CVSS5.9AI score0.00174EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.10 views

Pixarra Liquid Studio 安全漏洞

Pixarra Liquid Studio is a digital art creation software developed by the American company Pixarra. It focuses on creating works in the “organic block-style” style, suitable for concept art, illustrations, textures, backgrounds, and the rendering of natural forms. Version 2.17 of Pixarra Liquid...

6.9CVSS5.8AI score0.00174EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.10 views

PT-2026-27130

Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the vulnerability by entering arbitrary characters during application runtime, causing the...

6.9CVSS5.9AI score0.00174EPSS
Exploits1References5
OSV
OSV
added 2026/03/20 9:50 a.m.5 views

CVE-2026-33130 Uptime Kuma: SSTI in Notification Templates Allows Arbitrary File Read (Incomplete Fix for GHSA-vffh-c9pq-4crh)

Uptime Kuma is an open source, self-hosted monitoring tool. In versions 1.23.0 through 2.2.0, the fix from GHSA-vffh-c9pq-4crh doesn't fully work to preventServer-side Template Injection SSTI. The three mitigations added to the Liquid engine root, relativeReference, dynamicPartials only block...

6.5CVSS5.8AI score0.0034EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/20 9:50 a.m.28 views

CVE-2026-33130 Uptime Kuma: SSTI in Notification Templates Allows Arbitrary File Read (Incomplete Fix for GHSA-vffh-c9pq-4crh)

Uptime Kuma is an open source, self-hosted monitoring tool. In versions 1.23.0 through 2.2.0, the fix from GHSA-vffh-c9pq-4crh doesn't fully work to preventServer-side Template Injection SSTI. The three mitigations added to the Liquid engine root, relativeReference, dynamicPartials only block...

6.5CVSS0.0034EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 9:50 a.m.3 views

CVE-2026-33130

Uptime Kuma is an open source, self-hosted monitoring tool. In versions 1.23.0 through 2.2.0, the fix from GHSA-vffh-c9pq-4crh doesn't fully work to preventServer-side Template Injection SSTI. The three mitigations added to the Liquid engine root, relativeReference, dynamicPartials only block...

6.5CVSS5.7AI score0.0034EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/03/20 9:50 a.m.9 views

EUVD-2026-13670

Uptime Kuma is an open source, self-hosted monitoring tool. In versions 1.23.0 through 2.2.0, the fix from GHSA-vffh-c9pq-4crh doesn't fully work to preventServer-side Template Injection SSTI. The three mitigations added to the Liquid engine root, relativeReference, dynamicPartials only block...

6.5CVSS5.7AI score0.0034EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.7 views

PT-2026-26603

Uptime Kuma is an open source, self-hosted monitoring tool. In versions 1.23.0 through 2.2.0, the fix from GHSA-vffh-c9pq-4crh doesn't fully work to preventServer-side Template Injection SSTI. The three mitigations added to the Liquid engine root, relativeReference, dynamicPartials only block...

6.5CVSS5.7AI score0.0034EPSS
Exploits1References5
EUVD
EUVD
added 2026/02/27 3:30 a.m.4 views

EUVD-2026-8976

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by configuring a maliciously crafted LCD state which is later processed during system setup, enabling remote code execution...

8.8CVSS6.5AI score0.01897EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-27113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.7 views

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 10:16 p.m.7 views

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS0.00428EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/20 10:16 p.m.5 views

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References3
OSV
OSV
added 2026/02/20 10:16 p.m.5 views

UBUNTU-CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References4
CVE
CVE
added 2026/02/20 9:34 p.m.14 views

CVE-2026-27113

CVE-2026-27113 concerns Liquid Prompt (bash/zsh prompt helper). The vulnerability affects the master branch prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c, where arbitrary command injection can occur when a user navigates to a Git directory whose branch name contains shell syntax (e.g.,...

6.3CVSS6.3AI score0.00428EPSS
Exploits0References2
OSV
OSV
added 2026/02/20 9:34 p.m.8 views

CVE-2026-27113 Liquid Prompt arbitrary command injection via crafted Git branch names in gitstatusd backend

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.4AI score0.00428EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/20 9:34 p.m.29 views

CVE-2026-27113 Liquid Prompt arbitrary command injection via crafted Git branch names in gitstatusd backend

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS0.00428EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/20 9:34 p.m.3 views

CVE-2026-27113 Liquid Prompt arbitrary command injection via crafted Git branch names in gitstatusd backend

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.2AI score0.00428EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/02/20 9:34 p.m.5 views

CVE-2026-27113

Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git...

6.3CVSS6.2AI score0.00428EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.10 views

Liquid Prompt 操作系统命令注入漏洞

Liquid Prompt is an open-source prompt tool developed by Liquid Prompt. Liquid Prompt has a vulnerability related to operating system command injection. This vulnerability arises from command injection when processing specially crafted branch names, which may lead to code execution...

6.3CVSS5.9AI score0.00428EPSS
Exploits0References2
Rows per page
Query Builder