PT-2026-7557

An improper neutralization of directives in statically saved code 'Static Code Injection' vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the...

CVE-2026-21516

Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...

CVE-2026-20841

Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...

CVE-2026-20841

Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...

CVE-2026-21256

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...

GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...

PT-2026-7401

Name of the Vulnerable Software and Affected Versions Github Copilot affected versions not specified Description A command injection issue exists in Github Copilot. This allows a remote, unauthorized attacker to execute code over a network. The issue is related to a failure to sanitize data at th...

PT-2026-7359

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Description The software contains a command injection issue due to improper neutralization of special elements used in commands. A successful exploit could allow an authorized...

PT-2026-7266

Name of the Vulnerable Software and Affected Versions Ergosis Security Systems Computer Industry and Trade Inc. ZEUS PDKS versions 1.0.5.10 through 10022026 Description The software contains an Improper Neutralization of Special Elements used in an SQL Command issue, specifically a SQL Injection...

Apache HertzBeat 安全漏洞

Apache HertzBeat is a tool developed by the Apache company that can monitor various components. Versions of Apache HertzBeat prior to 1.8.0 contained a security vulnerability, which was caused by improper data neutralization of XPath expressions, potentially leading to XPath injection attacks...

CVE-2025-6830

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Xpoda Türkiye Information Technology Inc. Password Module allows SQL Injection. This issue affects Password Module: through 11022026...

ROS-20260209-73-0024

Vulnerability in composer related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

ROS-20260209-73-0017

PowerDNS Recursor DNS server vulnerability is related to failure to take measures to neutralize special elements in the output data. Exploitation of the vulnerability could allow a remote attacker to affect the integrity and availability of protected information...

CVE-2026-1819

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS.This issue affects ViPort: through 23012026...

Improper Neutralization

Apache HTTP Server is vulnerable to Improper Neutralization. The vulnerability is due to environment variables set via Apache configuration improperly overriding server-calculated CGI variables, which allows an attacker to influence CGI execution by injecting or manipulating control sequences...

EUVD-2026-5337

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet Piano Analytics allows Cross-Site Scripting XSS.This issue affects AT Internet Piano Analytics: from 0.0.0 before 1.0.1, from 2.0.0 before 2.3.1...

CVE-2026-0946

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet SmartTag allows Cross-Site Scripting XSS.This issue affects AT Internet SmartTag: from 0.0.0 before 1.0.1...

CVE-2025-8589

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AKCE Software Technology R Industry and Trade Inc. SKSPro allows Reflected XSS.This issue affects SKSPro: through 07012026...

CVE-2026-1819

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS. This issue affects ViPort: through 23012026...

CVE-2026-1819

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS. This issue affects ViPort: through 23012026...