Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

163 matches found

NVD
NVDadded 2026/05/18 8:16 p.m.8 views

CVE-2026-47090

Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape sequences using raw cwd and branchUrl values without stripping control characters or encoding embedded values, allowing attackers to inject arbitrary ANSI codes into terminal sessions. Attackers can...

4.6CVSS0.00011EPSS
Exploits0References4
CVE
CVEadded 2026/05/18 7:31 p.m.10 views

CVE-2026-47090

Claude HUD up to version 0.0.12 is affected by a terminal-injection vulnerability in OSC 8 hyperlink handling. The root cause is constructing OSC 8 sequences from raw cwd and branchUrl values without stripping control characters or encoding embedded values, enabling injection of ANSI codes into t...

4.6CVSS6AI score0.00011EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/18 7:31 p.m.8 views

CVE-2026-47090 Claude HUD 0.0.12 Terminal Injection via OSC 8 Hyperlinks

Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape sequences using raw cwd and branchUrl values without stripping control characters or encoding embedded values, allowing attackers to inject arbitrary ANSI codes into terminal sessions. Attackers can...

4.6CVSS6AI score0.00011EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/18 12:0 a.m.8 views

PT-2026-41730

Name of the Vulnerable Software and Affected Versions Claude HUD versions 0.0.0 through 0.0.12 Description The software constructs OSC 8 terminal hyperlink escape sequences using raw cwd and branchUrl values without stripping control characters or encoding embedded values. This allows attackers t...

4.6CVSS5.9AI score0.00011EPSS
Exploits0References7
EUVD
EUVDadded 2026/03/26 6:31 p.m.0 views

EUVD-2026-16234

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

8CVSS5.8AI score0.0002EPSS
Exploits0References2
OSV
OSVadded 2026/03/26 6:31 p.m.8 views

GHSA-3439-VQGJ-2GCF Mattermost allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

8CVSS5.9AI score0.0002EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/03/26 6:31 p.m.4 views

Mattermost allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

8.8CVSS5.9AI score0.0002EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2026/03/26 5:16 p.m.2 views

CVE-2026-3108

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

8.8CVSS0.0002EPSS
Exploits0References1
CVE
CVEadded 2026/03/26 4:16 p.m.3 views

CVE-2026-3108

Mattermost: CVE-2026-3108 affects versions 11.2.x up to 11.2.2, 10.11.x up to 10.11.10, 11.4.x up to 11.4.0, and 11.3.x up to 11.3.1. The vulnerability arises from failure to sanitize user-controlled post content in mmctl commands terminal output, allowing crafted messages with ANSI/OSC escape se...

8.8CVSS5.8AI score0.0002EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2026/03/24 3:54 p.m.2 views

MAL-2026-2382 Malicious code in osc-datagrid-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8b6beb7674c12933f815ec6da07e3bcb65403fef71ed76e7c1c8805df763672 The package osc-datagrid-validator was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/24 3:54 p.m.3 views

Malicious code in osc-datagrid-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8b6beb7674c12933f815ec6da07e3bcb65403fef71ed76e7c1c8805df763672 The package osc-datagrid-validator was found to contain malicious code...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/03/15 12:0 a.m.4 views

openSUSE 16 Security Update : osc, obs-scm-bridge (openSUSE-SU-2026:20361-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20361-1 advisory. Changes in osc: - 1.24.0 - Command-line: - Add '--target-owner' option to 'git-obs repo fork' command - Add '--self' parameter to fix 'no matching paren...

7.3CVSS6AI score0.00033EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linuxadded 2026/03/14 12:0 a.m.4 views

Security update for osc, obs-scm-bridge (moderate)

openSUSE security update: security update for osc, obs-scm-bridge ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20361-1 Rating: moderate References: bsc1230469 bsc1247410 Cross-References: CVE-2024-22038 CVSS scores: CVE-2024-22038 SUSE : 7.3...

7.3CVSS6AI score0.00033EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/13 12:0 a.m.1 views

MiracleLinux 9 : xterm-366-10.el9_6 (AXSA:2025-10445:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10445:01 advisory. xterm: code execution via OSC 50 input sequences CVE-2022-45063 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

9.8CVSS8.6AI score0.14033EPSS
Exploits1References2
EUVD
EUVDadded 2025/11/12 6:9 p.m.1 views

EUVD-2025-144496

Malicious code in augis-pomoi9r-osc npm...

6.6AI score
Exploits0
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2014-3141

Malware in sbrugna...

7.6CVSS6AI score0.03336EPSS
Exploits0References12
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2008-0340

Malware in sbrugna...

7.8CVSS6.4AI score0.01366EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-13320

Malware in sbrugna...

7.7CVSS7.4AI score0.0018EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2012-1131

Malware in sbrugna...

4.3CVSS6.2AI score0.00409EPSS
Exploits0References8
Rockylinux
Rockylinuxadded 2025/10/04 12:11 a.m.2 views

xterm security update

An update is available for xterm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The xterm program is a terminal emulator for the X Window System. It provides D...

9.8CVSS7.6AI score0.14033EPSS
Exploits1
Rows per page
Query Builder