3173 matches found
CVE-2026-14371
The vulnerability CVE-2026-14371 affects Lenovo XClarity Integrator for Windows Admin Center plugin (WAC Gateway) version 5.1.1 and earlier. The issue is a Powershell Command Injection when establishing remote PowerShell commands, with a CVSS v4.0 base score of 8.8 (HIGH) and impact across confid...
CVE-2026-14371
The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands...
New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands
Cybersecurity researchers have called attention to a new modular malware called TELEPUZ that's been spreading via websites infected with ClickFix lures since late April 2026. "The malware is full-featured, lightweight, and modular," Elastic Security Labs researcher Cyril François said in a...
Sunflower Simple and Personal 1.0.1.43315 - Remote Code Execution
Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...
CVE-2026-40400
Relative path traversal in Windows PowerShell allows an authorized attacker to execute code over a network...
CVE-2026-40400 Windows PowerShell Remote Code Execution Vulnerability
...
CVE-2026-40400
CVE-2026-40400 is a Windows PowerShell relative path traversal vulnerability that could enable an authorized attacker to execute code over a network. The CVE entry identifies a remote code execution risk with NETWORK attack vector, LOW attack complexity, and LOW privileges required, but with UI i...
CVE-2026-40400 Windows PowerShell Remote Code Execution Vulnerability
...
Malicious code in auto-debug-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dd31c11b5149d8dd2142c81cc066576dc799ba4dae4599a9569cb56256417ec package.json declares a postinstall hook node install.js that fires automatically on npm install. On Windows, install.js invokes hidden PowerShell -N...
MGASA-2026-0240 Updated vim packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Arbitrary Code Execution via Python Omni-Completion in Vim 9.1.1783 && Vim = 9.2.0320 && Vim 9.2.0679. CVE-2026-57454 Out-of-bounds Write in SOFO Soundfolding in Vim 9.2.0698. CVE-2026-57455 Arbitrary Code Execution via Python Omni-Completion...
Updated vim packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Arbitrary Code Execution via Python Omni-Completion in Vim 9.1.1783 && Vim = 9.2.0320 && Vim 9.2.0679. CVE-2026-57454 Out-of-bounds Write in SOFO Soundfolding in Vim 9.2.0698. CVE-2026-57455 Arbitrary Code Execution via Python Omni-Completion...
Malicious code in multer-orm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb45c09aa7a237b2b9ff18ccf6426b76a4f46e5ea665c7747f35a345940e161 multer-orm is a typosquat of the widely used multer middleware. Its README is copied from multer, but the package adds a load-time dropper in...
Devolutions Remote Desktop Manager 2026.2.5 < 2026.2.12 Code Execution (DEVO-2026-0021)
The version of Devolutions Remote Desktop Manager installed on the remote host is 2026.2.5 through 2026.2.11. It is, therefore, affected by a code execution vulnerability: - Incorrect link resolution by display name in the custom PowerShell VPN editor allows an authenticated attacker with write...
GHSA-J472-GF56-X589 OpenClaw: PowerShell encoded-command aliases could miss exec allowlist checks
Summary PowerShell encoded-command aliases could miss exec allowlist checks. In affected versions, a command request using abbreviated encoded-command flags could use an alias form not recognized by the allowlist parser. This advisory is scoped to the named feature and configuration. It does not...
Fake Google and Cloudflare verification pages spread multiple malware families
Updated July 6 to add connections with SyncTDS and TrafficTDS ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices. A single...
Vim 9.1.1784 < 9.2.0678 Command Injection (GHSA-x5fg-h5w9-9frf)
The version of Vim installed on the remote host is between 9.1.1784 and 9.2.0678 exclusive. It is, therefore, affected by a vulnerability. - When the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds the...
VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer
Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity has been codenamed VEILDROP by Securonix. It's suspected that the initial payloads are distributed...
Linux Distros Unpatched Vulnerability : CVE-2026-57453
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse,...
CVE-2026-13437
Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication tokens via App Tokens serialized in plaintext in job API...
CVE-2026-13437
Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication tokens via App Tokens serialized in plaintext in job API...