CVE-2026-26318 systeminformation has Command Injection via Unsanitized `locate` Output in `versions()`

systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized locate output in versions. Version 5.31.0 fixes the issue...

PT-2022-6875 · Tildeslash +4 · Tildeslash Monit +4

Name of the Vulnerable Software and Affected Versions: Tildeslash Monit versions prior to 5.31.0 Description: An issue in Tildeslash Monit allows remote attackers to gain escalated privileges due to improper PAM-authorization. The vulnerability is related to the PAMcheckPasswd function, which has...