CVE-2026-45662

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.0 and earlier, the deleteRegistry function in Dokploy packages/server/src/services/registry.ts executes docker logout $response.registryUrl without shell escaping. In the same file, the docker login command correctly uses shEsca...

CVE-2026-45662 Dokploy: Command Injection via incomplete shell escaping in docker logout (registry deletion)

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.0 and earlier, the deleteRegistry function in Dokploy packages/server/src/services/registry.ts executes docker logout $response.registryUrl without shell escaping. In the same file, the docker login command correctly uses shEsca...

CVE-2026-45662

Dokploy (PaaS) vulnerability CVE-2026-45662 affects deleteRegistry in packages/server/src/services/registry.ts. In 0.29.0 and earlier, docker logout ${response.registryUrl} is executed without shell escaping, while docker login uses shEscape() to prevent injection. This inconsistency enables a po...

CVE-2025-41067 Reachable Assertion vulnerability in Open5GS

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF's own registry causes a check that ends up crashing the NRF process and renders the discovery service unavailable...

CVE-2025-41067

CVE-2025-41067 affects Open5GS NRF (Network Repository Function) up to version 2.7.6. A reachable assertion can be triggered by an SBI request that deletes the NRF’s own registry, crashing the NRF process and rendering the discovery service unavailable (DoS). A PoC exploit for this vulnerability ...

PT-2025-43948

Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.5 Description A flaw exists in Open5GS that allows for a denial of service. An attacker with network access to the Network Repository Function NRF can send a specific SBI request designed to delete the NRF’s own...

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. An elevation of privilege vulnerability exists in Trend Micro Apex One, which can be exploited by attackers to delete the registry...

WEM deletes registry set by a GPO

Administrator restricted some application execution say PowerShell, Command Prompt through Group Policy which sets following registry and WEM delets it. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun...

AutoResponder - Carbon Black Response IR Tool

What is it? AutoResponder is a tool aimed to help people to carry out their Incident Response tasks WITH the help of Carbon Black Response's awesome capabilities and WITHOUT much bothering IT/System/Network Teams What can it do? Module | ✔️ / ❌ ---|--- Delete Files | ✔️ Delete Registry Values | ✔️...

Hackers Targeting Servers Running Database Services for Mining Cryptocurrency

Security researchers have discovered multiple attack campaigns conducted by an established Chinese criminal group that operates worldwide, targeting database servers for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. The researchers from security firm GuardiCore...

Real free－cafe hack talk-vulnerability warning-the black bar safety net

First the wordy a few words, a lot of people think that in boot into DOS to delete the system startup cafe management software you can, in fact, if the good points of the Internet cafe management software will be in your deleted it, re-loading, or some in the registry under the Hide on mouse lock...