Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/08 2:53 a.m.6 views

CVE-2026-41500

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an...

9.8CVSS5.8AI score0.01572EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/08 2:53 a.m.10 views

EUVD-2026-28496

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an...

9.8CVSS5.8AI score0.01572EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/08 2:53 a.m.10 views

CVE-2026-41500 electerm has Command Injection Vulnerability via runMac function

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an...

9.8CVSS5.8AI score0.01572EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Electerm 命令注入漏洞

Electerm is a SSH/SFTP client developed by ZXDong262 from China, based on Electron. Versions of Electerm prior to 3.3.8 contained a command injection vulnerability. This vulnerability stemmed from the runMac function, which directly appends the attacker-controlled releaseInfo.name to the exec...

9.8CVSS5.8AI score0.01572EPSS
Exploits0References1
Rows per page
Query Builder