CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/01 4:3 p.m.•12 views

CVE-2026-10180

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...

6.5CVSS5.6AI score0.0105EPSS

Exploits0References1

OSV•added 2026/06/01 3:38 p.m.•11 views

MAL-2026-5123 Malicious code in imgmatrix-analysis (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2a9f964e4264c7bcc91047fdfb9966b1ae807e1e60fafa559d5543ed6e3dc83e During import, the package executes remote commands sourced from a Google Sheet. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

6AI score

Exploits0References1

NVD•added 2026/06/01 4:16 a.m.•14 views

CVE-2026-10219

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component writefile Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. T...

7.5CVSS0.01336EPSS

CVE•added 2026/06/01 3:15 a.m.•20 views

CVE-2026-10219

CVE-2026-10219 affects NextLevelBuilder GoClaw up to version 3.11.3. The vulnerability lies in the function FsBridge.WriteFile (internal/sandbox/fsbridge.go) where manipulation can cause an OS command injection. The issue is exploitable remotely and an exploit has been made public. A patch is not...

Vulnrichment•added 2026/06/01 3:15 a.m.•9 views

CVE-2026-10219 nextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injection

EUVD•added 2026/06/01 3:15 a.m.•10 views

EUVD-2026-33540

ATTACKERKB•added 2026/06/01 3:15 a.m.•7 views

CVE-2026-10219

Exploits0References7Affected Software1

Cvelist•added 2026/06/01 3:15 a.m.•38 views

CVE-2026-10219 nextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injection

7.5CVSS0.01336EPSS

CVE•added 2026/06/01 2:0 a.m.•27 views

CVE-2026-10214

The CVE affects zhayujie chatgpt-on-wechat Bash Tool (up to 2.0.8). The vulnerability is in agent/tools/bash/bash.py, _get_safety_warning, enabling os command injection via manipulated input and allowing remote exploitation. Exploit code is public (PoC), with the patch in version 2.0.9 (commit 16...

Positive Technologies•added 2026/06/01 12:0 a.m.•17 views

PT-2026-45251

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component write file Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely...

Positive Technologies•added 2026/06/01 12:0 a.m.•15 views

PT-2026-45246

A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the function get safety warning of the file agent/tools/bash/bash.py of the component Bash Tool. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit...

CNNVD•added 2026/06/01 12:0 a.m.•10 views

goclaw 操作系统命令注入漏洞

Goclaw is an open-source multi-tenant AI agent platform developed by Next Level Builder. Goclaw versions 3.11.3 and earlier contained a vulnerability related to operating system command injection. This vulnerability originated from the FsBridge.WriteFile function in the internal/sandbox/fsbridge....

7.5CVSS7.7AI score0.01336EPSS

CNNVD•added 2026/06/01 12:0 a.m.•8 views

CowAgent 操作系统命令注入漏洞

CowAgent is an intelligent assistant and scalable agent framework developed by zhayujie’s individual developer. Versions of CowAgent 2.0.8 and earlier had a vulnerability related to operating system command injection. This vulnerability stems from the getsafetywarning function in the...

7.5CVSS7.7AI score0.01336EPSS