CVE-2026-44848 Portainer: Missing authorization on Docker plugin endpoints allows host RCE

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...

CVE-2026-45344 LinkAce: Setup database password newline injection enables pre-auth RCE on uninitialized instances

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

CVE-2026-45344 LinkAce: Setup database password newline injection enables pre-auth RCE on uninitialized instances

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

CVE-2026-45344

LinkAce suffers a pre-auth RCE via setup flow on uninitialized instances. Before version 2.5.6, the setup database configuration flow accepts attacker-controlled database credentials and writes them into the .env file without proper escaping. A remote attacker who can reach the setup endpoints an...

CVE-2026-9645

Technical details about CVE-2026-9645 are not publicly available in the provided documents. No explicit affected product/version or root cause is disclosed here. Monitor for updates from the sources.

CVE-2026-9645 ScadaBR Authenticated Remote Code Execution

Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are executed as root...

CVE-2026-9645 ScadaBR Authenticated Remote Code Execution

Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are executed as root...

CVE-2026-9498

A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...

CVE-2026-37713

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php...

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

CVE-2026-40034

gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...

Exploit for CVE-2026-8832

EXPLOIT CVE-2026-8832 !Bannerhttps://img.shields.io/badge/...

GHSA-GG2G-P7XC-QQMM compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)

A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...

compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)

A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...

EUVD-2026-32979

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

CVE-2026-4944 Hardcoded trust_remote_code=True in vllm-project/vllm Bypasses User Security Control

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

CVE-2026-4944

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

CVE-2026-4944

The provided documents describe a vulnerability in vllm-project/vllm version 0.14.1 where trust_remote_code is hardcoded to True in nemotron_vl.py and kimi_k25.py, bypassing user-specified --trust-remote-code=False and enabling remote code execution via malicious HuggingFace model repositories. T...

CVE-2026-4944 Hardcoded trust_remote_code=True in vllm-project/vllm Bypasses User Security Control

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

CVE-2026-45311 CodeWhale: run_tests Tool Enables RCE via Malicious Repository Without Approval

CodeWhale is a DeepSeek + MiMo coding agent in terminal. From 0.3.0 to 0.8.23, the runtests tool executes cargo test in the workspace with ApprovalRequirement::Auto, meaning it runs without any user approval prompt. cargo test compiles and executes arbitrary code: test binaries, build.rs build...