Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3860 matches found

Cvelist
Cvelistadded 2026/05/02 9:0 a.m.38 views

CVE-2026-7609 TRENDnet TEW-821DAP Firmware Udpate diagnostic tools_diagnostic os command injection

A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function toolsdiagnostic of the file /tmp/diagnostic of the component Firmware Udpate. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been publish...

6.5CVSS0.04123EPSS
Exploits1References4
EUVD
EUVDadded 2026/05/02 9:0 a.m.2 views

EUVD-2026-26773

A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function toolsdiagnostic of the file /tmp/diagnostic of the component Firmware Udpate. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been publish...

6.5CVSS6.2AI score0.04123EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/05/02 9:0 a.m.2 views

CVE-2026-7609

A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function toolsdiagnostic of the file /tmp/diagnostic of the component Firmware Udpate. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been publish...

6.5CVSS6.2AI score0.04123EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blogadded 2026/05/02 3:31 a.m.6 views

yii2-mcp-server has a Command Injection Issue

A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yiicommandhelp/yiiexecutecommand of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been publish...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References8Affected Software1
NVD
NVDadded 2026/05/02 1:16 a.m.5 views

CVE-2026-7600

A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yiicommandhelp/yiiexecutecommand of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been publish...

6.5CVSS0.0111EPSS
Exploits0References6
CVE
CVEadded 2026/05/02 12:15 a.m.19 views

CVE-2026-7600

ArtMin96 yii2-mcp-server 1.0.2 is affected. The vulnerability resides in the MCP Interface’s src/index.ts, specifically the yii_command_help/yii_execute_command functions, enabling remote os command injection. Attack requires no authentication and can be exploited remotely; an exploit has been pu...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/05/02 12:0 a.m.4 views

PT-2026-36601

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP versions prior to 1.12B01 Description A flaw in the Firmware Update component allows remote OS command injection. The issue exists within the tools diagnostic function located in the /tmp/diagnostic file. This allows a remo...

6.5CVSS6.9AI score0.04123EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2026/05/02 12:0 a.m.3 views

PT-2026-36619

A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/05/02 12:0 a.m.3 views

PT-2026-36552

A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yii command help/yii execute command of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/05/02 12:0 a.m.6 views

PT-2026-36615

A vulnerability was detected in crazyrabbitLTC mcp-code-review-server up to 0.1.0. This issue affects the function executeRepomix of the file src/repomix.ts of the component RepoMix Command Handler. Performing a manipulation results in command injection. The attack may be initiated remotely. The...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/05/02 12:0 a.m.5 views

PT-2026-36624

A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function download website of the file src/index.ts of the component MCP Interface. Performing a manipulation of the argument outputPath results in os command injection. The attack may be initiated remotely. T...

6.5CVSS6.4AI score0.0134EPSS
Exploits0References7
NVD
NVDadded 2026/05/01 9:16 p.m.2 views

CVE-2026-7593

A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. This impacts the function executecommand of the file src/index.ts of the component MCP Interface. The manipulation leads to os command injection. Remote exploitation of the attack is possible. T...

7.5CVSS0.01362EPSS
Exploits0References5
CVE
CVEadded 2026/05/01 8:15 p.m.12 views

CVE-2026-7593

CVE-2026-7593 affects Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. The vulnerability resides in the MCP Interface’s function execute_command (src/index.ts), enabling an attacker to perform OS command injection . Remote exploitation is possible, with public disclosures already availabl...

7.5CVSS6.6AI score0.01362EPSS
Exploits0References5
NVD
NVDadded 2026/05/01 7:16 p.m.4 views

CVE-2026-7590

A vulnerability was identified in eyal-gor p69branchmonkeymcp up to 69bc71874ce40050ef45fde5a435855f18af3373. The affected element is an unknown function of the file branchmonkeymcp/bridgeandlocalactions/routes/advanced.py of the component Preview Endpoint. Such manipulation of the argument...

7.5CVSS0.01366EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/01 6:45 p.m.4 views

CVE-2026-7590

A vulnerability was identified in eyal-gor p69branchmonkeymcp up to 69bc71874ce40050ef45fde5a435855f18af3373. The affected element is an unknown function of the file branchmonkeymcp/bridgeandlocalactions/routes/advanced.py of the component Preview Endpoint. Such manipulation of the argument...

7.5CVSS6.8AI score0.01366EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/01 6:45 p.m.2 views

CVE-2026-7590 eyal-gor p_69_branch_monkey_mcp Preview Endpoint advanced.py os command injection

A vulnerability was identified in eyal-gor p69branchmonkeymcp up to 69bc71874ce40050ef45fde5a435855f18af3373. The affected element is an unknown function of the file branchmonkeymcp/bridgeandlocalactions/routes/advanced.py of the component Preview Endpoint. Such manipulation of the argument...

7.5CVSS6.8AI score0.01366EPSS
Exploits0References5
CVE
CVEadded 2026/05/01 6:45 p.m.11 views

CVE-2026-7590

The CVE concerns eyal-gor p_69_branch_monkey_mcp (up to commit 69bc71874ce40050ef45fde5a435855f18af3373) with a vulnerability in the Preview Endpoint. The affected element is an unknown function in branch_monkey_mcp/bridge_and_local_actions/routes/advanced.py; manipulating the dev_script argument...

7.5CVSS6.8AI score0.01366EPSS
Exploits0References5
NVD
NVDadded 2026/05/01 3:16 a.m.3 views

CVE-2026-7548

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...

9CVSS0.01485EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/01 2:30 a.m.29 views

CVE-2026-7548 Totolink NR1800X cstecgi.cgi sub_41A68C command injection

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...

9CVSS0.01485EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/01 2:30 a.m.4 views

CVE-2026-7548 Totolink NR1800X cstecgi.cgi sub_41A68C command injection

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...

9CVSS7.1AI score0.01485EPSS
Exploits0References5
Rows per page
Query Builder