Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3860 matches found

NVD
NVDadded 2026/04/26 10:17 p.m.6 views

CVE-2026-7058

A vulnerability has been found in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.sendcommand of the file backend/app/services/simulationipc.py of the component Inter-Process Communication. Such manipulation leads to command injection. It is possible to launc...

7.5CVSS0.01338EPSS
Exploits0References5
NVD
NVDadded 2026/04/26 10:17 p.m.2 views

CVE-2026-7061

A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. This manipulation causes os command injection. Remote exploitation of the attack is possible. The...

7.5CVSS0.01353EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/04/26 10:15 p.m.3 views

CVE-2026-7062 Intina47 context-sync Git Integration git-integration.ts os command injection

A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation leads to os command injection. The attack can be executed remotely. The exploit has been disclosed...

7.5CVSS6.9AI score0.01368EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/04/26 10:15 p.m.2 views

CVE-2026-7062

A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation leads to os command injection. The attack can be executed remotely. The exploit has been disclosed...

7.5CVSS5.1AI score0.01368EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2026/04/26 10:15 p.m.16 views

CVE-2026-7062

Technical details (affected products, components, patch info) are not publicly available in the provided documents. Monitor for updates.

7.5CVSS7AI score0.01368EPSS
Exploits0References6
EUVD
EUVDadded 2026/04/26 10:15 p.m.6 views

EUVD-2026-25732

A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation leads to os command injection. The attack can be executed remotely. The exploit has been disclosed...

7.5CVSS5.1AI score0.01368EPSS
Exploits0References6
NVD
NVDadded 2026/04/26 12:16 p.m.6 views

CVE-2026-7037

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed...

10CVSS0.01785EPSS
Exploits0References5
CVE
CVEadded 2026/04/26 11:45 a.m.6 views

CVE-2026-7037

Totolink A8000RU 7.1cu.643_b20200521 is affected by a vulnerability in the CGI Handler at /cgi-bin/cstecgi.cgi, function setVpnPassCfg. Manipulation of the pptpPassThru argument enables OS command injection, with remote execution possible. The exploit is publicly released and can be used for atta...

10CVSS8.2AI score0.01785EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/26 11:45 a.m.31 views

CVE-2026-7037 Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed...

10CVSS0.01785EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.7 views

PT-2026-35220

Name of the Vulnerable Software and Affected Versions Totolink A8000RU version 7.1cu.643 b20200521 Description An OS command injection flaw exists in the CGI Handler component. Remote, unauthenticated attackers can execute arbitrary operating system commands by manipulating the pptpPassThru...

10CVSS7.5AI score0.01785EPSS
Exploits0References13
NVD
NVDadded 2026/04/25 6:16 p.m.3 views

CVE-2026-6992

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS0.06058EPSS
Exploits1References5
NVD
NVDadded 2026/04/25 6:16 p.m.4 views

CVE-2026-6989

A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

8.8CVSS0.02895EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/04/25 6:0 p.m.2 views

CVE-2026-6992

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS6.9AI score0.06058EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/04/25 6:0 p.m.34 views

CVE-2026-6992 Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS0.06058EPSS
Exploits1References5
CVE
CVEadded 2026/04/25 5:15 p.m.11 views

CVE-2026-6989

CVE-2026-6989 affects Tenda F453 firmware up to version 1.0.0.3. The vulnerable component is the Telnet Service, specifically the TendaTelnet function in /goform/telnet. Successful exploitation enables command injection via a remote network attack without user interaction, with attackers possibly...

8.8CVSS6.2AI score0.02895EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2026/04/25 4:45 p.m.1 views

EUVD-2026-25663

A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The project was informed o...

7.5CVSS5.2AI score0.03132EPSS
Exploits1References4
NVD
NVDadded 2026/04/25 2:16 p.m.7 views

CVE-2026-6980

A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repopath of the file main.py. Such manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been...

7.5CVSS0.01694EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/25 1:0 p.m.32 views

CVE-2026-6980 Divyanshu-hash GitPilot-MCP main.py repo_path command injection

A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repopath of the file main.py. Such manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been...

7.5CVSS0.01694EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/25 1:0 p.m.3 views

EUVD-2026-25656

A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repopath of the file main.py. Such manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been...

7.5CVSS7.1AI score0.01694EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/04/25 12:0 a.m.5 views

PT-2026-35165

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS6.9AI score0.06058EPSS
Exploits1References6
Rows per page
Query Builder