CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/08 2:51 a.m.•11 views

CVE-2026-41501

CVE-2026-41501 affects electerm prior to v3.3.8. The vulnerability resides in npm/install.js:130 where the runLinux() function appends attacker-controlled remote version strings directly into an unvalidated exec("rm -rf ...") command, enabling command injection. Reports across NVD, CVELIST, PT-Se...

9.8CVSS5.8AI score0.00753EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/08 2:51 a.m.•24 views

CVE-2026-41501 electerm has Command Injection Vulnerability via runLinux function

9.8CVSS0.00753EPSS

EUVD•added 2026/05/08 2:51 a.m.•5 views

EUVD-2026-28497

9.8CVSS5.8AI score0.00753EPSS

RedhatCVE•added 2026/04/24 7:16 p.m.•2 views

CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

7.7CVSS5.4AI score0.00016EPSS

EUVD•added 2026/04/22 6:31 p.m.•5 views

EUVD-2026-25008

A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fails to recognize equivalent paths with trailing slashes, such as ./ or .///. An accidental or...

5.6CVSS6AI score0.00008EPSS

Exploits1References2

Github Security Blog•added 2026/04/22 6:31 p.m.•4 views

uutils coreutils has a Link Following Issue Via rm Utility

7.7CVSS5.4AI score0.00016EPSS

Exploits0References5Affected Software1

OSV•added 2026/04/22 6:31 p.m.•3 views

GHSA-V762-X3CF-5MFG uutils coreutils has a Link Following Issue Via rm Utility

NVD•added 2026/04/22 5:16 p.m.•2 views

Exploits0References5

CVE-2026-35363

5.6CVSS0.00008EPSS

Exploits1References1

NVD•added 2026/04/22 5:16 p.m.•0 views

CVE-2026-35349

7.7CVSS0.00016EPSS

UbuntuCve•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-35363

5.6CVSS5.9AI score0.00008EPSS

Exploits1References2

UbuntuCve•added 2026/04/22 5:16 p.m.•3 views

CVE-2026-35349

7.7CVSS5.8AI score0.00016EPSS

OSV•added 2026/04/22 5:16 p.m.•0 views

UBUNTU-CVE-2026-35363

5.6CVSS5.9AI score0.00008EPSS

Exploits1References3

Debian CVE•added 2026/04/22 4:8 p.m.•1 views

CVE-2026-35363

5.6CVSS5.7AI score0.00008EPSS

Exploits1

Cvelist•added 2026/04/22 4:8 p.m.•22 views

CVE-2026-35363 uutils coreutils rm Safeguard Bypass via Improper Path Normalization

5.6CVSS0.00008EPSS

Exploits1References1

Vulnrichment•added 2026/04/22 4:7 p.m.•2 views

CVE-2026-35349 uutils coreutils Path-Based Safety Bypass with --preserve-root

ATTACKERKB•added 2026/04/22 4:7 p.m.•1 views

CVE-2026-35349

Debian CVE•added 2026/04/22 4:7 p.m.•2 views

CVE-2026-35349

7.7CVSS5.4AI score0.00016EPSS

Exploits0

Positive Technologies•added 2026/04/22 12:0 a.m.•3 views

PT-2026-34485

Tenable Nessus•added 2026/04/22 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-35349

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than...

7.7CVSS5.8AI score0.00016EPSS