Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-44604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified...

7CVSS6.1AI score0.00547EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 8:16 a.m.8 views

DEBIAN-CVE-2026-44604

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS6AI score0.00547EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 8:16 a.m.12 views

CVE-2026-44604

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS0.00547EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/28 5:59 a.m.38 views

CVE-2026-44604 Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS0.00547EPSS
Exploits0References3
CVE
CVE
added 2026/05/28 5:59 a.m.24 views

CVE-2026-44604

CVE-2026-44604 affects the RPM rpmuncompress utility. The vulnerability arises when extracting ZIP, 7z, or GEM archives to a destination directory: the archive’s top-level folder name is inserted into a shell command without proper sanitization, allowing a crafted archive with shell metacharacter...

7CVSS6AI score0.00547EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/28 5:59 a.m.16 views

CVE-2026-44604

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS6AI score0.00547EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/28 5:59 a.m.14 views

CVE-2026-44604 Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS6AI score0.00547EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/28 5:59 a.m.11 views

EUVD-2026-32726

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS6AI score0.00547EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/28 5:59 a.m.8 views

CVE-2026-44604

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS6AI score0.00547EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

rpm 操作系统命令注入漏洞

rpm is a powerful command-line-driven package management tool from the rpm organization. It is used for installing, uninstalling, verifying, querying, and updating software packages on Linux systems. rpm has a vulnerability related to operating system command injection. This vulnerability arises...

7CVSS6.1AI score0.00547EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44197

Name of the Vulnerable Software and Affected Versions RPM affected versions not specified Description A command injection issue exists in the rpmuncompress utility. When extracting ZIP, 7z, or GEM archive formats to a destination directory, the tool fails to sanitize the top-level folder name...

7CVSS6.1AI score0.00547EPSS
Exploits0References14
Rows per page
Query Builder