PT-2026-41570

Name of the Vulnerable Software and Affected Versions vercel ai versions prior to 3.0.98 Description An OS command injection issue exists in the PR Branch Name Interpolation component. The flaw is located within the run function of the .github/workflows/prettier-on-automerge.yml file. This allows...

SUSE CVE-2026-43904

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 mixed RLE and :345 pure RLE do not clamp the run length to remaining scanline width before writing pixels. The r...

GHSA-MXG3-432P-MR72 goshs: SSH host key verification disabled, allowing transparent MITM of every tunnelled HTTP request

Summary The --tunnel / -t flag opens an outbound SSH connection to localhost.run:22 with HostKeyCallback: ssh.InsecureIgnoreHostKey. The Go documentation for that function states verbatim: "It should not be used for production code." With the callback disabled the client accepts any host key the...

goshs: SSH host key verification disabled, allowing transparent MITM of every tunnelled HTTP request

Summary The --tunnel / -t flag opens an outbound SSH connection to localhost.run:22 with HostKeyCallback: ssh.InsecureIgnoreHostKey. The Go documentation for that function states verbatim: "It should not be used for production code." With the callback disabled the client accepts any host key the...

CVE-2026-45035

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

CVE-2026-45035 Tabby: RCE via `tabby://run` URL Scheme

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

CVE-2026-45035

CVE-2026-45035 (Tabby): Before version 1.0.233, Tabby registered a tabby:// URL scheme handler that can run arbitrary OS commands without user confirmation, sanitization, or sandboxing. An attacker can craft a malicious tabby://run?command=... link and deliver it via websites, email, or chat; whe...

CVE-2026-45035 Tabby: RCE via `tabby://run` URL Scheme

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

CVE-2026-45035

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

EUVD-2026-30568

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

CVE-2026-45803

gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...

CVE-2026-45803

GitHub CLI (gh) vulnerability: from v1.6.0 to before v2.92.0, terminal escape sequences could be injected via workflow logs when using gh run view --log or --log-failed, due to unsanitized raw log output. An attacker controlling Actions logs (e.g., PR-triggered workflows) could cause terminal man...

CVE-2026-43904

A flaw was found in OpenImageIO. When processing a specially crafted .pic image file, the software fails to properly clamp the run length during Run Length Encoding RLE image processing. This oversight can lead to a heap overflow, allowing a remote attacker to potentially execute arbitrary code,...

CVE-2026-43903

A flaw was found in OpenImageIO. A remote attacker could exploit this vulnerability by providing a specially crafted .sgi image file. This file, with a Run-Length Encoding RLE count exceeding the scanline width, can cause a heap buffer overflow. Successful exploitation leads to a denial of servic...

Information Disclosure

Argo CD is vulnerable to Information Exposure. The vulnerability is due to missing authorization and insufficient data masking in the ServerSideDiff endpoint, which allows an attacker with read-only access to extract plaintext Kubernetes Secret data through the Server-Side Apply dry-run mechanism...

azure-ai-generative (>=1.0.0b1 <=1.0.0b3), azure-ai-resources (>=1.0.0b1 <=1.0.0b9) +15 more potentially affected by CVE-2026-2652 via mlflow-skinny (>=3.0.0 <=3.0.1)

mlflow-skinny PYPI version =3.0.0, =1.0.0b1, =1.0.0b1, =0.1.0, =0.1.0, =2.5.0, =0.0.13, =3.0.0, =0.1.0, =0.1.4 and more Source cves: CVE-2026-2652 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-16698136...

PT-2026-41320

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

CVE-2026-39052

Oinone Pamirs 7.0.0 contains a code execution vulnerability via ScriptRunner. The method ScriptRunner.runString expression, String type, Map context evaluates attacker-controlled script expressions through the underlying script engine without sandboxing or allowlist restrictions...

Arbitrary Code Injection

Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Arbitrary Code Injection via the runtests process. An attacker can execute arbitrary code by introducing malicious test code into a...

DeepSeek TUI: run_tests Tool Enables RCE via Malicious Repository Without Approval

Summary The runtests tool executes cargo test in the workspace with ApprovalRequirement::Auto, meaning it runs without any user approval prompt. The source code explicitly states this design choice: rust fn approvalrequirement&self - ApprovalRequirement // Tests are encouraged, so avoid gating th...