Lucene search
K

5 matches found

Veracode
Veracode
added 2026/05/16 5:23 a.m.18 views

Improper Privilege Management

OpenClaude is vulnerable to improper privilege management. The vulnerability is due to the dangerouslyDisableSandbox parameter being exposed in the BashTool input schema, which allows an attacker to use a prompt-injected LLM to disable the sandbox and execute arbitrary commands on the host system...

9.8CVSS6.1AI score0.00544EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/03 11:33 p.m.4 views

CVE-2026-34769

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. Ap...

8.8CVSS5.9AI score0.00295EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/03 11:33 p.m.41 views

CVE-2026-34769

CVE-2026-34769 (Electron) affects Electron versions prior to 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8. An undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. When apps construct webPreferences from external or untrusted i...

8.8CVSS5.9AI score0.00295EPSS
Exploits0References4Affected Software1
0day.today
0day.today
added 2009/01/30 12:0 a.m.20 views

Google Chrome 1.0.154.46 (ChromeHTML://) Parameter Injection PoC

Exploit for unknown platform in category remote exploits ================================================================ Google Chrome 1.0.154.46 ChromeHTML:// Parameter Injection PoC ================================================================ Try this:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/30 12:0 a.m.30 views

Google Chrome 1.0.154.46 - '(ChromeHTML://)' Injection

Try this: chromehtml:"%20--renderer-path="calc"%20--no-sandbox Disabling sandbox does matter : Tested with Google Chrome Chrome 1.0.154.46 on Win XP/Vista and IE6/IE7 and it works ... Full PoC: Chrome URI Handler Remote Command Execution PoC This is a test milw0rm.com 2009-01-30...

7.4AI score
Exploits0
Rows per page
Query Builder