25876 matches found
Mesop AI Sandbox <= 1.2.2 - Remote Code Execution
Mesop = 1.2.2 contains an unrestricted remote code execution caused by unauthenticated ingestion and execution of base64-encoded Python code in the /exec-py endpoint of ai/testing module, letting attackers execute arbitrary commands on the host, exploit requires HTTP access to the server. id:...
NocoBase - VM Sandbox Escape to Remote Code Execution
NocoBase Workflow Script Node executes user-supplied JavaScript inside a Node.js vm sandbox with a custom require allowlist controlled by WORKFLOWSCRIPTMODULES env var. The console object passed into the sandbox context exposes host-realm WritableWorkerStdio stream objects via console.stdout and...
Jenkins Script Security Plugin <=1.49 - Sandbox Bypass
A sandbox bypass vulnerability exists in the Jenkins Script Security Plugin versions 1.49 and earlier within src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java. This flaw allows attackers with permission to submit sandboxed scripts to execute arbitrary code on th...
CVE-2026-62201
OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that...
CVE-2026-62237
CVE-2026-62237 affects Grav before 2.0.4. The vulnerability is a ReDoS in the regex_replace filter and function that are allowlisted in the Twig content sandbox. When Twig processing of page content is enabled (security.twig_content.process_enabled: true), an authenticated page editor can supply ...
EUVD-2026-45083
Grav before 2.0.4 contains a regular expression denial of service ReDoS vulnerability in the regexreplace filter and function, which are allowlisted in the Twig content sandbox. When Twig processing in page content is enabled security.twigcontent.processenabled: true, disabled by default, an...
EUVD-2026-45090
OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that...
CVE-2026-62201
OpenClaw prior to version 2026.6.6 contains a network policy bypass in the sandbox exec-server that lets lower-trust callers reach internal network destinations blocked by policy. Attackers can send HTTP requests through the exec-server to access restricted network resources. The CVE description ...
CVE-2026-46621
Yamcs is a mission control framework. Prior to 5.12.7, the Yamcs script evaluation engine for Python algorithms dynamically compiled and evaluated user-controlled algorithm text using Jython through the JSR-223 ScriptEngine API without enforcing a secure sandbox, so an authenticated user with the...
CVE-2026-43725
A flaw was found in WebKitGTK. A malicious website can process restricted web content outside the sandbox due to improper input validation, potentially allowing access to resources that should be restricted...
CVE-2026-43701
A flaw was found in WebKitGTK. A malicious website can process restricted web content outside the sandbox due to improper checks, potentially allowing access to resources that should be restricted...
CVE-2026-5674
CVE-2026-5674 describes a vulnerability in PipeWire where the PulseAudio compatibility layer can be abused to escape sandboxed environments (e.g., Flatpak). An attacker with minimal sandbox permissions can load a malicious library, enabling arbitrary code execution outside the sandbox and potenti...
EUVD-2026-44925
A flaw was found in PipeWire, a multimedia server. This vulnerability allows an attacker to escape sandboxed applications, such as Flatpak, by exploiting PipeWire's PulseAudio compatibility layer. An attacker with minimal permissions within a sandboxed environment can load a malicious library,...
CVE-2026-5674
A flaw was found in PipeWire, a multimedia server. This vulnerability allows an attacker to escape sandboxed applications, such as Flatpak, by exploiting PipeWire's PulseAudio compatibility layer. An attacker with minimal permissions within a sandboxed environment can load a malicious library,...
NestJS DevTools Integration - Remote Code Execution
Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...
Linux Distros Unpatched Vulnerability : CVE-2026-15769
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who had...
Linux Distros Unpatched Vulnerability : CVE-2026-15774
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a...
CVE-2026-45313
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. Prior to 1.17.6, GuiServer::WndHookRegisterSlave in Sandboxie/core/svc/GuiServer.cpp stores attacker-supplied hthread and hproc fields from a GUIWNDHOOKREGISTER request without validating that the thread belongs to the...
CVE-2026-45313
Summary: Sandboxie-Plus on Windows contains a local privilege escalation in GuiServer.cpp prior to v1.17.6. The GuiServer::WndHookRegisterSlave handler stores attacker-supplied hthread and hproc from GUI_WND_HOOK_REGISTER without validating thread belonging to the sandbox or the function pointer’...
CVE-2026-45313 Sandboxie-Plus: Sandboxie APC Injection Sandbox Escape
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. Prior to 1.17.6, GuiServer::WndHookRegisterSlave in Sandboxie/core/svc/GuiServer.cpp stores attacker-supplied hthread and hproc fields from a GUIWNDHOOKREGISTER request without validating that the thread belongs to the...