CVE-2026-27130 Dokploy has Command Injection in its Service Operations

Dokploy is a free, self-hostable Platform as a Service PaaS. Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application...

CVE-2026-27130 Dokploy has Command Injection in its Service Operations

Dokploy is a free, self-hostable Platform as a Service PaaS. Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application...

EUVD-2025-34161

A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...

EUVD-2022-2504

Malicious code in bioql PyPI...

GHSA-55J7-F5WF-43M4 Remote web-service operation execution in Apache CXF

Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body...

Red Hat Ceph Security Vulnerability

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system without a single point of failure based on POSIX Portable Operating System Interface, enabling fault-tolerant and seamless replication of data. A...