Lucene search
+L

8 matches found

nvd
nvd
added 2026/05/27 11:16 p.m.15 views

CVE-2026-45322

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in the shell action replay path. In affected releases, ShellReceiver.runshell passes a command string...

7.8CVSS0.01722EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/27 9:32 p.m.40 views

CVE-2026-45322 OS Command Injection in Microsoft UFO Shell Action Replay via Stored Session JSON

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in the shell action replay path. In affected releases, ShellReceiver.runshell passes a command string...

7.8CVSS0.01722EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/27 9:32 p.m.12 views

CVE-2026-45322

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in the shell action replay path. In affected releases, ShellReceiver.runshell passes a command string...

7.8CVSS5.7AI score0.01722EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/05/27 9:32 p.m.10 views

CVE-2026-45322 OS Command Injection in Microsoft UFO Shell Action Replay via Stored Session JSON

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in the shell action replay path. In affected releases, ShellReceiver.runshell passes a command string...

7.8CVSS5.7AI score0.01722EPSS
Exploits0References1
euvd
euvd
added 2026/05/27 9:32 p.m.12 views

EUVD-2026-32671

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in the shell action replay path. In affected releases, ShellReceiver.runshell passes a command string...

7.8CVSS5.7AI score0.01722EPSS
Exploits0References1
cve
cve
added 2026/05/27 9:32 p.m.19 views

CVE-2026-45322

CVE-2026-45322 affects Microsoft UFO (open-source framework for intelligent automation) up to v3.0.0. The issue is an OS command injection in the shell action replay path: ShellReceiver.run_shell() takes a command string from action parameters and passes it to subprocess.Popen() with shell=True a...

7.8CVSS5.7AI score0.01722EPSS
Exploits0References1
osv
osv
added 2026/05/27 9:32 p.m.3 views

CVE-2026-45322 OS Command Injection in Microsoft UFO Shell Action Replay via Stored Session JSON

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in the shell action replay path. In affected releases, ShellReceiver.runshell passes a command string...

7.8CVSS5.9AI score0.01722EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/03/05 12:0 a.m.9 views

PT-2026-23615

Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.11.1 Description OliveTin allows access to predefined shell commands from a web interface. A flaw exists in the RestartAction functionality where a low-privileged authenticated user can execute actions they are...

9.9CVSS6.2AI score0.22162EPSS
Exploits70References139
Rows per page
Query Builder