Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

281 matches found

EUVD
EUVDadded 4 hours ago4 views

EUVD-2026-38571

@rtk-ai/rtk-rewrite transparently rewrites shell commands executed via OpenClaw's exec tool to their RTK equivalents. In 1.0.0, the @rtk-ai/rtk-rewrite OpenClaw plugin passes attacker-controlled input directly into a shell-backed execSync template string without shell-safe escaping. JSON.stringif...

6.3CVSS6.2AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/26 8:0 p.m.6 views

CVE-2026-44449 Lumiverse: SMB `exists()` basename injection via smbclient `!cmd` escape

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPathfullPath call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation...

9.1CVSS6AI score0.00451EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/05/21 8:22 p.m.9 views

Snappy: Binary path is never shell-escaped due to an inverted is_executable check

Impact On POSIX, escapeshellarg‘/usr/bin/wkhtmltopdf’ returns the literal string ‘/usr/bin/wkhtmltopdf’ with the single-quote characters included. isexecutable then looks for a file whose actual name contains those quote characters, which essentially never exists. The safe branch is dead code and...

7.5CVSS6AI score0.00147EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessusadded 2026/05/09 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: rubygem-rack (UTSA-2026-017387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017387 advisory. A sequence injection vulnerability exists in Rack 2.0.9.1, 2.1.4.1 and 2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components o...

10CVSS5.8AI score0.01801EPSS
Exploits0References4
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.5 views

Astra Linux – Vulnerability in Ruby-Rack

A sequence injection vulnerability exists in Rack versions 2.0.9.1, 2.1.4.1, and 2.2.3.1. This vulnerability could allow for shell escapes in the Lint and CommonLogger components of Rack...

10CVSS6.7AI score0.01801EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/04/30 2:25 a.m.5 views

SUSE CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

6.5CVSS5.3AI score0.0017EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/04/28 3:1 p.m.2 views

CVE-2026-41526

A flaw was found in KDE KCoreAddons. The KShell::quoteArgs function, intended to safely quote arguments for shell commands, does not properly handle special characters. This vulnerability allows an attacker to inject control characters, such as \x01, leading to an escape from the shell...

7.8CVSS5.7AI score0.0017EPSS
Exploits0References2
OSV
OSVadded 2026/04/28 8:16 a.m.2 views

DEBIAN-CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

7.8CVSS5.4AI score0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/28 12:0 a.m.6 views

CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

6.5CVSS5.3AI score0.0017EPSS
Exploits0References5
CVE
CVEadded 2026/04/28 12:0 a.m.17 views

CVE-2026-41526

In KDE KCoreAddons prior to 6.25, the KShell::quoteArgs function intended to safely quote arguments for shell commands does not correctly handle metacharacters, enabling possible shell escapes. The issue affects applications using this path to process user input in security-critical contexts, not...

7.8CVSS5.4AI score0.0017EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/04/28 12:0 a.m.28 views

CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

6.5CVSS0.0017EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2026/04/28 12:0 a.m.4 views

CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

7.8CVSS5.4AI score0.0017EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/03/26 2:56 p.m.3 views

CVE-2019-25483

Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...

8.6CVSS6AI score0.00128EPSS
Exploits0References1
OpenVAS
OpenVASadded 2026/03/17 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1581)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS5.8AI score0.015EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/11 9:31 p.m.3 views

EUVD-2019-19761

Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...

8.6CVSS6AI score0.00128EPSS
Exploits0References3
NVD
NVDadded 2026/03/11 7:16 p.m.3 views

CVE-2019-25483

Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...

8.6CVSS0.00128EPSS
Exploits0References2
CVE
CVEadded 2026/03/11 6:23 p.m.6 views

CVE-2019-25483

The CVE-2019-25483 entry concerns the Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k device, where a restricted shell escape vulnerability allows local users to bypass command restrictions via the command substitution operator $( ). Attackers can inject arbitrary commands through $( ) when pa...

8.6CVSS6AI score0.00128EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/03/11 6:23 p.m.4 views

CVE-2019-25483

Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...

8.6CVSS6AI score0.00128EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/03/11 6:23 p.m.26 views

CVE-2019-25483 Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k Restricted Shell Escape

Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...

8.6CVSS0.00128EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/03/11 6:23 p.m.3 views

CVE-2019-25483 Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k Restricted Shell Escape

Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...

8.6CVSS6AI score0.00128EPSS
Exploits0References2
Rows per page
Query Builder