CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

SUSE CVE•added 2026/03/25 12:26 a.m.•5 views

SUSE CVE-2026-29042

Nuclio is a "Serverless" framework for Real-Time Events and Data Processing. Prior to version 1.15.20, the Nuclio Shell Runtime component contains a command injection vulnerability in how it processes user-supplied arguments. When a function is invoked via HTTP, the runtime reads the...

9.8CVSS5.8AI score0.02359EPSS

Exploits1References3

RedhatCVE•added 2026/03/07 7:59 a.m.•4 views

CVE-2026-29042

9.8CVSS5.7AI score0.02359EPSS

Exploits1References1

NVD•added 2026/03/06 7:16 a.m.•6 views

CVE-2026-29042

9.8CVSS0.02359EPSS

Exploits1References4

Vulnrichment•added 2026/03/06 6:57 a.m.•4 views

CVE-2026-29042 Nuclio Shell Runtime Command Injection Leading to Privilege Escalation

9.3CVSS5.7AI score0.02359EPSS

Exploits1References4

ATTACKERKB•added 2026/03/06 6:57 a.m.•5 views

CVE-2026-29042

9.3CVSS5.7AI score0.02359EPSS

Exploits1References5Affected Software1

CVE•added 2026/03/06 6:57 a.m.•11 views

CVE-2026-29042

Technical details about CVE-2026-29042 are not publicly available in the provided connected documents; the included SUSE/PTSecurity items do not discuss Nuclio. Monitor for updates.

9.8CVSS5.9AI score0.02359EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/03/06 6:57 a.m.•32 views

CVE-2026-29042 Nuclio Shell Runtime Command Injection Leading to Privilege Escalation

9.3CVSS0.02359EPSS

Exploits1References4

OSV•added 2026/03/06 6:57 a.m.•5 views

CVE-2026-29042 Nuclio Shell Runtime Command Injection Leading to Privilege Escalation

9.3CVSS5.7AI score0.02359EPSS

Exploits1References6

CNNVD•added 2026/03/06 12:0 a.m.•6 views

Nuclio 安全漏洞

Nuclio is an open-source data processing framework developed by Nuclio. Versions of Nuclio prior to 1.15.20 contained security vulnerabilities. These vulnerabilities stemmed from the Shell Runtime component, which allowed command injection when processing parameters provided by users. This could...

9.8CVSS7.5AI score0.02359EPSS

Exploits1References4

OSV•added 2026/03/04 9:5 p.m.•6 views

GHSA-95FJ-3W7G-4R27 Nuclio Shell Runtime Command Injection Leading to Privilege Escalation

Summary This vulnerability exists in Nuclio's Shell Runtime component, allowing attackers with function invocation permissions to inject malicious commands via HTTP request headers, execute arbitrary code with root privileges in function containers, steal ServiceAccount Tokens with cluster-admin...

9.3CVSS6.4AI score0.02359EPSS

Exploits1References6

Snyk•added 2026/03/04 9:5 p.m.•3 views

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

Overview Affected versions of this package are vulnerable to Failure to Sanitize Special Elements into a Different Plane Special Element Injection in the processing of the X-Nuclio-Arguments HTTP header, which is incorporated into shell commands without validation or sanitization. An attacker can...

9.8CVSS6AI score0.02359EPSS

Exploits1References2

Github Security Blog•added 2026/03/04 9:5 p.m.•6 views

Nuclio Shell Runtime Command Injection Leading to Privilege Escalation

9.8CVSS6.4AI score0.02359EPSS

Exploits1References6Affected Software1

Positive Technologies•added 2026/03/04 12:0 a.m.•7 views

PT-2026-23091

Name of the Vulnerable Software and Affected Versions Nuclio versions prior to 1.15.20 Description Nuclio's Shell Runtime component contains a command injection issue. When a function is invoked via HTTP, the runtime reads the X-Nuclio-Arguments header and directly incorporates its value into she...

9.9CVSS6.1AI score0.22162EPSS

Exploits68References139

OSV•added 2025/08/14 6:52 p.m.•4 views

MAL-2025-23263 Malicious code in integer-execute-shell-runtime-protected (npm)

The package integer-execute-shell-runtime-protected was found to contain malicious code...

7.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by