Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFail CVE-2026-31431 Overview CopyFail is a proof...

CVE-2026-7551

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...

[SECURITY] Fedora 42 Update: openssh-9.9p1-14.fc42

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CLSA-2026-1777540774 php: Fix of 4 CVEs

CVE-2018-14883: fix integer overflow leading to heap buffer overflow in exifthumbnailextract - CVE-2019-19246: fix heap buffer overflow in oniguruma strlowercasematch - CVE-2018-19518: disable imap rsh/ssh by default to prevent argument injection imap.enableinsecurersh INI added - CVE-2018-20783:...

php: Fix of 4 CVEs

CVE-2018-14883: fix integer overflow leading to heap buffer overflow in exifthumbnailextract - CVE-2019-19246: fix heap buffer overflow in oniguruma strlowercasematch - CVE-2018-19518: disable imap rsh/ssh by default to prevent argument injection imap.enableinsecurersh INI added - CVE-2018-20783:...

PT-2026-36599

Name of the Vulnerable Software and Affected Versions CTMS affected versions not specified CPAS affected versions not specified Description CTMS and CPAS developed by Sunnet contain an arbitrary file upload flaw. This allows privileged remote attackers to upload and execute web shell backdoors,...

Sunnet CTMS和Sunnet CPAS 代码问题漏洞

Sunnet CTMS and Sunnet CPAS are both products of China’s Sunnet Company. Sunnet CTMS is an enterprise training software. Sunnet CPAS is an enterprise performance management software. Both Sunnet CTMS and Sunnet CPAS have code vulnerabilities. These vulnerabilities stem from arbitrary file upload...

MAL-2026-3224 Malicious code in graphicctx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8867133b18f35132bf0096bdbd5d1891e87f8a07bbba09f6dffe21c8b048596e Packages in this campaign are used to exfiltrate data from users installing code from prepared Github repositories. Packages contain code to exfiltrate files...

Linux Execute Command

Execute an arbitrary command or just a /bin/sh shell Module Options msf use payload/linux/aarch64/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec run This module requires Metasploit:...

CLSA-2026-1777661044 vim: Fix of CVE-2026-33412

CVE-2026-33412: fix OS command injection via newline in glob by adding \n to SHELLSPECIAL in src/osunix.c so newlines are escaped before the pattern is passed to the user's shell...

CLSA-2026-1777565595 vim: Fix of CVE-2026-33412

CVE-2026-33412: fix OS command injection via newline in glob by adding \n to SHELLSPECIAL in src/osunix.c so newlines are escaped before the pattern is passed to the user's shell...

ASB-A-469080888

In adbdtlsverifycert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote proximal/adjacent code execution as the shell user with no additional execution privileges needed. User interaction is not needed for...

CVE-2026-7551

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...

CVE-2026-7551

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...

EUVD-2026-26451

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...

CVE-2026-7551

The CVE describes a remote code execution vulnerability in HKUDS OpenHarness exposed via the /bridge command. An attacker-enabled /bridge spawn command can forward attacker-controlled text to the bridge session manager and execute commands through the shared shell subprocess helper, allowing shel...

Exploit for CVE-2026-31431

CVE-2026-31431-poc An...

Exploit for CVE-2026-31431

Copy Fail PoC English Python PoC for CVE-2026-31431,...

Malicious code in buffparser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cc891132b1216e9093bcdd4581373dc7f750f700c82347c28bd1dff079261d8 Described as a utility for gaming, the code starts a reverse shell when using the exposed alledegdly parsing function. --- Category: MALICIOUS - The campaign h...

MAL-2026-3203 Malicious code in buffparser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cc891132b1216e9093bcdd4581373dc7f750f700c82347c28bd1dff079261d8 Described as a utility for gaming, the code starts a reverse shell when using the exposed alledegdly parsing function. --- Category: MALICIOUS - The campaign h...