BIT-PYTHON-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

BIT-MLFLOW-2025-14287 Command Injection in mlflow/mlflow

A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the mlflow/sagemaker/init.py file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, whic...

BIT-LIBPYTHON-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

[SECURITY] Fedora 44 Update: cockpit-360.1-1.fc44

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

[SECURITY] Fedora 44 Update: plasma-mobile-6.6.4-1.fc44

General UI components for Plasma Phone including shell, containment and apple ts...

[SECURITY] Fedora 44 Update: plasma-desktop-6.6.4-1.fc44

Plasma Desktop shell...

[SECURITY] Fedora 44 Update: layer-shell-qt-6.6.4-1.fc44

This component is meant for applications to be able to easily use clients based on wlr-layer-shell...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the spawn function. An attacker can execute arbitrary shell commands on the server and access sensitive environment variables, including API keys, authentication secrets, and database credentials, by...

Flowise: File Upload Validation Bypass in createAttachment

Summary In FlowiseAI, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesn’t normally allow JavaScript uploads. This enables attackers to persistently store malicious...

Command Injection

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Command Injection in the cloneServer.json.php endpoint of the CloneSite plugin, where user-controlled input is concatenated into a shell command without proper...

WWBN AVideo: RCE cause by clonesite plugin

Description Summary The cloneServer.json.php endpoint in the CloneSite plugin constructs shell commands using user-controlled input url parameter without proper sanitization. The input is directly concatenated into a wget command executed via exec, allowing command injection. An attacker can inje...

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition via the validateScriptFileForShellBleed function. An attacker can cause the preflight analysis to inspect a different file than the one tha...

CVE-2026-6442

Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent...

Updated cockpit-338 packages fix security vulnerability

Unauthenticated remote code execution due to ssh command-line argument injection. CVE-2026-4631...

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and...

Malicious code in react-appfabric-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a524b70e3efe81a382327e73d51cabb650ed488156ac7dbe61d61fcbcff68f8 The package react-appfabric-shell was found to contain malicious code...

MAL-2026-2795 Malicious code in react-appfabric-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a524b70e3efe81a382327e73d51cabb650ed488156ac7dbe61d61fcbcff68f8 The package react-appfabric-shell was found to contain malicious code...

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine CERT-UA has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and...

[SECURITY] Fedora 43 Update: NetworkManager-ssh-1.4.4-1.fc43

This package contains software for integrating VPN capabilities with the OpenSSH server with NetworkManager...

OpenSSH < 10.3 Multiple Vulnerabilities

The version of OpenSSH installed on the remote host is prior to 10.3. It is, therefore, affected by multiple vulnerabilities as referenced in the release-10.3 advisory. - In OpenSSH before 10.3, validation of shell metacharacters in user names supplied on the command-line was performed too late,...