CVE-2026-12059

The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope...

CVE-2026-12059 Cellopoint｜CelloOS - Improper Access Control

The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope...

linux-privesc-linpeas

🐧 linux-privesc-linpeas End-to-end Linux privilege escalati...

SUSE CVE-2026-42563

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, Dulwich's ProcessMergeDriver substitutes the file path from the git tree, controllable by an attacker via a malicious branch into the merge driver command via the ...

Joern 4.0.557

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

PT-2026-49035

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description A policy enforcement issue exists in the system.run safe-bin allowlist validation on POSIX nodes. This flaw allows shell expansion to modify how commands are interpreted. Authenticated operators...

PT-2026-49063

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

PT-2026-48830

The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope...

Fedora 43 : composer (2026-4308b5fc39)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4308b5fc39 advisory. Version 2.10.1 - 2026-06-04 Security: Fixed shell escaping when opening an editor 12903 Security: Verify backup phar signature before restoring it when using...

PT-2026-48993

Name of the Vulnerable Software and Affected Versions kitty versions prior to 0.47.3 Description In the kitty GPU-based terminal, the OSC 21 color-control query reply reflects attacker-controlled bytes, including newlines, into the shell input without proper sanitization. Recommendations Update t...

PT-2026-48956

During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits...

PT-2026-49026

OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv could change between approval and execution. Attackers can rebuild command arguments after allowlist approval to execute unapproved command shapes, potentially bypassing security controls...

CVE-2026-42846 ClipBucket: Remote Play URL Command Injection

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

EUVD-2026-36367

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

CVE-2026-45172

Due to incomplete input validation in Idira Privileged Session Manager for SSH PSMP versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18...

Malicious code in internallib_v557 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 275af9596caf2b68994ca8282da7e127f8a4478e07888dbae73826328b4e41f2 index.js implements a multi-step attack against an internal npm registry. On invocation of the exported command, it: 1 creates a Verdaccio user...

MAL-2026-5678 Malicious code in internallib_v557 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 275af9596caf2b68994ca8282da7e127f8a4478e07888dbae73826328b4e41f2 index.js implements a multi-step attack against an internal npm registry. On invocation of the exported command, it: 1 creates a Verdaccio user...

CVE-2026-45172 Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command

Due to incomplete input validation in Idira Privileged Session Manager for SSH PSMP versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18...

CVE-2026-45172

The CVE describes an input validation flaw in Idira Privileged Session Manager for SSH (PSMP). A authenticated, low-privilege user could potentially execute arbitrary commands on the PSMP host due to incomplete input validation in PSMP versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6. Affecte...

CVE-2026-53806

OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling...