CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/03/26 3:2 p.m.•2 views

CVE-2026-32032

OpenClaw versions prior to 2026.2.22 contain an arbitrary shell execution vulnerability in shell environment fallback that trusts the unvalidated SHELL path from the host environment. An attacker with local environment access can inject a malicious SHELL variable to execute arbitrary commands wit...

7.8CVSS6.2AI score0.00127EPSS

RedhatCVE•added 2026/03/26 3:1 p.m.•4 views

CVE-2026-27067

Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor mobile-app-editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through = 1.3.1...

9.1CVSS5.9AI score0.00275EPSS

RedhatCVE•added 2026/03/26 3:1 p.m.•3 views

CVE-2026-27566

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper chains. Attackers can route execution through wrapper binaries like env bash to smuggle payloads that satisfy allowlist entries while...

8.8CVSS6.1AI score0.00419EPSS

RedhatCVE•added 2026/03/26 3:0 p.m.•2 views

CVE-2026-33648

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the restreamer endpoint constructs a log file path by embedding user-controlled usersid and liveTransmitionHistoryid values from the JSON request body without any sanitization. This log file path is then...

8.8CVSS6.1AI score0.00612EPSS

RedhatCVE•added 2026/03/26 3:0 p.m.•2 views

CVE-2026-33310

Intake is a package for finding, investigating, loading and disseminating data. Prior to version 2.0.9, the shell syntax within parameter default values appears to be automatically expanded during the catalog parsing process. If a catalog contains a parameter default such as shell, the command ma...

8.8CVSS5.9AI score0.00428EPSS

RedhatCVE•added 2026/03/26 3:0 p.m.•6 views

CVE-2026-33475

Langflow is a tool for building and deploying AI-powered agents and workflows. An unauthenticated remote shell injection vulnerability exists in multiple GitHub Actions workflows in the Langflow repository prior to version 1.9.0. Unsanitized interpolation of GitHub context variables e.g., $...

9.1CVSS6.3AI score0.02956EPSS

RedhatCVE•added 2026/03/26 2:59 p.m.•6 views

CVE-2026-20163

In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.0.2503.12, 10.1.2507.16, and 9.3.2411.124, a user who holds a role that contains the high-privilege capability editcmd could execute arbitrary shell commands using the...

7.2CVSS6.1AI score0.00462EPSS

RedhatCVE•added 2026/03/26 2:59 p.m.•5 views

CVE-2026-31975

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...

9.8CVSS6AI score0.03433EPSS

RedhatCVE•added 2026/03/26 2:57 p.m.•9 views

CVE-2026-26830

pdf-image npm package through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format to interpolate user-controlled file paths into shell command strings that are executed via childprocess.e...

9.8CVSS5.8AI score0.02493EPSS

Exploits4References1

RedhatCVE•added 2026/03/26 2:56 p.m.•3 views

CVE-2019-25483

Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...

8.6CVSS6AI score0.00128EPSS

NVD•added 2026/03/26 2:16 p.m.•3 views

CVE-2019-25650

River Past CamDo 3.7.6 contains a structured exception handler SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll name field. Attackers can craft a payload with a 280-byte buffer, NSEH jump instruction, and SE...

8.6CVSS0.00183EPSS

Cvelist•added 2026/03/26 1:24 p.m.•23 views

CVE-2019-25650 River Past CamDo 3.7.6 Structured Exception Handler Buffer Overflow

8.6CVSS0.00183EPSS

Vulnrichment•added 2026/03/26 1:24 p.m.•2 views

CVE-2019-25650 River Past CamDo 3.7.6 Structured Exception Handler Buffer Overflow

8.6CVSS6.8AI score0.00183EPSS

CVE•added 2026/03/26 1:24 p.m.•6 views

CVE-2019-25650

Affected software: River Past CamDo 3.7.6. Vulnerability: SEH buffer overflow in Lame_enc.dll name field enables local code execution. The exploit payload uses a ~280-byte buffer, an NSEH jump, and an SEH handler address to trigger code execution via a pop-pop-ret gadget, potentially establishing...

8.6CVSS6.8AI score0.00183EPSS

ATTACKERKB•added 2026/03/26 1:24 p.m.•2 views

CVE-2019-25650

8.6CVSS6.8AI score0.00183EPSS

Exploits0References3Affected Software1

SUSE Linux•added 2026/03/26 5:4 a.m.•3 views

Security update for vim

This update for vim fixes the following issues: Update Vim to version 9.2.0110: CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip bsc1246602. CVE-2026-26269: Netbeans specialKeys stack buffer overflow bsc1258229. CVE-2026-28417: crafted URL parsed by netrw plugin can...

5.4CVSS7.1AI score0.01162EPSS

Exploits1References12

CNVD•added 2026/03/26 12:0 a.m.•1 views

OpenClaw Command Injection Vulnerability (CNVD-2026-15058)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A command injection vulnerability exists in versions of OpenClaw prior to 2026.2.24. The vulnerability stems from a failure to properly filter construct command special characters, commands, etc. in the system.run...

9.8CVSS6.1AI score0.00911EPSS