31188 matches found
EUVD-2026-10516
An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file...
GO-2026-4598 Nuclio Shell Runtime Command Injection Leading to Privilege Escalation in github.com/nuclio/nuclio
Nuclio Shell Runtime Command Injection Leading to Privilege Escalation in github.com/nuclio/nuclio. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
CVE-2026-25573
A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The affected application builds shell commands with caller-provided strings and executes them. An attacker could influence the executed command, potentially resulting in command injection and full system compromise...
CVE-2026-25185
Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-25185
Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-22628
An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file...
CVE-2026-30916
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: Further investigation determined that the software behavior described did not falls within the project's threat model. See https://github.com/github/advisory-database/pull/7206 for more information...
CVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability
...
CVE-2026-25185
Technical details (affected products, components, root cause, impact, and remediation) are not provided in the supplied documents. Monitor for updates.
CVE-2026-25185 Windows Shell Link Processing Spoofing Vulnerability
...
CVE-2026-25185
Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-25185 Windows Shell Link Processing Spoofing Vulnerability
...
CVE-2026-22628
CVE-2026-22628 describes an improper access control flaw in Fortinet FortiSwitch AXFixed, affecting versions 1.0.0 through 1.0.1. An authenticated admin can execute system commands by supplying a specially crafted SSH config file, enabling local command execution with low impact vector (local, lo...
CVE-2026-22628
An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file...
CVE-2026-25573
A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The affected application builds shell commands with caller-provided strings and executes them. An attacker could influence the executed command, potentially resulting in command injection and full system compromise...
Windows Shell Link Processing Spoofing Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network...
pentesting-writeups
🔐 Pentesting Writeups Personal penetration testing document...
pentesting-notes
🔐 Pentesting Notes Personal penetration testing documentati...
Exploit for Code Injection in Anthropic Claude_Code
Claude Code: MCP Tool Confirmation Prompt Misrepresentation !...
This Week in Spring - March 10th, 2026
Hi, Spring fans! Welcome to another installment of This Week in Spring. As I write this, I am preparing for a trip to Rust, Germany, for one of the best Java conferences in Europe: JavaLand, along with its new companion event, DevLand. It should be fun. Will you be around? If so, say hi. We have ...