Net::IMAP 命令注入漏洞

Net::IMAP is a Ruby client API for the IMAP message access protocol, developed by Ruby Open Source. Versions of Net::IMAP prior to 0.4.24, 0.5.14, and 0.6.4 contained a command injection vulnerability. This vulnerability stemmed from multiple Net::IMAP commands that accepted unvalidated or escape...

CVE-2026-42453 Termix: Command injection in extractArchive/compressFiles via double-quote escaping bypass

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, the extractArchive and compressFiles endpoints in file-manager.ts use double-quoted strings for shell command construction, unlike all other file manager operation...

EUVD-2026-28597

math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse is injected verbatim into a new Function body without sanitization. This allows an attacker to execute arbitrary system commands when user-controlled input reaches the...

CVE-2026-41507

CVE-2026-41507 affects math-codegen. Prior to 0.4.3, string literals passed to cg.parse() are injected into a new Function() body without sanitization, enabling attacker-controlled input to execute arbitrary system commands and potentially achieve full RCE when user input reaches the parser. The ...

CVE-2026-41501

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

CVE-2026-42267

Kimai is an open-source time tracking application. From version 2.27.0 to before version 2.54.0, any ROLEUSER can create a tag with a formula string as its name e.g. =SUM54+51 via POST /api/tags and assign it to a timesheet. When an admin exports timesheets to XLSX, ArrayFormatter.formatValue joi...

CVE-2026-41501 electerm has Command Injection Vulnerability via runLinux function

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

EUVD-2026-28497

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

CVE-2026-41501

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

CVE-2026-41501 electerm has Command Injection Vulnerability via runLinux function

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

CVE-2026-41501

CVE-2026-41501 affects electerm prior to v3.3.8. The vulnerability resides in npm/install.js:130 where the runLinux() function appends attacker-controlled remote version strings directly into an unvalidated exec("rm -rf ...") command, enabling command injection. Reports across NVD, CVELIST, PT-Se...

Termix 命令注入漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.1.0 contained a command injection vulnerability. This vulnerability stemmed from the use of double-quoted strings in the extractArchive and compressFiles endpoints, which allowed for...

Linux Distros Unpatched Vulnerability : CVE-2026-41889

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted...

JLSEC-2026-455 Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer...

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

GHSA-FPF5-4JW8-67X8 rust-zserio has Unbounded Memory Allocation

Impact When deserializing arrays, strings or bytes blob types zserio first reads the size of the variable, and then allocates sufficient memory to load data. Since the size is always trusted this can be abused by creating a data file with a large size value, causing the zserio runtime to allocate...

CVE-2026-23927

The CVE-2026-23927 entry describes a vulnerability in the Agent 2 Oracle plugin where an authenticated user who can connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can cause Agent 2 to connect to an attacker-controlled server and may leak Oracle dat...

Zabbix 安全漏洞

Zabbix is a set of open-source monitoring systems developed by Zabbix Inc. This system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. Zabbix has security vulnerabilities; one of these vulnerabilities allows users who can connect to Agent 2 to inject...

PT-2026-38053

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...

Use of GET Request Method With Sensitive Query Strings

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Use of GET Request Method With Sensitive Query Strings in the OAuth login process, where the user's password hash is included as a query parameter in a redirect UR...

CVE-2026-30923

CVE-2026-30923 affects libModSecurity3 (ModSecurity v3) where a rule using the t:hexDecode transformation can trigger a segmentation fault when inspecting a single-character query string, causing worker process crashes and denial of service. All versions prior to 3.0.15 are affected; the issue is...