EUVD-2026-35707

Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...

Debian dla-4612 : python3-sentry-sdk - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4612 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4612-1 [email protected] https://www.debian.org/lts/security/...

CVE-2026-45370

python-utcp is the python implementation of UTCP. Prior to 1.1.3, prepareenvironment in clicommunicationprotocol.py passes a full copy of os.environ to every CLI subprocess. When combined with CVE-2026-45369, an attacker can exfiltrate all process-level secrets in a single tool call. This...

EUVD-2026-32930

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent inheritance of LOGSUBDOMAINSOFF in landlock. This vulnerability may cause subprocesses to...

CVE-2026-45370

python-utcp is the python implementation of UTCP. Prior to 1.1.3, prepareenvironment in clicommunicationprotocol.py passes a full copy of os.environ to every CLI subprocess. When combined with CVE-2026-45369, an attacker can exfiltrate all process-level secrets in a single tool call. This...

agent-skill-poc

Agent Skill POC - LLM-driven Interactive CLI Agent An LLM-dri...

Linux Distros Unpatched Vulnerability : CVE-2024-40647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite th...

OS Command Injection

github.com/charmbracelet/soft-serve is vulnerable to OS Command Injection. The vulnerability is due to improper environment variable handling due to Soft Serve passing all environment variables given by the client to git subprocesses. Attackers can use this to execute arbitrary code via environme...

SUSE CVE-2024-40647

sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite the env= setting. In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifical...

GHSA-G92J-QHMH-64V2 Sentry's Python SDK unintentionally exposes environment variables to subprocesses

Impact The bug in Sentry's Python SDK subprocess.checkoutput"env", env="TEST":"1" b'TEST=1\n' If you'd want to not pass any variables, you can set an empty dict: subprocess.checkoutput"env", env= b'' However, the bug in Sentry SDK 2.8.0 causes all environment variables to be passed to the...

Sentry's Python SDK unintentionally exposes environment variables to subprocesses

Impact The bug in Sentry's Python SDK subprocess.checkoutput"env", env="TEST":"1" b'TEST=1\n' If you'd want to not pass any variables, you can set an empty dict: subprocess.checkoutput"env", env= b'' However, the bug in Sentry SDK 2.8.0 causes all environment variables to be passed to the...

CVE-2024-40647

sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite the env= setting. In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifical...

DEBIAN-CVE-2024-40647

sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite the env= setting. In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifical...

UBUNTU-CVE-2024-40647

sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite the env= setting. In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifical...

CVE-2024-40647 Unintentional exposure of environment variables to subprocesses in sentry-sdk

sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite the env= setting. In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifical...

CVE-2024-40647

CVE-2024-40647 affects the Python SDK for Sentry (sentry-sdk) prior to 2.8.0. With the Stdlib integration enabled by default, a bug causes environment variables to be passed to subprocesses in Python’s subprocess calls, even when env={} is specified. The issue is fixed in sentry-sdk 2.8.0 (and pa...

Lazygit - Simple Terminal UI For Git Commands

A simple terminal UI for git commands, written in Go with the gocui library. Are YOU tired of typing every git command directly into the terminal, but you're too stubborn to use Sourcetree because you'll never forgive Atlassian for making Jira? This is the app for you! Installation Homebrew brew...

Debian DSA-3517-1 : exim4 - security update

A local root privilege escalation vulnerability was found in Exim, Debian's default mail transfer agent, in configurations using the'perlstartup' option Only Exim via exim4-daemon-heavy enables Perl support. To address the vulnerability, updated Exim versions clean the complete execution...

perl: improper input validation

Stephane Chazelas discovered a bug in the environment handling in Perl. Perl provides a Perl-space hash variable, %ENV, in which environment variables can be looked up. If a variable appears twice in envp, only the last value would appear in %ENV, but getenv would return the first. Perl's taint...