MAL-2026-2500 Malicious code in totally-safe-util (npm)

Multiple suspicious behaviors: postinstall script, hex obfuscation, OS command execution to open a Rickroll, and attempt to hide execution. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d45a8a1395a8ff66e2ea74cacd9d8de0ebaa9e88e0170a6907b3e4861a2acc5 The packa...

PT-2026-30564

A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the component HTTP Interface. The manipulation of the argument config path results in os command injection. Attacking locally is a requirement...

Vale MCP Server 操作系统命令注入漏洞

The Vale MCP Server is an AI assistant protocol server with integrated syntax checking capabilities, developed by Chris Chinchilla. Versions of the Vale MCP Server prior to 0.1.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from improper...

CVE-2026-5532 ScrapeGraphAI scrapegraph-ai GenerateCodeNode generate_code_node.py create_sandbox_and_execute os command injection

A vulnerability was found in ScrapeGraphAI scrapegraph-ai up to 1.74.0. The affected element is the function createsandboxandexecute of the file scrapegraphai/nodes/generatecodenode.py of the component GenerateCodeNode Component. The manipulation results in os command injection. The attack may be...

CVE-2026-34938

The connected GHSA advisory describes a sandbox-escape in PraisonAI’s Python tools: execute_code() in praisonai-agents allows attacker-controlled Python to bypass a three-layer sandbox by subclassing str to override startswith(), bypassing _safe_getattr and enabling arbitrary OS command execution...

CVE-2026-33613

Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary dat...

Multiple vulnerabilities in NEC Aterm series (NV26-001)

Overview Aterm series products provided by NEC Corporation contain multiple vulnerabilities listed below. Missing authorization CWE-862 - CVE-2026-4309 Path traversal CWE-22 - CVE-2026-4619 OS command injection CWE-78 - CVE-2026-4620, CVE-2026-4622 Hidden functionality CWE-912 - CVE-2026-4621 The...

Vim < 9.2.0276 OS Command Injection (GHSA-8h6p-m6gr-mpw9)

The version of Vim installed on the remote host is prior to 9.2.0276. It is, therefore, affected by a vulnerability as referenced in the GHSA-8h6p-m6gr-mpw9 advisory. - A modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete,...

EUVD-2026-18173

Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary dat...

CVE-2026-33613

Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary dat...

CVE-2026-33613

CVE-2026-33613 concerns MB Connect Line mbCONNECT24 with a remote code execution in the generateSrpArray function caused by improper neutralisation of special elements in an OS command. The vulnerability allows an attacker to achieve full system compromise, but only if there is another path to wr...

CVE-2026-33613 MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArray

Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary dat...

EUVD-2026-17255

baserCMS has OS Command Injection Leading to Remote Code Execution RCE...

CVE-2026-30311

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations...

PT-2026-29146

Name of the Vulnerable Software and Affected Versions baserCMS versions prior to 5.2.3 Description baserCMS is a website development framework. Prior to version 5.2.3, it contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execute...

CVE-2026-5125 raine consult-llm-mcp server.ts child_process.execSync os command injection

A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...

EUVD-2026-16600

The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

Multiple vulnerabilities in BUFFALO Wi-Fi routers

Overview Wi-Fi router products provided by BUFFALO INC. contain multiple vulnerabilities listed below. Dependency on vulnerable third-party component CWE-1395 - This issue is caused by a vulnerability in minihttpd CVE-2015-1548. OS command injection CWE-78 - CVE-2026-27650 Code injection CWE-94 -...

📄 Generic HTTP Command Execution

This Metasploit module interacts with existing command execution functionality on a target system, where user-supplied input is directly passed to system execution functions via a HTTP request. This could be from an existing vulnerability, or uploaded webshells. It is likely that HTTP evasion...

PT-2026-28646

Name of the Vulnerable Software and Affected Versions NEC Platforms, Ltd. Aterm Series affected versions not specified Description An OS Command Injection issue exists in NEC Platforms, Ltd. Aterm Series. This allows a malicious actor to execute arbitrary OS commands through the network...