6 matches found
CVE-2026-48704
Warp is an agentic development environment. From 0.2023.10.24.08.03.stable00 until 0.2026.05.06.15.42.stable01, Warp may open executable local files through the operating system default file handler. A malicious Markdown document or project can contain a local-file link that appears as normal...
EUVD-2026-28988
A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...
CVE-2026-7140 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection
A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument HTTP leads to os command injection. The attack may be performed from remote. The exploit has...
OESA-2025-1748 p7zip security update
7za for Linux system to archive file as 7z file format Security Fixes: The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 for 7zz contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512i-2, for i=9,...
7-Zip Security Vulnerabilities
7-Zip is a compression software. A security vulnerability exists in versions prior to 7-Zip 24.01, which stems from a heap-based buffer overflow vulnerability in the NtfsHandler.cpp NTFS handler program that allows an attacker to overwrite two bytes at multiple offsets...
The vulnerability of the syncNtpTime() function in the SystemHandler.class.php script of the software for backup and recovery, Vinchin Backup & Recovery, allows a perpetrator to execute arbitrary commands.
The vulnerability of the syncNtpTime function in the SystemHandler.class.php script of the software for backup and recovery solutions, Vinchin Backup & Recovery, is related to the failure to eliminate special elements used in the operating system’s command processing when handling the ntphost...