Lucene search
K

6 matches found

NVD
NVD
added 2026/06/24 6:17 p.m.7 views

CVE-2026-48704

Warp is an agentic development environment. From 0.2023.10.24.08.03.stable00 until 0.2026.05.06.15.42.stable01, Warp may open executable local files through the operating system default file handler. A malicious Markdown document or project can contain a local-file link that appears as normal...

8.8CVSS0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/10 9:31 a.m.14 views

EUVD-2026-28988

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

5.5CVSS5.7AI score0.01387EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/04/27 4:30 p.m.3 views

CVE-2026-7140 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument HTTP leads to os command injection. The attack may be performed from remote. The exploit has...

10CVSS8.1AI score0.01766EPSS
Exploits0References5
OSV
OSV
added 2025/07/11 12:17 p.m.6 views

OESA-2025-1748 p7zip security update

7za for Linux system to archive file as 7z file format Security Fixes: The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 for 7zz contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512i-2, for i=9,...

8.4CVSS7.4AI score0.00989EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/07/03 12:0 a.m.5 views

7-Zip Security Vulnerabilities

7-Zip is a compression software. A security vulnerability exists in versions prior to 7-Zip 24.01, which stems from a heap-based buffer overflow vulnerability in the NtfsHandler.cpp NTFS handler program that allows an attacker to overwrite two bytes at multiple offsets...

8.4CVSS8.2AI score0.00343EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/02/09 12:0 a.m.5 views

The vulnerability of the syncNtpTime() function in the SystemHandler.class.php script of the software for backup and recovery, Vinchin Backup & Recovery, allows a perpetrator to execute arbitrary commands.

The vulnerability of the syncNtpTime function in the SystemHandler.class.php script of the software for backup and recovery solutions, Vinchin Backup & Recovery, is related to the failure to eliminate special elements used in the operating system’s command processing when handling the ntphost...

9CVSS8AI score0.02369EPSS
Exploits4References5Affected Software1
Rows per page
Query Builder