CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2026/02/19 7:43 p.m.•3 views

CVE-2026-26280 Systeminformation has a Command Injection via unsanitized interface parameter in wifi.js retry path

systeminformation is a System and OS information library for node.js. In versions prior to 5.30.8, a command injection vulnerability in the wifiNetworks function allows an attacker to execute arbitrary OS commands via an unsanitized network interface parameter in the retry code path. In...

8.4CVSS6.4AI score0.0003EPSS

Exploits1References4

CNNVD•added 2026/02/19 12:0 a.m.•3 views

systeminformation 操作系统命令注入漏洞

Systeminformation is a Npm software library developed by Sebastian Hildebrandt, which allows access to operating system information. Versions of Systeminformation prior to 5.30.8 contained a vulnerability related to operating system command injection. This vulnerability stemmed from network...

8.4CVSS5.8AI score0.0003EPSS

Exploits1References2

NVD•added 2023/09/21 6:15 p.m.•11 views

CVE-2023-42810

systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to wifiConnections,...

9.8CVSS9.8AI score0.02061EPSS

Exploits0References3