SUSE CVE-2026-33623

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.8.4 contains a Windows-only command injection issue in the orphaned Chrome cleanup path. When an instance is stopped, the Windows cleanup routine builds a PowerShell -Command string using a...

CVE-2026-33623 PinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command Execution

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.8.4 contains a Windows-only command injection issue in the orphaned Chrome cleanup path. When an instance is stopped, the Windows cleanup routine builds a PowerShell -Command string using a...

GO-2026-4823 PinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command Execution in github.com/pinchtab/pinchtab

PinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command Execution in github.com/pinchtab/pinchtab...

pinchtab 资源管理错误漏洞

Pinchtab is an open-source AI-powered browser control tool developed by Pinchtab. Version 0.8.4 of Pinchtab contains a resource management vulnerability, which stems from command injection in Windows cleanup paths, potentially allowing arbitrary PowerShell commands to be executed...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the Windows cleanup routine when a crafted profile name containing PowerShell metacharacters is used. An attacker can execute arbitrary PowerShell commands with the privileges of the application process user by...

PT-2026-27630

Name of the Vulnerable Software and Affected Versions PinchTab versions prior to 0.8.5 Description PinchTab, a standalone HTTP server for controlling a Chrome browser with AI agents, contains a Windows-only command injection issue within the orphaned Chrome cleanup path. The issue arises because...

EUVD-2022-26994

Malicious code in bioql PyPI...

CVE-2022-21838

Windows Cleanup Manager Elevation of Privilege Vulnerability...

CVE-2022-21838

Windows Cleanup Manager Elevation of Privilege Vulnerability...

CVE-2022-21838 Windows Cleanup Manager Elevation of Privilege Vulnerability

...

Microsoft Windows 后置链接漏洞

Microsoft Windows Cleanup Manager is a cleanup manager from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Windows Cleanup Manager. The following products and editions are affected:Windows Server 2012 R2 Server Core installation,Windows 10 Version 1809 for 32-bit...

PT-2022-1524 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Windows Cleanup Manager. It is caused by incorrect link resolution before accessing a file. Exploitation of this issue...