command-injection
58 articles with this tag
HIGH
HIGH
INFO
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
HIGH
CRITICAL
MEDIUM
HIGH
MEDIUM
CRITICAL
MEDIUM
HIGH
CRITICAL
HIGH
HIGH
MEDIUM
CRITICAL
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
HIGH
INFO
CRITICAL
LOW
CRITICAL
CRITICAL
HIGH
CRITICAL
MEDIUM
MEDIUM
CRITICAL
CRITICAL
MEDIUM
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
USN-8304-1: Vim vulnerabilities
DSA-6286-1 evince - security update
Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability
How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
NCSC-2026-0165 [1.00] [M/H] Kwetsbaarheid aangetroffen in Microsoft Windows
CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"
CVE-2026-46483 Vim: Command injection in tar#Vimuntar via missing shellescape {special} flag
[webapps] glances 4.5.2 - command injection
CVE-2026-42258 net-imap: Command Injection via unvalidated Symbol inputs
CVE-2026-44656 Vim: OS Command Injection via 'path' completion
[webapps] Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection
GitHub vulnerability CVE-2026-3854 allows code execution with a single git push
[local] Atlona ATOMERX21 - Authenticated Command Injection
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
CVE-2022-2068 The c_rehash script allows command injection
Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities
Command Execution via Drag-and-Drop in Terminal Emulators
Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers
CVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()
Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers
NCSC-2026-0121 [1.00] [M/H] Kwetsbaarheden verholpen in Fortinet FortiSandbox
NCSC-2026-0106 [1.00] [M/H] Kwetsbaarheden verholpen in Cisco Integrated Management Controller
Arbitrary file deletion in administrative interface
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities
VMware Aria Operations Vulnerability Exploited in the Wild
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
VU#431821: MS-Agent does not properly sanitize commands sent to its shell tool, allowing for RCE
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
EnOcean SmartServer IoT
Key security flaws in QNAP’s NAS and router systems explained
NVD - CVE-2026-20841
PromptJacking: The Critical RCEs in Claude Desktop That Turn Questions Into Exploits
BeyondTrust Gets Hit Again: Pre-Auth RCE in Remote Support Tools
New tool blocks imposter attacks disguised as safe commands
Johnson Controls Metasys Products
CISA flags critical SolarWinds RCE flaw as exploited in attacks
USN-7992-1: Inetutils vulnerability
Metasploit Wrap-Up 01/23/2026
Scanning Webserver with /$(pwd)/ as a Starting Path, (Sun, Jan 25th)
ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories
Cisco Unified Communications Products Remote Code Execution Vulnerability
"Open sesame": Critical vulnerabilities in dormakaba physical access control system enable unlocking arbitrary doors
Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission
Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) - watchTowr Labs
CVE-2016-15057: ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Comm...
CVE-2025-59104: With physical access to the device and enough time an attacker is able to solder test leads to the d...
CVE-2025-59103: The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in ...
CVE-2025-59097: The exos 9300 application can be used to configure Access Managers (e.g. 92xx, 9230 and 9290). The c...
CVE-2025-59091: Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 d...
CVE-2026-1428: Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allow...
CVE-2026-1427: Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allow...
Silicon Valley’s Favorite New AI Agent Has Serious Security Flaws
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released
CVE-2026-1419: A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the fil...
CVE-2026-1414: A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to...
CVE-2026-1413: A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0....
CVE-2026-1412: A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to...
CVE-2026-24061: GNU InetUtils Argument Injection Vulnerability