Total
2882 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-14648 | 1 Dedebiz | 1 Dedebiz | 2025-12-22 | 5.8 MEDIUM | 4.7 MEDIUM |
| A security vulnerability has been detected in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalog_add.php. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-65657 | 1 Feehi | 1 Feehicms | 2025-12-19 | N/A | 6.5 MEDIUM |
| FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation, sanitization, or execution restrictions. An authenticated remote attacker can upload a crafted PHP file and cause the application or web server to execute it, resulting in remote code execution (RCE). | |||||
| CVE-2025-11921 | 2025-12-19 | N/A | N/A | ||
| iStats contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via command injection.This issue affects iStats: 7.10.4. | |||||
| CVE-2025-66219 | 1 Dontkry | 1 Willitmerge | 2025-12-19 | N/A | 9.8 CRITICAL |
| willitmerge is a command line tool to check if pull requests are mergeable. In versions 0.2.1 and prior, there is a command Injection vulnerability in willitmerge. The vulnerability manifests in this package due to the use of insecure child process execution API (exec) to which it concatenates user input, whether provided to the command-line flag, or is in user control in the target repository. At time of publication, no known fix is public. | |||||
| CVE-2025-14586 | 1 Totolink | 2 X5000r, X5000r Firmware | 2025-12-18 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulation of the argument User causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-65292 | 1 Aqara | 6 Camera Hub G3, Camera Hub G3 Firmware, Hub M2 and 3 more | 2025-12-17 | N/A | 7.3 HIGH |
| Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 allows attackers to execute arbitrary commands with root privileges through malicious domain names. | |||||
| CVE-2025-65293 | 1 Aqara | 2 Camera Hub G3, Camera Hub G3 Firmware | 2025-12-17 | N/A | 6.6 MEDIUM |
| Command injection vulnerabilities in Aqara Camera Hub G3 4.1.9_0027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset. | |||||
| CVE-2025-55893 | 1 Totolink | 2 N200re, N200re Firmware | 2025-12-17 | N/A | 6.5 MEDIUM |
| TOTOLINK N200RE V9.3.5u.6437_B20230519 is vulnerable to command Injection in setOpModeCfg via hostName. | |||||
| CVE-2025-55901 | 1 Totolink | 2 A3300r, A3300r Firmware | 2025-12-17 | N/A | 6.5 MEDIUM |
| TOTOLINK A3300R V17.0.0cu.596_B20250515 is vulnerable to command injection in the function NTPSyncWithHost via the host_time parameter. | |||||
| CVE-2025-66404 | 1 Suyogs | 1 Mcp-server-kubernetes | 2025-12-16 | N/A | 6.4 MEDIUM |
| MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8. | |||||
| CVE-2025-14108 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-16 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released. | |||||
| CVE-2025-14107 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-16 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2_api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safe_dir results in command injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released. | |||||
| CVE-2025-14106 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2_api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safe_dir leads to command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released. | |||||
| CVE-2025-11490 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-12-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor explains: "The usual use case is that AI is asked to do something, picks commands itself, and typically uses simple command names without absolute paths. It's curious why a user would ask the model to bypass restrictions this way. (...) This could potentially be a problem, but we are yet to hear reports of this being an issue in actual workflows. We'll leave this issue open for situations where people may report this as a problem for the long term." | |||||
| CVE-2025-11491 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-12-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-14485 | 2025-12-12 | 4.6 MEDIUM | 5.0 MEDIUM | ||
| A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function show_debug_screen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm*& causes command injection. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-67511 | 2025-12-12 | N/A | 9.6 CRITICAL | ||
| Cybersecurity AI (CAI) is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the run_ssh_command_with_credentials() function, which is available to AI agents. Only password and command inputs are escaped in run_ssh_command_with_credentials to prevent shell injection; while username, host and port values are injectable. This issue does not have a fix at the time of publication. | |||||
| CVE-2025-67508 | 2025-12-12 | N/A | 8.0 HIGH | ||
| gardenctl is a command-line client for the Gardener which configures access to clusters and cloud provider CLI tools. When using non‑POSIX shells such as Fish and PowerShell, versions 2.11.0 and below of gardenctl allow an attacker with administrative privileges for a Gardener project to craft malicious credential values. The forged credential values are used in infrastructure Secret objects that break out of the intended string context when evaluated in Fish or PowerShell environments used by the Gardener service operators. This issue is fixed in version 2.12.0. | |||||
| CVE-2025-64671 | 1 Microsoft | 1 Github Copilot | 2025-12-12 | N/A | 8.4 HIGH |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-65363 | 1 Ruijie | 2 Rg-ap720-l, Rg-ap720-l Firmware | 2025-12-12 | N/A | 7.2 HIGH |
| Authenticated append-style command-injection Ruijie APs (AP_RGOS 11.1.x) allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the web_action.do endpoint. | |||||