Total
5704 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-44656 | 1 Vim | 1 Vim | 2026-05-14 | N/A | 5.3 MEDIUM |
| Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435. | |||||
| CVE-2026-42307 | 1 Vim | 1 Vim | 2026-05-14 | N/A | 4.4 MEDIUM |
| Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383. | |||||
| CVE-2026-43685 | 1 Claris | 1 Filemaker Cloud | 2026-05-14 | N/A | 7.2 HIGH |
| A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5. | |||||
| CVE-2026-44258 | 2026-05-14 | N/A | N/A | ||
| efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the elfinder_checkRisk function validates target and targets for path traversal and home containment, but does not validate the dst (destination) parameter used by elfinder_paste. An attacker can copy or move files from within the home directory to any arbitrary destination by setting dst to a base64-encoded traversal path. This bypasses the protected=true security control. This vulnerability is fixed in 4.08.010. | |||||
| CVE-2026-28291 | 1 Simple-git Project | 1 Simple-git | 2026-05-13 | N/A | 8.1 HIGH |
| simple-git enables running native Git commands from JavaScript. Versions up to and including 3.31.1 allow execution of arbitrary commands through Git option manipulation, bypassing safety checks meant to block dangerous options like -u and --upload-pack. The flaw stems from an incomplete fix for CVE-2022-25860, as Git's flexible option parsing allows numerous character combinations (e.g., -vu, -4u, -nu) to circumvent the regular-expression-based blocklist in the unsafe operations plugin. Due to the virtually infinite number of valid option variants that Git accepts, a complete blocklist-based mitigation may be infeasible without fully emulating Git's option parsing behavior. This issue has been fixed in version 3.32.0. | |||||
| CVE-2026-43991 | 2026-05-13 | N/A | 8.4 HIGH | ||
| JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by adversarial argument constructions, allowing unauthorized command execution on the host when combined with the companion advisory. Pre-patch, the check was applied to the raw command string rather than the parsed first token. This vulnerability is fixed in 0.x.y-security-1. | |||||
| CVE-2026-43990 | 2026-05-13 | N/A | 8.4 HIGH | ||
| JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run_command wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be interpreted as command syntax. This vulnerability is fixed in 0.x.y-security-1. | |||||
| CVE-2026-6281 | 2026-05-13 | N/A | 8.8 HIGH | ||
| A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device. | |||||
| CVE-2026-42924 | 2026-05-13 | N/A | 8.7 HIGH | ||
| An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2026-34176 | 2026-05-13 | N/A | 8.7 HIGH | ||
| When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2026-8228 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-05-13 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlan_conf/Channel/skiplist/ieee_80211h leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure. | |||||
| CVE-2026-8227 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-05-13 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure. | |||||
| CVE-2026-8192 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-05-13 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wl_Pass is directly passed by the attacker/so we can control the EncrypType/wl_Pass results in os command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure. | |||||
| CVE-2026-8191 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-05-13 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This affects the function wifi_region of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2 leads to os command injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure. | |||||
| CVE-2026-8190 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-05-13 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument ppp_username/ppp_passwd/rwan_ip/rwan_mask/rwan_gateway is directly passed by the attacker/so we can control the ppp_username/ppp_passwd/rwan_ip/rwan_mask/rwan_gateway causes os command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure. | |||||
| CVE-2026-8189 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-05-13 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlan_bssid/sel_Automode/sel_EncrypTyp results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure. | |||||
| CVE-2026-8188 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-05-13 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Affected is the function change_wifi_password of the file /cgi-bin/adm.cgi. The manipulation of the argument wl_channel/wl_Pass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure. | |||||
| CVE-2026-31246 | 2026-05-13 | N/A | 6.5 MEDIUM | ||
| GPT-Pilot thru commit 0819827ce20346ef5f25b3fe29293cb448840565 (2025-09-03) contains a command injection vulnerability (CWE-78) in the Executor.run() method. During project execution, when the system prompts the user to confirm or modify a command to be run, it accepts free-text input without proper validation. The user-supplied input is directly passed to asyncio.create_subprocess_shell() for execution. This allows an attacker to replace the intended command with arbitrary shell commands, leading to remote code execution with the privileges of the GPT-Pilot process. | |||||
| CVE-2026-42062 | 2026-05-13 | N/A | 9.8 CRITICAL | ||
| ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required. | |||||
| CVE-2026-35506 | 2026-05-13 | N/A | 7.2 HIGH | ||
| ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of ping_ip_addr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed. | |||||