Total
5719 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-25593 | 1 Openclaw | 1 Openclaw | 2026-02-13 | N/A | 8.4 HIGH |
| OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. This vulnerability is fixed in 2026.1.20. | |||||
| CVE-2026-25157 | 2 Apple, Openclaw | 2 Macos, Openclaw | 2026-02-13 | N/A | 7.7 HIGH |
| OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescaped path was interpolated directly into an echo statement, allowing arbitrary command execution on the remote SSH host. The parseSSHTarget function did not validate that SSH target strings could not begin with a dash. An attacker-supplied target like -oProxyCommand=... would be interpreted as an SSH configuration flag rather than a hostname, allowing arbitrary command execution on the local machine. This issue has been patched in version 2026.1.29. | |||||
| CVE-2026-24763 | 1 Openclaw | 1 Openclaw | 2026-02-13 | N/A | 8.8 HIGH |
| OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices. Prior to 2026.1.29, a command injection vulnerability existed in OpenClaw’s Docker sandbox execution mechanism due to unsafe handling of the PATH environment variable when constructing shell commands. An authenticated user able to control environment variables could influence command execution within the container context. This vulnerability is fixed in 2026.1.29. | |||||
| CVE-2024-56808 | 1 Qnap | 1 Media Streaming Add-on | 2026-02-12 | N/A | 7.8 HIGH |
| A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later | |||||
| CVE-2025-64091 | 1 Zenitel | 2 Tcis-3, Tcis-3 Firmware | 2026-02-12 | N/A | 8.6 HIGH |
| This vulnerability allows authenticated attackers to execute commands via the NTP-configuration of the device. | |||||
| CVE-2026-2260 | 1 Dlink | 2 Dcs-931l, Dcs-931l Firmware | 2026-02-12 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-56590 | 1 Apryse | 1 Html2pdf | 2026-02-12 | N/A | 9.8 CRITICAL |
| An issue was discovered in the InsertFromURL() function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server. | |||||
| CVE-2025-56083 | 1 Ruijie | 9 Reyee Os, Rg-eap602, Rg-eap602 Firmware and 6 more | 2026-02-11 | N/A | 8.8 HIGH |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_networkId_merge.lua. | |||||
| CVE-2025-56084 | 1 Ruijie | 9 Reyee Os, Rg-eap602, Rg-eap602 Firmware and 6 more | 2026-02-11 | N/A | 8.8 HIGH |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | |||||
| CVE-2025-56099 | 1 Ruijie | 9 Reyee Os, Rg-eap602, Rg-eap602 Firmware and 6 more | 2026-02-11 | N/A | 8.8 HIGH |
| OS Command Injection vulnerability in Ruijie RG-YST AP_3.0(1)B11P280YST250F allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua. | |||||
| CVE-2025-56113 | 1 Ruijie | 9 Reyee Os, Rg-eap602, Rg-eap602 Firmware and 6 more | 2026-02-11 | N/A | 8.8 HIGH |
| OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP_3.0(1)B11P280YST250F V1.xxV2.xx allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua. | |||||
| CVE-2025-67264 | 1 Doogee | 6 Note59, Note59 Firmware, Note59 Pro and 3 more | 2026-02-11 | N/A | 7.8 HIGH |
| An OS command injection vulnerability in the com.sprd.engineermode component in Doogee Note59, Note59 Pro, and Note59 Pro+ allows a local attacker to execute arbitrary code and escalate privileges via the EngineerMode ADB shell, due to incomplete patching of CVE-2025-31710 | |||||
| CVE-2026-25512 | 1 Group-office | 1 Group Office | 2026-02-11 | N/A | 8.8 HIGH |
| Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, there is a remote code execution (RCE) vulnerability in Group-Office. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmp_file into an exec() call. By injecting shell metacharacters into tmp_file, an authenticated attacker can execute arbitrary system commands on the server. This issue has been patched in versions 6.8.150, 25.0.82, and 26.0.5. | |||||
| CVE-2026-25643 | 1 Frigate | 1 Frigate | 2026-02-11 | N/A | 9.1 CRITICAL |
| Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution (RCE) vulnerability has been identified in the Frigate integration with go2rtc. The application does not sanitize user input in the video stream configuration (config.yaml), allowing direct injection of system commands via the exec: directive. The go2rtc service executes these commands without restrictions. This vulnerability is only exploitable by an administrator or users who have exposed their Frigate install to the open internet with no authentication which allows anyone full administrative control. This vulnerability is fixed in 0.16.4. | |||||
| CVE-2026-2120 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2026-02-11 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/set_server_settings of the component Configuration Parameter Handler. The manipulation of the argument terminal_addr/server_ip/server_port leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. | |||||
| CVE-2026-2129 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2026-02-11 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/set_ac_status. Performing a manipulation of the argument ac_ipaddr/ac_ipstatus/ap_randtime results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used. | |||||
| CVE-2026-2151 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2026-02-11 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file adv_firewall.php of the component DMZ Host Feature. Such manipulation of the argument dmz_ipaddr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-2152 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2026-02-11 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file adv_routing.php of the component Web Configuration Interface. Performing a manipulation of the argument dest_ip/ submask/ gw results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-2155 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2026-02-11 | 8.3 HIGH | 7.2 HIGH |
| A security flaw has been discovered in D-Link DIR-823X 250416. The affected element is the function sub_4208A0 of the file /goform/set_dmz of the component Configuration Handler. The manipulation of the argument dmz_host/dmz_enable results in os command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-2157 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2026-02-11 | 8.3 HIGH | 7.2 HIGH |
| A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub_4175CC of the file /goform/set_static_route_table. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. | |||||