Total
343 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-2298 | 2026-03-24 | N/A | 9.4 CRITICAL | ||
| Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 30th, 2026. | |||||
| CVE-2026-29608 | 1 Openclaw | 1 Openclaw | 2026-03-19 | N/A | 6.7 MEDIUM |
| OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text. | |||||
| CVE-2026-22168 | 1 Openclaw | 1 Openclaw | 2026-03-19 | N/A | 6.5 MEDIUM |
| OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle malicious arguments through cmd.exe /c to achieve local command execution on trusted Windows nodes with mismatched audit logs. | |||||
| CVE-2026-25689 | 1 Fortinet | 1 Fortideceptor | 2026-03-13 | N/A | 6.5 MEDIUM |
| An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.2.0, FortiDeceptor 6.0 all versions, FortiDeceptor 5.3 all versions, FortiDeceptor 5.2 all versions, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions, FortiDeceptor 4.3 all versions, FortiDeceptor 4.2 all versions, FortiDeceptor 4.1 all versions, FortiDeceptor 4.0 all versions may allow a privileged attacker with super-admin profile and CLI access to delete sensitive files via crafted HTTP requests. | |||||
| CVE-2025-41761 | 1 Mbs-solutions | 4 Ubr-01 Mk Ii, Ubr-02, Ubr-lon and 1 more | 2026-03-11 | N/A | 7.8 HIGH |
| A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and ip) with sudo. | |||||
| CVE-2024-47553 | 1 Siemens | 1 Sinec Security Monitor | 2026-03-10 | N/A | 9.9 CRITICAL |
| A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the ```ssmctl-client``` command. This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS. | |||||
| CVE-2025-15315 | 1 Tanium | 2 Module Server, Server | 2026-03-09 | N/A | 6.7 MEDIUM |
| Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. | |||||
| CVE-2025-15316 | 1 Tanium | 2 Module Server, Server | 2026-03-09 | N/A | 6.7 MEDIUM |
| Tanium addressed a local privilege escalation vulnerability in Tanium Server. | |||||
| CVE-2022-37005 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2026-03-06 | N/A | 7.5 HIGH |
| The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2026-26194 | 1 Gogs | 1 Gogs | 2026-03-06 | N/A | 7.3 HIGH |
| Gogs is an open source self-hosted Git service. Prior to version 0.14.2, there's a security issue in gogs where deleting a release can fail if a user controlled tag name is passed to git without the right separator, this lets git options get injected and mess with the process. This issue has been patched in version 0.14.2. | |||||
| CVE-2026-20063 | 2026-03-05 | N/A | 6.0 MEDIUM | ||
| A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This vulnerability is due to insufficient input validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input for a specific CLI command. A successful exploit could allow the attacker to execute commands on the underlying operating system as root. | |||||
| CVE-2026-20016 | 2026-03-05 | N/A | 6.0 MEDIUM | ||
| A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This vulnerability is due to insufficient input validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input for specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. | |||||
| CVE-2026-26514 | 1 Xddxdd | 1 Bird-lg-go | 2026-03-05 | N/A | 7.5 HIGH |
| An Argument Injection vulnerability exists in bird-lg-go before commit 6187a4e. The traceroute module uses shlex.Split to parse user input without validation, allowing remote attackers to inject arbitrary flags (e.g., -w, -q) via the q parameter. This can be exploited to cause a Denial of Service (DoS) by exhausting system resources. | |||||
| CVE-2026-27947 | 1 Intermesh | 1 Group-office | 2026-03-04 | N/A | 8.8 HIGH |
| Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.9, 25.0.87, and 6.8.154 have an authenticated Remote Code Execution vulnerability in the TNEF attachment processing flow. The vulnerable path extracts attacker-controlled files from `winmail.dat` and then invokes `zip` with a shell wildcard (`*`). Because extracted filenames are attacker-controlled, they can be interpreted as `zip` options and lead to arbitrary command execution. Versions 26.0.9, 25.0.87, and 6.8.154 fix the issue. | |||||
| CVE-2026-27613 | 1 Ritlabs | 1 Tinyweb | 2026-03-04 | N/A | 9.8 CRITICAL |
| TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. A vulnerability in versions prior to 2.01 allows unauthenticated remote attackers to bypass the web server's CGI parameter security controls. Depending on the server configuration and the specific CGI executable in use, the impact is either source code disclosure or remote code execution (RCE). Anyone hosting CGI scripts (particularly interpreted languages like PHP) using vulnerable versions of TinyWeb is impacted. The problem has been patched in version 2.01. If upgrading is not immediately possible, ensure `STRICT_CGI_PARAMS` is enabled (it is defined by default in `define.inc`) and/or do not use CGI executables that natively accept dangerous command-line flags (such as `php-cgi.exe`). If hosting PHP, consider placing the server behind a Web Application Firewall (WAF) that explicitly blocks URL query string parameters that begin with a hyphen (`-`) or contain encoded double quotes (`%22`). | |||||
| CVE-2026-27208 | 1 Bleon-ethical | 1 Api-gateway-deploy | 2026-02-26 | N/A | 9.2 CRITICAL |
| bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to execute arbitrary commands with root privileges within the container, potentially leading to a container escape and unauthorized infrastructure modifications. This is fixed in version 1.0.1 by implementing strict input sanitization and secure delimiters in entrypoint.sh, enforcing a non-root user (appuser) in the Dockerfile, and establishing mandatory security quality gates. | |||||
| CVE-2025-70327 | 1 Totolink | 2 X5000r, X5000r Firmware | 2026-02-26 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen (-). This allows remote authenticated attackers to inject arbitrary command-line options into the ping utility, potentially leading to a Denial of Service (DoS) by causing excessive resource consumption or prolonged execution. | |||||
| CVE-2026-24126 | 1 Weblate | 1 Weblate | 2026-02-19 | N/A | 6.6 MEDIUM |
| Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to `ssh-add`. Version 5.16.0 fixes the issue. As a workaround, properly limit access to the management console. | |||||
| CVE-2026-25134 | 1 Group-office | 1 Group Office | 2026-02-18 | N/A | 8.8 HIGH |
| Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5, the MaintenanceController exposes an action zipLanguage which takes a lang parameter and passes it directly to a system zip command via exec(). This can be combined with uploading a crafted zip file to achieve remote code execution. This vulnerability is fixed in 6.8.150, 25.0.82, and 26.0.5. | |||||
| CVE-2026-22582 | 1 Salesforce | 1 Marketing Cloud Engagement | 2026-02-12 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (MicrositeUrl module) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026. | |||||