Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8189 |
|
Command Injection in CVE-2026-8189 (CVE-2026-8189)
command injection in CVE-2026-8189 (CVE-2026-8189). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8188 |
|
Command Injection in CVE-2026-8188 (CVE-2026-8188)
command injection in CVE-2026-8188 (CVE-2026-8188). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44656 |
|
OS Command Injection in CVE-2026-44656 (CVE-2026-44656)
OS command injection in CVE-2026-44656 (CVE-2026-44656). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42454 |
|
OS Command Injection in docker (CVE-2026-42454)
OS command injection in docker (CVE-2026-42454). Successful exploitation can lead to full system takeover. Exploitable via `GET /docker/containers/`.
|
| CVE-2026-42307 |
|
OS Command Injection in CVE-2026-42307 (CVE-2026-42307)
OS command injection in CVE-2026-42307 (CVE-2026-42307). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41497 |
|
Command Injection in praison (CVE-2026-41497)
command injection in praison (CVE-2026-41497). Successful exploitation can lead to full system takeover. Exploitable via ``bash``. Mitigation: upgrade to `>= 4.6.9` or later.
|
| CVE-2022-50994 |
|
OS Command Injection in CVE-2022-50994 (CVE-2022-50994)
OS command injection in CVE-2022-50994 (CVE-2022-50994). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8153 |
|
OS Command Injection in iot-embedded (CVE-2026-8153)
OS command injection in iot-embedded (CVE-2026-8153). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67888 |
|
OS Command Injection in CVE-2025-67888 (CVE-2025-67888)
OS command injection in CVE-2025-67888 (CVE-2025-67888). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-51092 |
|
OS Command Injection in command-injection (CVE-2024-51092)
OS command injection in command-injection (CVE-2024-51092). Confidential information can be exposed externally. Exploitable via ``version_netsnmp``.
|
| CVE-2022-45899 |
|
OS Command Injection in CVE-2022-45899 (CVE-2022-45899)
OS command injection in CVE-2022-45899 (CVE-2022-45899). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43943 |
|
OS Command Injection in electerm (CVE-2026-43943)
OS command injection in electerm (CVE-2026-43943). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.9` or later.
|
| CVE-2026-42271 |
|
Command Injection in litellm (CVE-2026-42271)
command injection in litellm (CVE-2026-42271). Successful exploitation can lead to full system takeover. Exploitable via `POST /mcp-rest/test/connection`.
|
| CVE-2026-41900 |
|
OS Command Injection in CVE-2026-41900 (CVE-2026-41900)
OS command injection in CVE-2026-41900 (CVE-2026-41900). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8112 |
|
Command Injection in CVE-2026-8112 (CVE-2026-8112)
command injection in CVE-2026-8112 (CVE-2026-8112). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42215 |
|
OS Command Injection in GitPython (CVE-2026-42215)
OS command injection in GitPython (CVE-2026-42215). Successful exploitation can lead to full system takeover. Exploitable via ``upload_pack``. Mitigation: upgrade to `3.1.47` or later.
|
| CVE-2025-63705 |
|
OS Command Injection in CVE-2025-63705 (CVE-2025-63705)
OS command injection in CVE-2025-63705 (CVE-2025-63705). Successful exploitation can lead to full system takeover.
|
| CVE-2025-9661 |
|
OS Command Injection in hitachi (CVE-2025-9661)
OS command injection in hitachi (CVE-2025-9661). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35074 |
|
OS Command Injection in dell (CVE-2026-35074)
OS command injection in dell (CVE-2026-35074). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35073 |
|
OS Command Injection in dell (CVE-2026-35073)
OS command injection in dell (CVE-2026-35073). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35072 |
|
OS Command Injection in dell (CVE-2026-35072)
OS command injection in dell (CVE-2026-35072). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25108 KEV |
|
[KEV] OS Command Injection in Soliton systems k.k soliton-systems-kk (CVE-2026-25108)
OS command injection in Soliton systems k.k soliton-systems-kk (CVE-2026-25108). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-1731 KEV |
|
[KEV] OS Command Injection in Beyondtrust remote-support-rs-and-privileged-remote-access-pra (CVE-2026-1731)
OS command injection in Beyondtrust remote-support-rs-and-privileged-remote-access-pra (CVE-2026-1731). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-11953 KEV |
|
[KEV] OS Command Injection in React native community react-native-community (CVE-2025-11953)
OS command injection in React native community react-native-community (CVE-2025-11953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-64328 KEV |
|
[KEV] OS Command Injection in Sangoma freepbx (CVE-2025-64328)
OS command injection in Sangoma freepbx (CVE-2025-64328). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-66644 KEV |
|
[KEV] OS Command Injection in Array networks array-networks (CVE-2025-66644)
OS command injection in Array networks array-networks (CVE-2025-66644). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-58034 KEV |
|
[KEV] OS Command Injection in Fortinet fortiweb (CVE-2025-58034)
OS command injection in Fortinet fortiweb (CVE-2025-58034). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-48703 KEV |
|
[KEV] OS Command Injection in Cwp control-web-panel (CVE-2025-48703)
OS command injection in Cwp control-web-panel (CVE-2025-48703). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-6278 KEV |
|
[KEV] OS Command Injection in gnu (CVE-2014-6278)
OS command injection in gnu (CVE-2014-6278). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-9377 KEV |
|
[KEV] OS Command Injection in Tp-link multiple-routers (CVE-2025-9377)
OS command injection in Tp-link multiple-routers (CVE-2025-9377). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-54948 KEV |
|
[KEV] OS Command Injection in Trend micro trend-micro (CVE-2025-54948)
OS command injection in Trend micro trend-micro (CVE-2025-54948). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-39780 KEV |
|
[KEV] OS Command Injection in Asus rt-ax55-routers (CVE-2023-39780)
OS command injection in Asus rt-ax55-routers (CVE-2023-39780). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-12987 KEV |
|
[KEV] OS Command Injection in Draytek vigor-routers (CVE-2024-12987)
OS command injection in Draytek vigor-routers (CVE-2024-12987). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-11120 KEV |
|
[KEV] OS Command Injection in Geovision multiple-devices (CVE-2024-11120)
OS command injection in Geovision multiple-devices (CVE-2024-11120). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-6047 KEV |
|
[KEV] OS Command Injection in Geovision multiple-devices (CVE-2024-6047)
OS command injection in Geovision multiple-devices (CVE-2024-6047). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-44221 KEV |
|
[KEV] OS Command Injection in Sonicwall sma100-appliances (CVE-2023-44221)
OS command injection in Sonicwall sma100-appliances (CVE-2023-44221). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-20035 KEV |
|
[KEV] OS Command Injection in Sonicwall sma100-appliances (CVE-2021-20035)
OS command injection in Sonicwall sma100-appliances (CVE-2021-20035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-1316 KEV |
|
[KEV] OS Command Injection in Edimax ic-7100-ip-camera (CVE-2025-1316)
OS command injection in Edimax ic-7100-ip-camera (CVE-2025-1316). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-40891 KEV |
|
[KEV] OS Command Injection in Zyxel dsl-cpe-devices (CVE-2024-40891)
OS command injection in Zyxel dsl-cpe-devices (CVE-2024-40891). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-40890 KEV |
|
[KEV] OS Command Injection in Zyxel dsl-cpe-devices (CVE-2024-40890)
OS command injection in Zyxel dsl-cpe-devices (CVE-2024-40890). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-9276 KEV |
|
[KEV] OS Command Injection in Paessler prtg-network-monitor (CVE-2018-9276)
OS command injection in Paessler prtg-network-monitor (CVE-2018-9276). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-50603 KEV |
|
[KEV] OS Command Injection in Aviatrix controllers (CVE-2024-50603)
OS command injection in Aviatrix controllers (CVE-2024-50603). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-12686 KEV |
|
[KEV] OS Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12686)
OS command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12686). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-14933 KEV |
|
[KEV] OS Command Injection in Nuuo nvrmini-devices (CVE-2018-14933)
OS command injection in Nuuo nvrmini-devices (CVE-2018-14933). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40407 KEV |
|
[KEV] OS Command Injection in Reolink rlc-410w-ip-camera (CVE-2021-40407)
OS command injection in Reolink rlc-410w-ip-camera (CVE-2021-40407). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-11001 KEV |
|
[KEV] OS Command Injection in Reolink multiple-ip-cameras (CVE-2019-11001)
OS command injection in Reolink multiple-ip-cameras (CVE-2019-11001). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-1212 KEV |
|
[KEV] OS Command Injection in Progress kemp-loadmaster (CVE-2024-1212)
OS command injection in Progress kemp-loadmaster (CVE-2024-1212). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-9463 KEV |
|
[KEV] OS Command Injection in Palo alto networks palo-alto-networks (CVE-2024-9463)
OS command injection in Palo alto networks palo-alto-networks (CVE-2024-9463). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-8957 KEV |
|
[KEV] OS Command Injection in Ptzoptics pt30x-sdindi-cameras (CVE-2024-8957)
OS command injection in Ptzoptics pt30x-sdindi-cameras (CVE-2024-8957). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-15415 KEV |
|
[KEV] OS Command Injection in Draytek multiple-vigor-routers (CVE-2020-15415)
OS command injection in Draytek multiple-vigor-routers (CVE-2020-15415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|