Total
3024 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21520 | 1 Microsoft | 1 Copilot Studio | 2026-01-23 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector | ||||
| CVE-2024-39563 | 1 Juniper | 1 Junos Space | 2026-01-23 | 7.3 High |
| A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request to execute arbitrary shell commands on the Junos Space Appliance, leading to remote command execution by the web application, gaining complete control of the device. A specific script in the Junos Space web application allows attacker-controlled input from a GET request without sufficient input sanitization. A specially crafted request can exploit this vulnerability to execute arbitrary shell commands on the Junos Space Appliance. This issue affects Junos Space 24.1R1. Previous versions of Junos Space are unaffected by this vulnerability. | ||||
| CVE-2026-24132 | 1 Orval-labs | 1 Orval | 2026-01-23 | N/A |
| Orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification. Versions 7.19.0 and below and 8.0.0-rc.0 through 8.0.2 allow untrusted OpenAPI specifications to inject arbitrary TypeScript/JavaScript into generated mock files via the const keyword on schema properties. These const values are interpolated into the mock scalar generator (getMockScalar in packages/mock/src/faker/getters/scalar.ts) without proper escaping or type-safe serialization, which results in attacker-controlled code being emitted into both interface definitions and faker/MSW handlers. The vulnerability is similar in impact to the previously reported enum x-enumDescriptions (GHSA-h526-wf6g-67jv), but it affects a different code path in the faker-based mock generator rather than @orval/core. The issue has been fixed in versions 7.20.0 and 8.0.3. | ||||
| CVE-2026-1324 | 1 Sangfor | 1 Operation And Maintenance Security Management System | 2026-01-23 | 8.8 High |
| A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os command injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-1326 | 1 Totolink | 1 Nr1800x | 2026-01-23 | 6.3 Medium |
| A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-1327 | 1 Totolink | 1 Nr1800x | 2026-01-23 | 6.3 Medium |
| A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-37176 | 3 Arubanetworks, Hp, Hpe | 3 Arubaos, Arubaos, Arubaos | 2026-01-23 | 6.5 Medium |
| A command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations. Successful exploit could allow an authenticated malicious actor to execute commands with the privileges of the impacted mechanism. | ||||
| CVE-2025-56425 | 1 Optimal-systems | 1 Enaio | 2026-01-23 | 9.1 Critical |
| An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earlier of enaio 11.10. The vulnerability allows authenticated remote attackers to inject arbitrary SMTP commands via crafted input to the /osrest/api/organization/sendmail endpoint | ||||
| CVE-2025-15500 | 1 Sangfor | 2 Operation And Maintenance Management System, Operation And Maintenance Security Management System | 2026-01-22 | 9.8 Critical |
| A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15499 | 1 Sangfor | 2 Operation And Maintenance Management System, Operation And Maintenance Security Management System | 2026-01-22 | 8.8 High |
| A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. This vulnerability affects the function uploadCN of the file VersionController.java. The manipulation of the argument filename leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-66715 | 1 Axtion | 1 Odis | 2026-01-22 | 6.5 Medium |
| A DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary code via a crafted DLL file. | ||||
| CVE-2025-67397 | 1 Passy | 1 Passy | 2026-01-22 | 9.1 Critical |
| An issue in Passy v.1.6.3 allows a remote authenticated attacker to execute arbitrary commands via a crafted HTTP request using a specific payload injection. | ||||
| CVE-2025-70161 | 1 Edimax | 3 Br-6208ac, Br-6208ac Firmware, Br-6208ac V2 | 2026-01-22 | 9.8 Critical |
| EDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system() function without proper sanitization. An attacker can exploit this by injecting malicious commands into the pppUserName field, allowing arbitrary code execution. | ||||
| CVE-2025-15502 | 1 Sangfor | 1 Operation And Maintenance Security Management System | 2026-01-22 | 7.3 High |
| A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.8. The affected element is the function SessionController of the file /isomp-protocol/protocol/session. Such manipulation of the argument Hostname leads to os command injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15501 | 1 Sangfor | 1 Operation And Maintenance Security Management System | 2026-01-22 | 9.8 Critical |
| A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. Impacted is the function WriterHandle.getCmd of the file /isomp-protocol/protocol/getCmd. This manipulation of the argument sessionPath causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-0641 | 1 Totolink | 2 Wa300, Wa300 Firmware | 2026-01-22 | 6.3 Medium |
| A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerability affects the function sub_401510 of the file cstecgi.cgi. The manipulation of the argument UPLOAD_FILENAME leads to command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-22688 | 1 Tencent | 1 Weknora | 2026-01-22 | 10 Critical |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, there is a command injection vulnerability that allows authenticated users to inject stdio_config.command/args into MCP stdio settings, causing the server to execute subprocesses using these injected values. This issue has been patched in version 0.2.5. | ||||
| CVE-2021-43113 | 2 Debian, Itextpdf | 2 Debian Linux, Itext | 2026-01-22 | 9.8 Critical |
| iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs (aka Ghostscript) command line in GhostscriptHelper.java. | ||||
| CVE-2025-15367 | 1 Python | 1 Cpython | 2026-01-22 | 7.1 High |
| The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters. | ||||
| CVE-2025-15366 | 1 Python | 1 Cpython | 2026-01-22 | 7.1 High |
| The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters. | ||||