Total
5161 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-63916 | 2 Luotengyuan, Microsoft | 2 Myscreentools, Windows | 2026-01-16 | 8.1 High |
| MyScreenTools v2.2.1.0 contains a critical OS command injection vulnerability in the GIF compression tool. The application fails to properly sanitize user-supplied file paths before passing them to cmd.exe, allowing attackers to execute arbitrary system commands with the privileges of the user running the application. The vulnerability exists in the CMD() function within GIFSicleTool\Form_gif_sicle_tool.cs, which constructs shell commands by concatenating unsanitized user input (file paths) and executes them via cmd.exe. | ||||
| CVE-2024-58338 | 1 Ateme | 2 Flamingo Xl, Flamingo Xl Firmware | 2026-01-16 | 10 Critical |
| Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the restricted login environment. | ||||
| CVE-2022-50795 | 1 Sound4 | 21 Big Voice2, Big Voice2 Firmware, Big Voice4 and 18 more | 2026-01-16 | 7.8 High |
| SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which triggers the malicious file and then deletes it after execution. | ||||
| CVE-2022-50791 | 1 Sound4 | 21 Big Voice2, Big Voice2 Firmware, Big Voice4 and 18 more | 2026-01-16 | 7.8 High |
| SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the vulnerable ping.php script, which triggers the malicious file and then deletes it. | ||||
| CVE-2022-50789 | 1 Sound4 | 21 Big Voice2, Big Voice2 Firmware, Big Voice4 and 18 more | 2026-01-16 | 7.8 High |
| SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory with .dns.pid extension. Unauthenticated attackers can execute the malicious commands by making a single HTTP POST request to the vulnerable dns.php script, which triggers command execution and then deletes the file. | ||||
| CVE-2026-22781 | 2 Maximmasiutin, Ritlabs | 2 Tinyweb, Tinyweb | 2026-01-16 | 9.8 Critical |
| TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. TinyWeb HTTP Server before version 1.98 is vulnerable to OS command injection via CGI ISINDEX-style query parameters. The query parameters are passed as command-line arguments to the CGI executable via Windows CreateProcess(). An unauthenticated remote attacker can execute arbitrary commands on the server by injecting Windows shell metacharacters into HTTP requests. This vulnerability is fixed in 1.98. | ||||
| CVE-2025-10568 | 2 Hp, Hyperx | 2 Hyperx Ngenuity, Ngenuity | 2026-01-16 | 9.8 Critical |
| HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. HP is releasing updated software to address the potential vulnerability. | ||||
| CVE-2025-43943 | 1 Dell | 1 Cloud Disaster Recovery | 2026-01-16 | 6.7 Medium |
| Dell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. | ||||
| CVE-2025-42892 | 1 Sap | 1 Business Connector | 2026-01-16 | 6.8 Medium |
| Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating system commands. Successful exploitation could lead to full compromise of the system�s confidentiality, integrity, and availability. | ||||
| CVE-2026-22708 | 1 Cursor | 1 Cursor | 2026-01-16 | N/A |
| Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via indirect or direct prompt injection to poison the shell environment by setting, modifying, or removing environment variables that influence trusted commands. This vulnerability is fixed in 2.3. | ||||
| CVE-2025-33206 | 2 Linux, Nvidia | 2 Linux, Nsight Graphics | 2026-01-16 | 7.8 High |
| NVIDIA NSIGHT Graphics for Linux contains a vulnerability where an attacker could cause command injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and denial of service. | ||||
| CVE-2026-23520 | 1 Getarcaneapp | 1 Arcane | 2026-01-16 | 9.1 Critical |
| Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane’s updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to run before or after a container update. The label value is passed directly to /bin/sh -c without sanitization or validation. Because any authenticated user (not limited to administrators) can create projects through the API, an attacker can create a project that specifies one of these lifecycle labels with a malicious command. When an administrator later triggers a container update (either manually or via scheduled update checks), Arcane reads the lifecycle label and executes its value as a shell command inside the container. This vulnerability is fixed in 1.13.0. | ||||
| CVE-2026-22265 | 1 Roxy-wi | 1 Roxy-wi | 2026-01-16 | 7.5 High |
| Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to 8.2.8.2, command injection vulnerability exists in the log viewing functionality that allows authenticated users to execute arbitrary system commands. The vulnerability is in app/modules/roxywi/logs.py line 87, where the grep parameter is used twice - once sanitized and once raw. This vulnerability is fixed in 8.2.8.2. | ||||
| CVE-2025-62193 | 1 Noaa | 1 Live Access Server | 2026-01-16 | 9.8 Critical |
| Sites running NOAA PMEL Live Access Server (LAS) are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of 'gov.noaa.pmel.tmap.las.filter.RequestInputFilter.java' from 2025-09-24. | ||||
| CVE-2026-20759 | 1 Toa Corporation | 1 Trifora 3 Series | 2026-01-16 | N/A |
| OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low("monitoring user") or higher privilege to execute an arbitrary OS command. | ||||
| CVE-2025-7404 | 2 Gelbphoenix, Janeczku | 2 Autocaliweb, Calibre-web | 2026-01-16 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Calibre Web, Autocaliweb allows Blind OS Command Injection.This issue affects Calibre Web: 0.6.24 (Nicolette); Autocaliweb: from 0.7.0 before 0.7.1. | ||||
| CVE-2026-0855 | 2026-01-16 | 8.8 High | ||
| Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device. | ||||
| CVE-2025-15472 | 1 Trendnet | 2 Tew-811dru, Tew-811dru Firmware | 2026-01-15 | 7.2 High |
| A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-60738 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2026-01-15 | 9.8 Critical |
| An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 2025_07_21 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters | ||||
| CVE-2024-50566 | 1 Fortinet | 3 Fortimanager, Fortimanager Cloud, Fortimanagercloud | 2026-01-15 | 7.2 High |
| A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiManager Cloud 7.6.0 through 7.6.1, FortiManager Cloud 7.4.0 through 7.4.4, FortiManager Cloud 7.2.2 through 7.2.7, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.0 through 7.4.5, FortiManager 7.2.1 through 7.2.8 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests. | ||||