Total
5046 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54074 | 1 Cherry-ai | 1 Cherry Studio | 2025-12-02 | 9.8 Critical |
| Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP server in HTTP Streamable mode. Attackers can setup a malicious MCP server with compatible OAuth authorization server endpoints and trick victims into connecting it, leading to OS command injection in vulnerable clients. This issue has been patched in version 1.5.2. | ||||
| CVE-2025-66401 | 1 Mcp-watch Project | 1 Mcp-watch | 2025-12-02 | 9.8 Critical |
| MCP Watch is a comprehensive security scanner for Model Context Protocol (MCP) servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL. | ||||
| CVE-2025-12763 | 2 Microsoft, Pgadmin | 2 Windows, Pgadmin 4 | 2025-12-01 | 6.8 Medium |
| pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True during backup and restore operations, enabling attackers to execute arbitrary system commands by providing specially crafted file path input. | ||||
| CVE-2025-54382 | 1 Cherry-ai | 1 Cherry Studio | 2025-12-01 | 9.7 Critical |
| Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution (RCE) vulnerability exists in the Cherry Studio platform when connecting to streamableHttp MCP servers. The issue arises from the server’s implicit trust in the oauth auth redirection endpoints and failure to properly sanitize the URL. This issue has been patched in version 1.5.2. | ||||
| CVE-2025-35028 | 1 Hexstrike-ai Project | 1 Hexstrike-ai | 2025-12-01 | 9.1 Critical |
| By providing a command-line argument starting with a semi-colon ; to an API endpoint created by the EnhancedCommandExecutor class of the HexStrike AI MCP server, the resultant composed command is executed directly in the context of the MCP server’s normal privilege; typically, this is root. There is no attempt to sanitize these arguments in the default configuration of this MCP server at the affected version (as of commit 2f3a5512 in September of 2025). | ||||
| CVE-2025-34147 | 1 Shenzhen Aitemi | 1 M300 Wifi Repeater | 2025-12-01 | N/A |
| An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). When configuring the device in Extender mode via its captive portal, the extap2g SSID field is inserted unescaped into a reboot-time shell script. This allows remote attackers within Wi-Fi range to inject arbitrary shell commands that execute as root during device reboot, leading to full system compromise. | ||||
| CVE-2025-64127 | 1 Zenitel | 1 Tciv-3+ | 2025-12-01 | 10 Critical |
| An OS command injection vulnerability exists due to insufficient sanitization of user-supplied input. The application accepts parameters that are later incorporated into OS commands without adequate validation. This could allow an unauthenticated attacker to execute arbitrary commands remotely. | ||||
| CVE-2025-64126 | 1 Zenitel | 1 Tciv-3+ | 2025-12-01 | 10 Critical |
| An OS command injection vulnerability exists due to improper input validation. The application accepts a parameter directly from user input without verifying it is a valid IP address or filtering potentially malicious characters. This could allow an unauthenticated attacker to inject arbitrary commands. | ||||
| CVE-2025-62354 | 1 Cursor | 1 Cursor | 2025-12-01 | 9.8 Critical |
| Improper neutralization of special elements used in an OS command ('command injection') in Cursor allows an unauthorized attacker to execute commands that are outside of those specified in the allowlist, resulting in arbitrary code execution. | ||||
| CVE-2025-64128 | 1 Zenitel | 1 Tciv-3+ | 2025-12-01 | 10 Critical |
| An OS command injection vulnerability exists due to incomplete validation of user-supplied input. Validation fails to enforce sufficient formatting rules, which could permit attackers to append arbitrary data. This could allow an unauthenticated attacker to inject arbitrary commands. | ||||
| CVE-2025-34033 | 1 5vtechnologies | 1 Blue Angel Software Suite | 2025-11-29 | 8.8 High |
| An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the ping_addr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can inject arbitrary commands by appending shell metacharacters to the ping_addr parameter in a crafted GET request to /cgi-bin/webctrl.cgi?action=pingtest_update. The command's output is reflected in the application's web interface, enabling attackers to view results directly. Default and backdoor credentials can be used to access the interface and exploit the issue. Successful exploitation results in arbitrary command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-26 UTC. | ||||
| CVE-2018-25120 | 2 D-link, Dlink | 3 Dns-343, Dns-343, Dns-343 Firmware | 2025-11-28 | 9.8 Critical |
| D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a command injection vulnerability in the Mail Test functionality. The web maintenance script posts to the internal goForm endpoint '/goform/Mail_Test' and uses several form parameters directly in a call to a system email utility without proper input validation. An unauthenticated remote attacker can supply crafted form data that injects shell commands, resulting in execution as root on the device. NOTE: The DNS-343 product line has been declared end-of-life. | ||||
| CVE-2022-50596 | 1 Dlink | 2 Dir-1260, Dir-1260 Firmware | 2025-11-28 | 9.8 Critical |
| D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injection vulnerability within the web management interface that allows for unauthenticated attackers to execute arbitrary commands on the device with root privileges. The flaw specifically exists within the SetDest/Dest/Target arguments to the GetDeviceSettings form. The management interface is accessible over HTTP and HTTPS on the local and Wi-Fi networks and optionally from the Internet. | ||||
| CVE-2025-34113 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-11-28 | N/A |
| An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4 LTS, ≤9.10 LTS, and ≤6.14 via the `viewmode` GET parameter in `tiki-calendar.php`. When the calendar module is enabled and an authenticated user has permission to access it, an attacker can inject and execute arbitrary PHP code. Successful exploitation leads to remote code execution in the context of the web server user. | ||||
| CVE-2023-30805 | 1 Sangfor | 1 Next-gen Application Firewall | 2025-11-28 | 9.8 Critical |
| The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is due to mishandling of shell meta-characters in the "un" parameter. | ||||
| CVE-2025-34186 | 1 Ilevia | 3 Eve X1 Server, Eve X1 Server Firmware, Eve X5 Server | 2025-11-28 | 9.8 Critical |
| Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system. | ||||
| CVE-2025-34187 | 1 Ilevia | 3 Eve X1 Server, Eve X1 Server Firmware, Eve X5 Server | 2025-11-28 | 8.8 High |
| Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads. Execution with sudo grants full root access, resulting in remote privilege escalation and potential system compromise. | ||||
| CVE-2025-34184 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2025-11-28 | 9.8 Critical |
| Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Remote attackers can execute arbitrary system commands by injecting payloads into the 'passwd' HTTP POST parameter, leading to full system compromise or denial of service. | ||||
| CVE-2025-34514 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2025-11-28 | 8.8 High |
| Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain authenticated OS command injection vulnerabilities in multiple web-accessible PHP scripts that call exec() and allow an authenticated attacker to execute arbitrary commands. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet. | ||||
| CVE-2025-34513 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2025-11-28 | 9.8 Critical |
| Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection vulnerability in mbus_build_from_csv.php that allows an unauthenticated attacker to execute arbitrary code. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet. | ||||