Monthly
Command injection in Zed code editor versions prior to 0.229.0 allows bypass of the terminal tool's permission allowlist through bash arithmetic expansion syntax $((...)) nested inside permitted commands like echo. Because Zed is increasingly used with AI agent workflows that execute shell commands on behalf of the user, the bypass effectively neutralizes the safety boundary intended to gate dangerous operations. No public exploit identified at time of analysis, but the GitHub Security Advisory GHSA-c99f-97vf-4h5h provides sufficient detail for a working PoC to be reconstructed.
Remote code execution in Zed code editor versions prior to 0.227.1 occurs when a user opens a folder containing a malicious .git/config file that abuses the core.fsmonitor Git configuration option. The flaw triggers even in untrusted mode, defeating the safety boundary users expect when opening unknown repositories, and no public exploit has been identified at time of analysis though the advisory is published by the vendor.
Remote command execution in Zed code editor versions prior to 0.227.1 occurs when opening SSH or WSL remote terminals because environment variable keys are passed into a shell command string without quoting or validation. An attacker who can influence project terminal settings (for example, through a shared or malicious project) can embed shell expansions such as $(...) into env var keys, achieving arbitrary command execution on the remote host as the victim user when they open a terminal. No public exploit identified at time of analysis, but the issue is fixed in Zed 0.227.1.
Command injection in the rpmuncompress utility of RPM allows local attackers to execute arbitrary commands when a victim extracts a maliciously crafted ZIP, 7z, or GEM archive whose top-level folder name contains shell metacharacters. The flaw affects Red Hat Enterprise Linux 6 through 10 and downstream products including OpenShift Container Platform 4, Satellite 6, Red Hat Hardened Images, and Quarkus Native Builder. No public exploit identified at time of analysis, and the issue requires user interaction with an attacker-supplied archive, but successful exploitation yields full code execution under the extracting user's identity.
Arbitrary OS command execution in Microsoft's UFO intelligent-automation framework (tagged releases up to and including v3.0.0) lets a local, low-privileged attacker who can write or modify a per-session action JSON record plant a malicious shell action that is executed via PowerShell when the session is resumed or replayed. The injected command runs with the privileges of the UFO process user, yielding full confidentiality, integrity, and availability impact (CVSS 7.8, CWE-78). There is no public exploit identified at time of analysis, and no EPSS or CISA KEV data was supplied to gauge exploitation likelihood.
Local privilege escalation via OS command injection in pam_usb before 0.8.7 lets a low-privileged local user execute arbitrary commands as root. The flaw lives in src/tmux.c, which reads the attacker-controllable $TMUX environment variable and interpolates its socket-path component, unsanitised, inside a double-quoted string passed to popen(); a value containing a double-quote breaks out of the quoting and injects shell syntax that runs in the root-context PAM stack. No public exploit identified at time of analysis, and no EPSS or CISA KEV data was supplied, but the CVSS 8.8 (scope-changed) rating reflects straightforward, low-complexity root compromise.
Root command injection in pam_usb prior to 0.8.7 lets a local high-privileged user - or an attacker who can present a removable device with an attacker-chosen filesystem UUID - embed shell metacharacters (e.g. $(id>/tmp/rce)) that execute as root when an administrator runs pamusb-conf --reset-pads. A second injection path passes the userName value from the XML configuration directly to os.system() in pamusb-agent. No public exploit identified at time of analysis; the issue is fixed in 0.8.7.
Local privilege escalation in pam_usb prior to 0.8.7 lets a low-privileged user gain the elevated privileges of the pam_usb tool chain by abusing the pamusb-pinentry helper. The helper trusts the PINENTRY_FALLBACK_APP environment variable and executes its value directly, so any process able to set that variable before pamusb-pinentry runs can have an arbitrary binary executed. There is no public exploit identified at time of analysis, and the issue is fixed in version 0.8.7; the GitHub Security Advisory (GHSA-jxrj-q67x-wr4c) is the sole reference.
Unauthorized OS command execution in Tanium Connect allows an attacker holding low-privilege authenticated access to run arbitrary commands on the host, achieving full compromise of confidentiality, integrity, and availability. The CVSS 8.8 (network vector, low complexity, low privileges, no user interaction) reflects an authenticated remote code execution issue rooted in command injection (CWE-78). No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV; EPSS data was not provided.
Command injection in the Sherlock username-hunting tool's CI/CD pipeline (versions prior to 0.16.1) allows any GitHub user to run arbitrary commands on the project's GitHub Actions runner. The flaw lives in the validate_modified_targets.yml workflow, which uses the dangerous pull_request_target trigger; simply opening a pull request executes attacker-controlled code with no approval, review, or merge required. Fixed in 0.16.1; with a CVSS of 9.3 it is a high-severity supply-chain issue, though no public exploit was identified at time of analysis and the technique class is well documented.
Command injection in Zed code editor versions prior to 0.229.0 allows bypass of the terminal tool's permission allowlist through bash arithmetic expansion syntax $((...)) nested inside permitted commands like echo. Because Zed is increasingly used with AI agent workflows that execute shell commands on behalf of the user, the bypass effectively neutralizes the safety boundary intended to gate dangerous operations. No public exploit identified at time of analysis, but the GitHub Security Advisory GHSA-c99f-97vf-4h5h provides sufficient detail for a working PoC to be reconstructed.
Remote code execution in Zed code editor versions prior to 0.227.1 occurs when a user opens a folder containing a malicious .git/config file that abuses the core.fsmonitor Git configuration option. The flaw triggers even in untrusted mode, defeating the safety boundary users expect when opening unknown repositories, and no public exploit has been identified at time of analysis though the advisory is published by the vendor.
Remote command execution in Zed code editor versions prior to 0.227.1 occurs when opening SSH or WSL remote terminals because environment variable keys are passed into a shell command string without quoting or validation. An attacker who can influence project terminal settings (for example, through a shared or malicious project) can embed shell expansions such as $(...) into env var keys, achieving arbitrary command execution on the remote host as the victim user when they open a terminal. No public exploit identified at time of analysis, but the issue is fixed in Zed 0.227.1.
Command injection in the rpmuncompress utility of RPM allows local attackers to execute arbitrary commands when a victim extracts a maliciously crafted ZIP, 7z, or GEM archive whose top-level folder name contains shell metacharacters. The flaw affects Red Hat Enterprise Linux 6 through 10 and downstream products including OpenShift Container Platform 4, Satellite 6, Red Hat Hardened Images, and Quarkus Native Builder. No public exploit identified at time of analysis, and the issue requires user interaction with an attacker-supplied archive, but successful exploitation yields full code execution under the extracting user's identity.
Arbitrary OS command execution in Microsoft's UFO intelligent-automation framework (tagged releases up to and including v3.0.0) lets a local, low-privileged attacker who can write or modify a per-session action JSON record plant a malicious shell action that is executed via PowerShell when the session is resumed or replayed. The injected command runs with the privileges of the UFO process user, yielding full confidentiality, integrity, and availability impact (CVSS 7.8, CWE-78). There is no public exploit identified at time of analysis, and no EPSS or CISA KEV data was supplied to gauge exploitation likelihood.
Local privilege escalation via OS command injection in pam_usb before 0.8.7 lets a low-privileged local user execute arbitrary commands as root. The flaw lives in src/tmux.c, which reads the attacker-controllable $TMUX environment variable and interpolates its socket-path component, unsanitised, inside a double-quoted string passed to popen(); a value containing a double-quote breaks out of the quoting and injects shell syntax that runs in the root-context PAM stack. No public exploit identified at time of analysis, and no EPSS or CISA KEV data was supplied, but the CVSS 8.8 (scope-changed) rating reflects straightforward, low-complexity root compromise.
Root command injection in pam_usb prior to 0.8.7 lets a local high-privileged user - or an attacker who can present a removable device with an attacker-chosen filesystem UUID - embed shell metacharacters (e.g. $(id>/tmp/rce)) that execute as root when an administrator runs pamusb-conf --reset-pads. A second injection path passes the userName value from the XML configuration directly to os.system() in pamusb-agent. No public exploit identified at time of analysis; the issue is fixed in 0.8.7.
Local privilege escalation in pam_usb prior to 0.8.7 lets a low-privileged user gain the elevated privileges of the pam_usb tool chain by abusing the pamusb-pinentry helper. The helper trusts the PINENTRY_FALLBACK_APP environment variable and executes its value directly, so any process able to set that variable before pamusb-pinentry runs can have an arbitrary binary executed. There is no public exploit identified at time of analysis, and the issue is fixed in version 0.8.7; the GitHub Security Advisory (GHSA-jxrj-q67x-wr4c) is the sole reference.
Unauthorized OS command execution in Tanium Connect allows an attacker holding low-privilege authenticated access to run arbitrary commands on the host, achieving full compromise of confidentiality, integrity, and availability. The CVSS 8.8 (network vector, low complexity, low privileges, no user interaction) reflects an authenticated remote code execution issue rooted in command injection (CWE-78). No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV; EPSS data was not provided.
Command injection in the Sherlock username-hunting tool's CI/CD pipeline (versions prior to 0.16.1) allows any GitHub user to run arbitrary commands on the project's GitHub Actions runner. The flaw lives in the validate_modified_targets.yml workflow, which uses the dangerous pull_request_target trigger; simply opening a pull request executes attacker-controlled code with no approval, review, or merge required. Fixed in 0.16.1; with a CVSS of 9.3 it is a high-severity supply-chain issue, though no public exploit was identified at time of analysis and the technique class is well documented.