Command Injection Archives • Page 3 of 6 • Daily CyberSecurity

WiFi Hijack: Hikvision Patches Command Injection in DS-3WAP Access Points Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

WiFi Hijack: Hikvision Patches Command Injection in DS-3WAP Access Points

Do Son February 3, 2026

Hikvision has rolled out a critical firmware update for its line of wireless access points (APs) to...

Router Takeover: High-Severity Command Injection Flaw Hits TP-Link Archer MR600

Do Son January 28, 2026

TP-Link has issued a security advisory for its popular Archer MR600 4G+ LTE router, warning of a...

Critical Vivotek Flaw Grants Root Access (CVE-2026-22755) Gardyn Home Kit Vulnerabilities IoT Command Injection Vivotek Vulnerability CVE-2026-22755 Command Injection Ofuji Fishing data breach

Gardyn Home Kit Vulnerabilities IoT Command Injection Vivotek Vulnerability CVE-2026-22755 Command Injection Ofuji Fishing data breach

Critical Vivotek Flaw Grants Root Access (CVE-2026-22755)

Do Son January 22, 2026

A new critical vulnerability has been unearthed in the firmware of Vivotek legacy cameras, potentially turning thousands...

Critical Zoom Flaw (CVE-2026-22844): CVSS 9.9 Command Injection Exposes Hybrid Meetings Zoom Node Vulnerability CVE-2026-22844 CVE-2024-45421 & CVE-2024-45419 CVE-2025-27440

Zoom Node Vulnerability CVE-2026-22844 CVE-2024-45421 & CVE-2024-45419 CVE-2025-27440

Critical Zoom Flaw (CVE-2026-22844): CVSS 9.9 Command Injection Exposes Hybrid Meetings

Do Son January 21, 2026

A near-maximum severity vulnerability has been discovered in Zoom’s enterprise infrastructure, threatening to turn hybrid meeting setups...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Hard-Coded Keys and Open Doors: Critical Flaws Found in PrismX AP Controllers

Do Son January 21, 2026

A trio of security vulnerabilities has been discovered in Browan Communications’ PrismX MX100 AP Controller, the most...

Critical Deno Flaws Risk Secrets (CVE-2026-22863) & Execution (CVE-2026-22864) Deno Vulnerability CVE-2026-22863

Critical Deno Flaws Risk Secrets (CVE-2026-22863) & Execution (CVE-2026-22864)

Do Son January 19, 2026

Deno, the modern JavaScript and TypeScript runtime famous for its “secure by default” architecture, has hit a...

CVE-2025-33206: High-Severity Flaw Patched in NVIDIA Nsight Graphics for Linux NVIDIA Nsight Vulnerability CVE-2025-33206 NVIDIA ConnectX Firmware - CVE-2024-0105

NVIDIA Nsight Vulnerability CVE-2025-33206 NVIDIA ConnectX Firmware - CVE-2024-0105

CVE-2025-33206: High-Severity Flaw Patched in NVIDIA Nsight Graphics for Linux

Do Son January 15, 2026

NVIDIA has released a critical software update for its Nsight Graphics tool on Linux, patching a high-severity...

High-Severity Flaws in HPE Aruba Networking Expose Mobility Controllers to Attack CVE-2024-54006 & CVE-2024-54007 Aruba AOS Vulnerabilities CVE-2025-37168

CVE-2024-54006 & CVE-2024-54007 Aruba AOS Vulnerabilities CVE-2025-37168

High-Severity Flaws in HPE Aruba Networking Expose Mobility Controllers to Attack

Do Son January 15, 2026

HPE Aruba Networking has released a critical security advisory patching a swarm of vulnerabilities across its AOS-8...

Command Injection Alert: High-Severity Flaws Hit LoadMaster & MOVEit WAF CVE-2024-1212 LoadMaster Vulnerability CVE-2025-13444

Command Injection Alert: High-Severity Flaws Hit LoadMaster & MOVEit WAF

Do Son January 15, 2026

Progress Software Corporation has kicked off the 2026 security calendar with an important update for its network...

CVE-2026-22718: EOL Spring CLI Tool for VS Code Found Vulnerable to Command Injection Spring HATEOAS flaws, CVE-2026-41006, CVE-2026-41007 CVE-2024-22243 Spring CLI Vulnerability CVE-2026-22718

Spring HATEOAS flaws, CVE-2026-41006, CVE-2026-41007 CVE-2024-22243 Spring CLI Vulnerability CVE-2026-22718

CVE-2026-22718: EOL Spring CLI Tool for VS Code Found Vulnerable to Command Injection

Do Son January 13, 2026

Developers using the Spring CLI extension for Visual Studio Code are being urged to clean up their...

One Request to Rule Them All: Critical Trendnet Flaw (CVE-2025-15471) Allows Total Takeover Trendnet TEW-713RE Vulnerability CVE-2025-15471

One Request to Rule Them All: Critical Trendnet Flaw (CVE-2025-15471) Allows Total Takeover

Do Son January 8, 2026

A critical pre-authentication command injection vulnerability has been uncovered in the Trendnet TEW-713RE Wi-Fi extender, allowing remote...

Self-Hosters Beware: 3 Critical Coolify Flaws Grant Root Access Coolify Vulnerabilities CVE-2025-64419 CVE-2025-22612, CVE-2025-22611, and CVE-2025-22609

Coolify Vulnerabilities CVE-2025-64419 CVE-2025-22612, CVE-2025-22611, and CVE-2025-22609

Self-Hosters Beware: 3 Critical Coolify Flaws Grant Root Access

Do Son January 7, 2026

The self-hosting community is on high alert following the disclosure of three critical vulnerabilities in Coolify, the...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-66848: Critical Flaw in JD Cloud Routers Grants Hackers Root Access

Do Son January 5, 2026

A security vulnerability has been uncovered in a popular line of NAS routers from JD Cloud, potentially...

High-Severity Flaws in TeamViewer DEX Allow Attackers to Hijack Nomad Services CVE-2024-0819 TeamViewer DEX Vulnerabilities, CVE-2025-44016

High-Severity Flaws in TeamViewer DEX Allow Attackers to Hijack Nomad Services

Do Son December 25, 2025

TeamViewer has issued important security bulletins addressing multiple vulnerabilities across its Digital Employee Experience (DEX) product line...

Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users systeminformation RCE, Node.js Command Injection

Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users

Do Son December 18, 2025

A high-severity vulnerability has been uncovered in systeminformation, a massively popular Node.js library used by millions of...

Critical n8n RCE Flaw (CVE-2025-65964) Allows Remote Code Execution via Git Node Configuration Manipulation n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

Critical n8n RCE Flaw (CVE-2025-65964) Allows Remote Code Execution via Git Node Configuration Manipulation

Do Son December 10, 2025

A critical security vulnerability has been discovered in n8n, the popular workflow automation tool that powers technical...

CISA KEV Alert: EOL D-Link and Array Networks Command Injection Under Active Attack Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA KEV Alert: EOL D-Link and Array Networks Command Injection Under Active Attack

Do Son December 9, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with two...

High-Severity WatchGuard Flaws Risk VPN DoS and RCE via IKEv2 Memory Corruption WatchGuard Agent Privilege Escalation CVE-2026-6787 WatchGuard Vulnerability CVE-2026-1498 WatchGuard Firebox VPN Flaws, Command Injection WatchGuard Vulnerability CVE-2024-6592 and CVE-2024-6593

High-Severity WatchGuard Flaws Risk VPN DoS and RCE via IKEv2 Memory Corruption

Do Son December 8, 2025

WatchGuard Technologies has released a critical series of security advisories addressing five high-severity vulnerabilities across its Firebox...

High-Severity Cacti Flaw (CVE-2025-66399) Risks Remote Code Execution via SNMP Community String Injection CVE-2024-25641 Cacti SNMP RCE, Command Injection

CVE-2024-25641 Cacti SNMP RCE, Command Injection

High-Severity Cacti Flaw (CVE-2025-66399) Risks Remote Code Execution via SNMP Community String Injection

Do Son December 5, 2025

A high-severity security flaw has been uncovered in Cacti, the popular open-source network graphing solution. The vulnerability,...

URGENT PATCH REQUIRED: Zenitel TCIV-3+ Intercoms Hit by Multiple Critical Flaws (CVSS 9.8) Gardyn Home Kit Vulnerabilities IoT Command Injection Vivotek Vulnerability CVE-2026-22755 Command Injection Ofuji Fishing data breach

URGENT PATCH REQUIRED: Zenitel TCIV-3+ Intercoms Hit by Multiple Critical Flaws (CVSS 9.8)

Do Son November 26, 2025

Zenitel has issued an urgent security advisory, also reported by CISA, concerning a set of critical vulnerabilities...

Critical Alert 1 Active Exploit Detected Today