gpsd gpsprof Gnuplot Command Injection
CVE-2026-58459: gpsd's gpsprof tool allows attackers who control GPS device subtype values to execute arbitrary shell commands via unsanitized gnuplot titles.
Free 30-min security demo — We'll scan your real code and show live findings, no commitment Book Now
In-depth technical analysis of recently disclosed vulnerabilities in open-source software. Every post includes the vulnerable code, the fix, real-world impact, and how SAST catches it.
CVE-2026-58459: gpsd's gpsprof tool allows attackers who control GPS device subtype values to execute arbitrary shell commands via unsanitized gnuplot titles.
CVE-2026-59937: pypdf before 6.14.0 allows denial of service via crafted PDFs with malformed cross-reference streams causing unbounded recovery loops.
CVE-2026-59257 is a SQL injection flaw in n8n's legacy MySQL v1 node that allows attackers to execute arbitrary SQL via expression interpolation.
CVE-2026-60104: Bitwarden Server authorization bypass lets a low-privileged org member steal another user's vault key and take over their account.
CVE-2026-54765 is a filter-merging flaw in Traefik's Kubernetes Gateway API provider allowing cross-tenant header injection via shared backends.
CVE-2026-60102 allows authenticated attackers to execute arbitrary OS commands through malicious filenames in Horde VFS before 3.0.1.
CVE-2024-6387 (regreSSHion) is a signal handler race in OpenSSH sshd allowing unauthenticated root RCE on glibc Linux. Detection and patch guidance.
CVE-2024-21626 (Leaky Vessels) is a runc container escape via a leaked /proc/self/cwd file descriptor, letting attackers access the host filesystem.
CVE-2023-50585 is a stack overflow in Tenda A18 v15.13.07.09 formSetDeviceName, allowing unauthenticated remote code execution via the devName parameter.
CVE-2023-50643 lets attackers execute arbitrary code in Evernote for macOS 10.68.2 via an unsafe Electron RunAsNode configuration. CVSS 9.8 critical.
CVE-2023-49235 is an OS command injection in TRENDnet TV-IP1314PI cameras via unsafe popen() and weak debug filtering, enabling unauthenticated RCE.
CVE-2023-51126 is a command injection in FLIR AX8 thermal cameras up to firmware 1.46.16, enabling RCE via unsanitized input to the res.php endpoint.
CVE-2023-7220 is a critical stack buffer overflow in the Totolink NR1800X loginAuth function, enabling remote code execution without authentication.
CVE-2023-7221 is a critical buffer overflow in the Totolink T6 HTTP POST login handler, enabling unauthenticated remote code execution. CVSS 9.8.
CVE-2023-31446 is a command injection flaw in Cassia Gateway firmware; the unsanitized queueUrl parameter gives unauthenticated attackers root RCE.
CVE-2024-21646 is an integer overflow in the Azure uAMQP C library when parsing crafted binary type data, enabling RCE in dependent AMQP clients.
CVE-2023-49237 is an OS command injection in the TRENDnet TV-IP1314PI language pack handler; unfiltered URL parameters allow unauthenticated RCE.
CVE-2024-21650 is a critical RCE in XWiki Platform user registration; unsanitized first and last name fields let attackers execute arbitrary code.
CVE-2023-49236 exploits unvalidated sscanf input in TRENDnet TV-IP1314PI, enabling remote code execution through malicious RTSP scale parameters.
CVE-2024-0321 is a critical stack-based buffer overflow in GPAC prior to v2.3-DEV enabling remote code execution through malformed media files.
CVE-2024-22087 is a stack buffer overflow in Pico HTTP Server URI handling, allowing unauthenticated remote code execution via oversized request paths.
CVE-2024-22051 is an integer overflow in CommonMarker's GFM table parser causing heap corruption and potential RCE via oversized marker rows.
CVE-2023-51277 is a macOS entitlement flaw in Jupyter Notebook Viewer before 0.1.6 allowing unauthorized task access and privilege escalation.
CVE-2024-22086 is a stack buffer overflow in Cherry HTTP server URI parsing, enabling unauthenticated remote code execution via malformed requests.
CVE-2024-22088 is a use-after-free in Lotos WebServer buffer management; long URIs trigger mishandled realloc calls, enabling remote code execution.
CVE-2023-50921 is a pre-auth privilege escalation in GL.iNet routers via the add_user API endpoint, affecting 12 models on firmware 4.3.7 through 4.5.0.
CVE-2023-46308 is a prototype pollution flaw in Plotly.js before 2.25.2; plot API calls can manipulate __proto__ to enable arbitrary code execution.
CVE-2024-21623 exposes critical expression injection vulnerability in OTClient's SonarCloud workflow, enabling remote command execution and secret exfiltration.
No vulnerabilities match your filter.
Offensive360 SAST detects the vulnerability patterns documented here — plus thousands more — across 60+ programming languages. See what's hiding in your source code.