CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
In Splunk AI Toolkit versions below 5.7.4, a user with the 'admin' role can execute arbitrary OS commands on the host running the Splunk Enterprise instance. The vulnerability is due to an unsafe shell execution pattern in the btool configuration helper.
Picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute arbitrary code by hiding eval calls nested under callable objects via getattr. Attackers can embed malicious code in pickle files that evades detection but executes when the pickle is loaded from untrusted sources.
Picklescan before 1.0.4 contains an incomplete blocklist for the profile module, allowing attackers to achieve arbitrary code execution via exec(). Attackers can craft malicious pickle files calling profile.run(statement) to execute arbitrary Python code.
Picklescan versions before 1.0.4 fail to block pkgutil.resolve_name, allowing attackers to bypass the entire blocklist through indirect REDUCE calls. Attackers can invoke any blocked function, leading to remote code execution.
JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeSelectApi endpoint passes user-supplied input directly to the Aviator expression engine without adequate validation allowing attackers to execute arbitrary code.
A vulnerability in Cisco ISE and ISE-PIC allows an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This requires valid administrative credentials and sending a crafted HTTP request.
Picklescan before version 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes. This error allows malicious pickle files to bypass detection, potentially leading to unexpected exceptions.
Picklescan versions before 0.0.33 fail to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls and accessing raw memory. Attackers can craft malicious pickle files using ctypes.WinDLL to load kernel32.dll and execute arbitrary commands.
Picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the dangerous blocklist. Attackers can construct malicious pickle objects to overwrite critical system files.
Picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary code execution when the pickle is deserialized.
In the OpenHuman desktop agent tool up to version 0.54.0, the command allowlist can be bypassed, allowing arbitrary OS commands to be executed with the privileges of the desktop user. Two flaws in the code enable an attacker to achieve remote code execution through prompt injection.
CVE-2026-54812 describes an improper neutralization of special elements used in SQL commands, allowing for Blind SQL Injection in the StylemixThemes Motors theme.
Python StateMachine versions 3.0.0 before 3.2.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary code by supplying malicious SCXML documents containing crafted `<data expr="...">` attributes.
CVE-2026-54819 describes an improper neutralization of special elements used in SQL commands, leading to a Blind SQL Injection vulnerability in Webilia Inc.'s Listdom application.
CVE-2026-54815 describes an improper neutralization of special elements used in SQL commands, leading to a Blind SQL Injection vulnerability in the Cargo Shipping Location plugin for WooCommerce.
CVE-2026-54809 describes an improper neutralization of special elements used in SQL commands, allowing for Blind SQL Injection in the VillaTheme GIFT4U application.
CVE-2026-54808 describes an improper neutralization of special elements used in SQL commands, allowing for Blind SQL Injection in WP Travel Gutenberg Blocks.
A remote attacker can inject LDAP special characters into the Distinguished Name (DN) construction in DefaultLdapRealm class. User-supplied username input is directly concatenated into the LDAP DN template without any escaping, allowing manipulation of the DN structure used for LDAP bind authentication.
Moderno versions below 1.43 are vulnerable to unauthenticated PHP object injection.
Plumbing versions up to 1.6 are vulnerable to unauthenticated PHP object injection, potentially allowing unauthorized access to the system.

