8.5
CVE-2026-40032 - UAC < 3.3.0-rc1 Command Injection via Placeholder Substitution
UAC (Unix-like Artifacts Collector) before 3.3.0-rc1 contains a command injection vulnerability in the placeholder substitution and command execution pipeline where the _run_command() function passes constructed command strings directly to eval without proper sanitization. Attackers can inject shelβ¦
8.5
CVE-2026-40031 - MemProcFS < 5.17 DLL/Shared Library Hijacking
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a malicβ¦
8.4
CVE-2026-40030 - parseusbs < 1.9 Command Injection via Volume Path Argument
parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is passed unsanitized into an os.popen() shell command with ls, allowing arbitrary command injection via crafted volume path arguments containing shell metacharacters. An attacker caβ¦
8.5
CVE-2026-40029 - parseusbs < 1.9 Command Injection via Crafted LNK Filename
parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsanitized into an os.popen() shell command, allowing arbitrary command execution via crafted .lnk filenames containing shell metacharacters. An attacker can craft a .lnk filename wiβ¦
5.1
CVE-2026-40028 - Hayabusa < 3.8.0 XSS via JSON Log Import
Hayabusa versions prior to 3.8.0 contain a cross-site scripting (XSS) vulnerability in its HTML report output that allows an attacker to execute arbitrary JavaScript when a user scans JSON-exported logs containing malicious content in the Computer field. An attacker can inject JavaScript into the Cβ¦
8.4
CVE-2026-40027 - ALEAPP NQ Vault Artifact Parser Path Traversal
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.py artifact parser that uses attacker-controlled file_name_from values from a database directly as the output filename, allowing arbitrary file writes outside the report output dirβ¦
4.8
CVE-2026-40026 - Sleuth Kit ISO9660 SUSP Extension Reference Out-of-Bounds Read
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parse_susp() function trusts len_id, len_des, and len_src fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parseβ¦
4.8
CVE-2026-40025 - Sleuth Kit APFS Keybag Parser Out-of-Bounds Read
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrapped_key_parser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS β¦
8.4
CVE-2026-40024 - Sleuth Kit tsk_recover Path Traversal
The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can crβ¦
5.3
CVE-2026-5808 - openstatusHQ openstatus Onboarding Endpoint client.tsx cross site scripting
A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae634059330c. This impacts an unknown function of the file apps/dashboard/src/app/(dashboard)/onboarding/client.tsx of the component Onboarding Endpoint. The manipulation of the argument callbackURL results inβ¦