tag
Command-Injection
Medium
curl SMTP EXPN Recipient CRLF Command Injection
None assigned as of 2026-07-03·
curl / libcurl (SMTP support)
unpatched
High
Authenticated Command Injection in LiteLLM MCP Test Endpoints (CVE-2026-42271)
CVE-2026-42271·
BerriAI LiteLLM (proxy) — MCP preview/test endpoints
patched
Critical
Ubiquiti UniFi OS Unauthenticated RCE Chain (CVE-2026-34908 / CVE-2026-34909 / CVE-2026-34910)
CVE-2026-34908, CVE-2026-34909, CVE-2026-34910·
Ubiquiti UniFi OS Server
patched
High
Cisco Catalyst SD-WAN Manager Privilege Escalation (CVE-2026-20245)
CVE-2026-20245·
Cisco Catalyst SD-WAN Manager (vManage), SD-WAN Controller (vSmart), SD-WAN Validator (vBond)
unpatched
High
Notepad++ <= 8.9.6 Multiple Vulnerabilities (CVE-2026-48770, CVE-2026-48778, CVE-2026-48800)
CVE-2026-48770, CVE-2026-48778, CVE-2026-48800·
Notepad++
unpatched
Critical
Palo Alto PAN-OS GlobalProtect Unauthenticated RCE (CVE-2024-3400)
CVE-2024-3400·
Palo Alto Networks PAN-OS GlobalProtect gateway
patched