CVE-2025-41266

Same vendor

• CVE-2025-41281 — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in W... (7.8 HIGH)
• CVE-2025-41280 — Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 t... (7.8 HIGH)
• CVE-2025-41279 — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in t... (7.2 HIGH)
• CVE-2025-41278 — Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows att... (7.8 HIGH)
• CVE-2025-41277 — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in t... (9.8 CRITICAL)

Same CWE

• CVE-2026-12161 — Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user ...
• CVE-2026-48723 — The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack (7.8 HIGH)
• CVE-2026-9863 — Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client in... (7.5 HIGH)
• CVE-2026-9862 — Fortra's  Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service (9.8 CRITICAL)
• CVE-2026-11527 — Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument... (8.6 HIGH)