Vulnerabilidades em Eugeny
15 resultadosCVE-2024-43410HIGHRussh has an OOM Denial of Service due to allocation of untrusted amountEPSS 0.9%CVE-2026-42189HIGHRussh: Pre-auth DoS via unbounded allocation in keyboard-interactive authEPSS 0.5%CVE-2026-45035CRITICALTabby: RCE via `tabby://run` URL SchemeEPSS 0.4%CVE-2025-54804MEDIUMRussh is missing an overflow check during channel windows adjustEPSS 0.4%CVE-2025-22136HIGHTabby has a TCC Bypass via Misconfigured Node FusesEPSS 0.4%CVE-2024-55950HIGHTabby has a TCC Bypass via Unnecessary Permissive Entitlements in TabbyEPSS 0.3%CVE-2026-48108MEDIUMRussh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner inputEPSS 0.3%CVE-2026-46702HIGHRussh: Post-decompression SSH packet size was not bounded, allowing remote oversized compressed packetsEPSS 0.3%CVE-2026-48110HIGHRussh: SSH message fields were decoded through allocation-first parsers before field-specific boundsEPSS 0.3%CVE-2026-46673HIGHRussh: Unchecked CryptoVec allocation and growth handling is reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releasesEPSS 0.3%CVE-2026-48107MEDIUMRussh: Unchecked keyboard-interactive prompt count in client auth pathEPSS 0.2%CVE-2026-46705MEDIUMrussh server userauth state is not reset when authentication principal changesEPSS 0.2%CVE-2026-45038HIGHTabby: Dragging and Dropping a File into Tabby Can Lead to Code ExecutionEPSS 0.2%CVE-2026-45037HIGHTabby: Unsafe protocol handler execution via terminal linkifier allows arbitrary OS protocol invocationEPSS 0.1%CVE-2026-45036HIGHTabby auto-confirms ZMODEM detection on terminal output, leading to shell command execution from displayed file content under fish, bash, and zshEPSS 0.1%