CyberRota
← Ana sayfaya dön

CVE-2026-16129

MEDIUM · CVSS 5.3 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-18T17:16:39.030 · Çekilme zamanı: 2026-07-18T18:28:09.484780+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
exploit poc

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-16129
Severity
MEDIUM
CVSS
5.3
EPSS
Yok

Orijinal NVD Açıklaması

A vulnerability has been found in princezuda SafestClaw up to 4.2.4. This vulnerability affects the function ShellAction._validate_command of the file src/safestclaw/actions/shell.py of the component Built-in Web Interface. Such manipulation leads to incomplete blacklist. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The presence of this vulnerability remains uncertain at this time. The project maintainer explains: "On paper you're correct, this is a vulnerability. In practice, nothing your AI generated shows how it makes users vulnerable. It's open source. Someone can mod the shell allow list or remove that system. Present an actual poc that shows a threat to users."