Threats Tagged 'cve-2026-41414'
View all threats tagged with 'cve-2026-41414'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-41414'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-41414: CWE-94: Improper Control of Generation of Code ('Code Injection') in skim-rs skimCVE-2026-41414 0 Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIM_RS_BOT_PRIVATE_KEY and GITHUB_TOKEN (contents:write). No gates prevent exploitation - any GitHub user can trigger this by opening a pull request from a fork. This vulnerability is fixed with commit bf63404ad51985b00ed304690ba9d477860a5a75. Join the discussion | CVE Database V5 | 04/24/2026, 18:32:36 UTC Added: 04/24/2026, 18:51:19 UTC |
Showing 1 to 1 of 1 result