Product
high
advisory
MiroFish Command Injection Vulnerability (CVE-2026-7058)
2 rules 1 TTP 1 CVEA command injection vulnerability exists in 666ghj MiroFish version 0.1.2 via the SimulationIPCClient.send_command function, allowing remote attackers to execute arbitrary commands.
MiroFish
command-injection
vulnerability
ipc
2r
1t
1c
high
advisory
666ghj MiroFish REST API Authentication Bypass (CVE-2026-7042)
2 rules 1 TTP 1 CVEA missing authentication vulnerability (CVE-2026-7042) exists in 666ghj MiroFish up to version 0.1.2, allowing remote attackers to bypass authentication via manipulation of the REST API Endpoint's create_app function.
MiroFish
cve-2026-7042
authentication-bypass
rest-api
2r
1t
1c