Jashid Sany

**Name of the Vulnerable Software and Affected Versions** CactusViewer version 2.3.0 **Description** A DLL hijacking issue in CactusViewer allows attackers to escalate privileges and execute arbitrary code by using a crafted DLL. DLL hijacking is a technique where an application is tricked into loading a malicious dynamic-link library (DLL) instead of the intended one. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

An OS command injection vulnerability in the app.py component of openlabs docker-wkhtmltopdf-aas up to commit 9f50579 allows attackers to execute arbitrary commands via a crafted POST request.