OS command injection in the Curo UC300 (firmware 5.42.1.7.1.63R1) unified communications device lets an authenticated attacker with admin-panel access run arbitrary operating-system commands by injecting shell metacharacters into the "IP Addr" parameter. Successful exploitation yields full command execution on the underlying device (high confidentiality, integrity, and availability impact). A public GitHub repository referenced by NVD indicates publicly available exploit code exists, though the flaw is not listed in CISA KEV and its EPSS probability is modest (1.15%, 63rd percentile).
Improper authorization in Casdoor (an open-source Identity and Access Management / SSO platform) versions 2.26.0 and earlier lets a remote authenticated administrator of ANY organization escalate beyond their tenant boundary. Because the permission-verification module and the organization/application editing interface fail to enforce object-level scope, a low-trust org admin can bypass access controls simply by concatenating/manipulating URLs after login to read and modify resources belonging to other organizations. A public technical writeup/PoC gist exists; it is not listed in CISA KEV and EPSS is low (0.61%, 45th percentile), so exploitation is plausible but not confirmed in the wild. Fixed in v2.63.0.