Skip to main content
CVE-2023-53888 HIGH POC This Week

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE PHP Zomplog
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.9%
CVE-2024-44598 HIGH This Week

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload RCE Fnt Command
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-11393 HIGH PATCH This Week

Privilege escalation in Red Hat's runtimes-inventory-rhel8-operator lets a standard cluster user act with full cluster-administrator authority on the Red Hat management platform. A misconfigured internal proxy attaches the cluster's main administrative credentials to every command it relays - not just the report traffic it should handle - so any authenticated user can issue admin-level instructions and alter cluster configuration or status. There is no public exploit identified at time of analysis, EPSS is low (0.21%, 12th percentile), and the issue is not in CISA KEV, but the impact is a classic confused-deputy authentication bypass and Red Hat has shipped a fix.

Authentication Bypass Red Hat Suse
NVD
CVSS 3.1
8.7
EPSS
0.2%
CVE-2024-44599 HIGH This Week

FNT Command 13.4.0 is vulnerable to Directory Traversal. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal File Upload Fnt Command
NVD GitHub
CVSS 3.1
8.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy