WeKnora LLM framework (before 0.2.5) allows authenticated users to inject MCP stdio commands that the server executes as subprocesses. PoC available, patch available.
CryptoLib versions prior to 1.4.3 contain an out-of-bounds read vulnerability in the Crypto_AOS_ProcessSecurity function that allows remote attackers to crash spacecraft communications systems when parsing malformed AOS frame hashes. Public exploit code exists for this vulnerability affecting cFS deployments that rely on SDLS-EP for spacecraft-to-ground station security. The vulnerability has high severity due to its denial of service impact on critical space communications infrastructure, and no patch is currently available.
Stored cross-site scripting (XSS) in HAX CMS versions 11.0.6 through 24.x allows authenticated attackers to inject malicious scripts that execute in other users' browsers, potentially leading to account takeover. Public exploit code exists for this vulnerability affecting both PHP and Node.js deployments. Users should upgrade to version 25.0.0 or later to remediate the issue.
Fickling's static analyzer through version 0.1.6 fails to properly classify the cProfile module as unsafe during pickle analysis, causing malicious pickles leveraging cProfile.run() to be marked as SUSPICIOUS rather than OVERTLY_MALICIOUS. Organizations using Fickling as a security gate for deserialization decisions may be deceived into executing attacker-controlled code. Public exploit code exists for this vulnerability, and patches are available in version 0.1.7 and later.
Fickling's incomplete pickle analysis allows attackers to bypass security checks by using Python's runpy module to execute arbitrary code. Versions through 0.1.6 misclassify dangerous runpy-based payloads as merely suspicious rather than malicious, enabling code execution on systems that rely on Fickling to validate pickle safety. Public exploit code exists for this vulnerability, though a patch is available in version 0.1.7.
Fickling's static analyzer before version 0.1.7 fails to detect several dangerous Python modules in pickled objects, enabling attackers to craft malicious pickles that bypass safety checks and achieve arbitrary code execution. This vulnerability affects users relying on Fickling to validate untrusted serialized Python objects for safety. Public exploit code exists for this HIGH severity vulnerability, though a patch is available in version 0.1.7 and later.
RustCrypto Elliptic Curves versions 0.14.0-pre.0 and 0.14.0-rc.0 are vulnerable to denial-of-service when decrypting SM2 public key encryption, as invalid curve points with syntactically valid coordinates cause an unhandled panic during point validation. Public exploit code exists for this vulnerability, affecting applications that use the SM2 implementation. A remote attacker can crash the cryptographic service by sending specially crafted ciphertext with malformed elliptic curve points.
CryptoLib versions prior to 1.4.3 contain a heap buffer overflow in the KMC crypto service's Base64 decoder, where oversized input strings can write beyond allocated buffer boundaries when processing KMC JSON responses. An attacker with network access to the KMC service can trigger this vulnerability to crash the spacecraft-ground station communication process or potentially execute arbitrary code. Public exploit code exists for this vulnerability, and no patch is currently available.
RustCrypto's SM2 elliptic curve implementation in versions 0.14.0-pre.0 and 0.14.0-rc.0 is vulnerable to denial-of-service through improper input validation in the decrypt() function, allowing remote attackers to crash affected applications by submitting malformed or undersized ciphertext that triggers unhandled panics. Public exploit code exists for this vulnerability, though a patch is available.
CryptoLib versions prior to 1.4.3 are vulnerable to denial of service through unbounded memory allocation in the KMC crypto service client's HTTP response handling. A malicious or compromised KMC server can trigger excessive memory consumption by sending arbitrarily large responses, causing the client process to crash. Public exploit code exists for this vulnerability affecting spacecraft communications secured by SDLS-EP.
Spree versions up to 4.10.2 is affected by authorization bypass through user-controlled key (CVSS 7.5).
SM2 elliptic curve implementations in RustCrypto versions 0.14.0-pre.0 and 0.14.0-rc.0 suffer from a critical entropy reduction flaw where ephemeral nonce generation requests only 32 bits instead of 256 bits of randomness, degrading encryption security from 128-bit to 16-bit strength. Public exploit code exists, allowing attackers to recover the nonce and decrypt ciphertexts using only the public key and encrypted message. A patch is available for affected deployments.
CryptoLib versions prior to 1.4.3 contain an out-of-bounds heap read in the cryptography_aead_encrypt() function, affecting spacecraft communications secured via the SDLS-EP protocol. Public exploit code exists for this vulnerability, allowing remote attackers to trigger a denial of service condition without authentication. The vulnerability impacts systems using CryptoLib for ground-to-spacecraft communications and has been patched in version 1.4.3.
Operation And Maintenance Security Management System versions up to 3.0.8. is affected by improper access control (CVSS 7.3).
Vllm versions up to 0.12.0 is affected by allocation of resources without limits or throttling (CVSS 6.5).
Cross-site scripting in Angular's Template Compiler allows attackers to inject arbitrary JavaScript through unsanitized href and xlink:href attributes on SVG <script> elements bound to untrusted data. Affects Angular versions prior to 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, with no public exploit identified at time of analysis despite a very low EPSS score of 0.01%. Patched releases are available from the Angular project, and exploitation requires the victim application to dynamically bind user-controlled values to those specific SVG script attributes.
Mailpit versions up to 1.28.2 contains a vulnerability that allows attackers to intercept sensitive data such as email contents, headers, and server statistics (CVSS 6.5).
XWiki Full Calendar Macro (before 2.4.5) has SQL injection accessible to guest users via the Calendar.JSONService page. Maximum CVSS 10.0 with scope change. Patch available.
Heap buffer overflow in CryptoLib versions prior to 1.4.3 allows a high-privileged local attacker to corrupt adjacent memory by supplying oversized hex strings in MariaDB SA fields without capacity validation. Public exploit code exists for this vulnerability affecting spacecraft communication security implementations. The flaw enables denial of service and potential code execution through heap memory manipulation.
CryptoLib versions prior to 1.4.3 suffer from an out-of-bounds heap read in the cryptography_encrypt() function when processing malformed JSON metadata from KMC servers, allowing remote attackers to trigger a denial of service condition. The vulnerability stems from improper buffer boundary checking during string parsing in spacecraft-ground station communications secured by the SDLS-EP protocol. Public exploit code exists for this medium-severity flaw, though a patch is available.
WeKnora versions before 0.2.5 allow unauthenticated attackers to bypass database query restrictions through prompt injection techniques when the Agent service is enabled, enabling unauthorized access to sensitive data. Public exploit code exists for this vulnerability, which affects the framework's document understanding and semantic retrieval capabilities. A patch is available in version 0.2.5 and later.
Operation And Maintenance Security Management System versions up to 3.0.8. is affected by command injection (CVSS 7.3).
Heap-based buffer overflow in QuickJS up to version 0.11.0 within the js_typed_array_constructor function allows unauthenticated remote attackers to corrupt memory and potentially execute arbitrary code. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. Affected users should apply patch c5d80831e51e48a83eab16ea867be87f091783c5 immediately.
Cosign's bundle verification mechanism fails to properly validate that embedded Rekor entries reference the correct artifact digest, signature, and public key, allowing an attacker with a compromised signing identity to forge valid bundles and bypass transparency log verification. A malicious actor could exploit this to create counterfeit signatures that pass validation checks, affecting users relying on Cosign for container and binary code signing verification. Public exploit code exists for this vulnerability; patches are available in versions 2.6.2 and 3.0.4.
HarfBuzz text shaping engine versions prior to 12.3.0 crash when the SubtableUnicodesCache::create function attempts to dereference a null pointer returned by failed memory allocation, enabling denial of service in applications processing untrusted font data. Public exploit code exists for this vulnerability. A patch is available in version 12.3.0 and later.
CryptoLib versions prior to 1.4.3 leak approximately 400 bytes of memory with each call to the cryptography_encrypt() function due to unfreed buffers, allowing remote attackers to conduct denial-of-service attacks against spacecraft-to-ground communications by exhausting available memory through sustained traffic. Public exploit code exists for this vulnerability. The issue is resolved in version 1.4.3 and later.
React Router (@react-router/node 7.0.0-7.9.3) has a path traversal in file-based session storage when using unsigned cookies. Attackers can manipulate session file paths to read or write arbitrary files on the server.
OpenProject (before 16.6.4) has a local file read vulnerability through SVG-based ImageMagick exploitation in the PDF export feature. Authenticated users can read server files by uploading malicious SVGs disguised as PNGs. Patch available.
DevToys versions 2.0.0.0 through 2.0.8.x are vulnerable to path traversal attacks during extension package installation, allowing attackers to write files outside the intended directory by crafting malicious NUPKG archives with directory traversal sequences. An attacker can exploit this to overwrite arbitrary files with DevToys process privileges, potentially enabling code execution or system compromise on affected systems. The vulnerability is patched in version 2.0.9.0.
CryptoLib versions prior to 1.4.3 contain an out-of-bounds read vulnerability in the base64urlDecode function that dereferences memory before validating input parameters, potentially causing a denial of service in spacecraft communications secured by SDLS-EP. Affected systems running cFS with vulnerable CryptoLib versions could crash when processing malformed base64 input. Public exploit code exists for this vulnerability, though no patch is currently available.
React Router is a router for React. In @remix-run/react version prior to 2.17.3. [CVSS 8.2 HIGH]
Authentication Bypass by Spoofing vulnerability in Apache NimBLE. Receiving specially crafted Security Request could lead to removal of original bond and re-bond with impostor. [CVSS 8.1 HIGH]
Ghost CMS versions 5.121.0-5.130.5 and 6.0.0-6.10.3 incorrectly allow Staff Token authentication to access endpoints restricted to Staff Session authentication, enabling authenticated Admin/Owner-role users to perform unauthorized actions. An attacker with valid Staff Token credentials for elevated roles could bypass authentication restrictions and access sensitive endpoints not intended for token-based access. Patches are available in versions 5.130.6 and 6.11.0.
Ghost CMS versions 5.105.0-5.130.5 and 6.0.0-6.10.3 contain an authentication bypass in their two-factor authentication implementation that allows authenticated staff members to circumvent email-based 2FA requirements. An attacker with valid staff credentials can exploit this flaw to gain unauthorized access to administrative functions without completing the required second authentication factor. Patches are available in versions 5.130.6 and 6.11.0.
Fickling versions prior to 0.1.7 fail to properly detect malicious pickle payloads due to inadequate handling of the "builtins" module, allowing attackers to bypass security analysis and potentially execute arbitrary code. This vulnerability affects Python environments using vulnerable versions of Fickling for pickle inspection and static analysis. An attacker can craft specially designed pickle files that evade detection mechanisms, compromising the integrity of pickle validation workflows.
Fickling before version 0.1.7 allows local attackers to achieve arbitrary code execution through Python pickle deserialization by chaining unblocked ctypes and pydoc modules, bypassing the tool's safety scanner which incorrectly reports malicious files as LIKELY_SAFE. An attacker with user interaction can exploit this vulnerability to execute code with the privileges of the Python process. A patch is available in version 0.1.7 and later.
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. [CVSS 3.7 LOW]
React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. [CVSS 7.6 HIGH]
NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. [CVSS 7.5 HIGH]
WooCommerce Square (WordPress plugin) versions up to 5.1.1 is affected by authorization bypass through user-controlled key (CVSS 7.5).
J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange. [CVSS 7.5 HIGH]
Comfyui-Manager versions up to 3.39.2 contains a vulnerability that allows attackers to security setting tampering or modification of application behavior (CVSS 7.5).
Out-of-bounds write in CryptoLib's SDLS-EP implementation allows unauthenticated network attackers to corrupt the gvcid_counter variable by writing beyond array bounds during parameter registration, potentially disrupting spacecraft-to-ground station communications security. Affected systems running CryptoLib versions prior to 1.4.3 are vulnerable to manipulation of parameter lookup logic without authentication or user interaction. No patch is currently available for this vulnerability affecting NASA's core Flight System deployments.
Arbitrary command execution in OpenProject versions 16.6.1 and below allows authenticated administrators to execute system commands by manipulating the sendmail binary path configuration and triggering a test email function. An admin-level attacker can leverage this to achieve full system compromise with high impact on confidentiality, integrity, and availability. No patch is currently available, and exploitation requires high privileges but no user interaction.
SQL injection in Ghost's Admin API members/events endpoint enables authenticated administrators to execute arbitrary database queries, affecting versions 5.90.0-5.130.5 and 6.0.0-6.10.3. An attacker with valid Admin API credentials could exploit this to extract, modify, or delete sensitive data stored in the Ghost database. Patches are available in versions 5.130.6 and 6.11.0.
OpenProject versions prior to 16.6.2 fail to implement rate-limiting on the unauthenticated password-change endpoint, allowing attackers to conduct brute-force attacks against known user accounts without triggering lockout mechanisms. An attacker can systematically guess passwords using common wordlists and achieve full account compromise, potentially escalating privileges depending on the victim's role within the application. A patch is available in version 16.6.2.
React-Router versions up to 6.30.1 is affected by url redirection to untrusted site (open redirect) (CVSS 6.5).
React Router is a router for React. In @remix-run/server-runtime version prior to 2.17.3. [CVSS 6.5 MEDIUM]
The Countdown Timer - Widget Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdevart_countdown' shortcode in all versions up to, and including, 2.7.7 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]
The ConvertForce Popup Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gutenberg block's `entrance_animation` attribute in all versions up to, and including, 0.0.7. This is due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]