Skip to main content
CVE-2026-21898 HIGH POC This Week

CryptoLib versions prior to 1.4.3 contain an out-of-bounds read vulnerability in the Crypto_AOS_ProcessSecurity function that allows remote attackers to crash spacecraft communications systems when parsing malformed AOS frame hashes. Public exploit code exists for this vulnerability affecting cFS deployments that rely on SDLS-EP for spacecraft-to-ground station security. The vulnerability has high severity due to its denial of service impact on critical space communications infrastructure, and no patch is currently available.

Buffer Overflow Information Disclosure Cryptolib
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-22704 HIGH POC PATCH This Week

Stored cross-site scripting (XSS) in HAX CMS versions 11.0.6 through 24.x allows authenticated attackers to inject malicious scripts that execute in other users' browsers, potentially leading to account takeover. Public exploit code exists for this vulnerability affecting both PHP and Node.js deployments. Users should upgrade to version 25.0.0 or later to remediate the issue.

PHP Node.js Haxcms Nodejs
NVD GitHub Exploit-DB VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-22607 HIGH POC PATCH This Week

Fickling's static analyzer through version 0.1.6 fails to properly classify the cProfile module as unsafe during pickle analysis, causing malicious pickles leveraging cProfile.run() to be marked as SUSPICIOUS rather than OVERTLY_MALICIOUS. Organizations using Fickling as a security gate for deserialization decisions may be deceived into executing attacker-controlled code. Public exploit code exists for this vulnerability, and patches are available in version 0.1.7 and later.

Python Deserialization AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-22606 HIGH POC PATCH This Week

Fickling's incomplete pickle analysis allows attackers to bypass security checks by using Python's runpy module to execute arbitrary code. Versions through 0.1.6 misclassify dangerous runpy-based payloads as merely suspicious rather than malicious, enabling code execution on systems that rely on Fickling to validate pickle safety. Public exploit code exists for this vulnerability, though a patch is available in version 0.1.7.

Python Deserialization AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-22609 HIGH POC PATCH This Week

Fickling's static analyzer before version 0.1.7 fails to detect several dangerous Python modules in pickled objects, enabling attackers to craft malicious pickles that bypass safety checks and achieve arbitrary code execution. This vulnerability affects users relying on Fickling to validate untrusted serialized Python objects for safety. Public exploit code exists for this HIGH severity vulnerability, though a patch is available in version 0.1.7 and later.

Python Deserialization AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22699 HIGH POC PATCH This Week

RustCrypto Elliptic Curves versions 0.14.0-pre.0 and 0.14.0-rc.0 are vulnerable to denial-of-service when decrypting SM2 public key encryption, as invalid curve points with syntactically valid coordinates cause an unhandled panic during point validation. Public exploit code exists for this vulnerability, affecting applications that use the SM2 implementation. A remote attacker can crash the cryptographic service by sending specially crafted ciphertext with malformed elliptic curve points.

Code Injection Sm2 Elliptic Curve
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-22697 HIGH POC This Week

CryptoLib versions prior to 1.4.3 contain a heap buffer overflow in the KMC crypto service's Base64 decoder, where oversized input strings can write beyond allocated buffer boundaries when processing KMC JSON responses. An attacker with network access to the KMC service can trigger this vulnerability to crash the spacecraft-ground station communication process or potentially execute arbitrary code. Public exploit code exists for this vulnerability, and no patch is currently available.

Buffer Overflow Denial Of Service Cryptolib
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-22700 HIGH POC PATCH This Week

RustCrypto's SM2 elliptic curve implementation in versions 0.14.0-pre.0 and 0.14.0-rc.0 is vulnerable to denial-of-service through improper input validation in the decrypt() function, allowing remote attackers to crash affected applications by submitting malformed or undersized ciphertext that triggers unhandled panics. Public exploit code exists for this vulnerability, though a patch is available.

Industrial Denial Of Service Sm2 Elliptic Curve
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-22026 HIGH POC PATCH This Week

CryptoLib versions prior to 1.4.3 are vulnerable to denial of service through unbounded memory allocation in the KMC crypto service client's HTTP response handling. A malicious or compromised KMC server can trigger excessive memory consumption by sending arbitrarily large responses, causing the client process to crash. Public exploit code exists for this vulnerability affecting spacecraft communications secured by SDLS-EP.

Buffer Overflow Cryptolib
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-22589 HIGH POC PATCH This Week

Spree versions up to 4.10.2 is affected by authorization bypass through user-controlled key (CVSS 7.5).

Ruby Spree
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-22698 HIGH POC PATCH This Week

SM2 elliptic curve implementations in RustCrypto versions 0.14.0-pre.0 and 0.14.0-rc.0 suffer from a critical entropy reduction flaw where ephemeral nonce generation requests only 32 bits instead of 256 bits of randomness, degrading encryption security from 128-bit to 16-bit strength. Public exploit code exists, allowing attackers to recover the nonce and decrypt ciphertexts using only the public key and encrypted message. A patch is available for affected deployments.

Information Disclosure Sm2 Elliptic Curve
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22023 HIGH POC PATCH This Week

CryptoLib versions prior to 1.4.3 contain an out-of-bounds heap read in the cryptography_aead_encrypt() function, affecting spacecraft communications secured via the SDLS-EP protocol. Public exploit code exists for this vulnerability, allowing remote attackers to trigger a denial of service condition without authentication. The vulnerability impacts systems using CryptoLib for ground-to-spacecraft communications and has been patched in version 1.4.3.

Buffer Overflow Information Disclosure Cryptolib
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22610 HIGH PATCH CISA GHSA Act Now

Cross-site scripting in Angular's Template Compiler allows attackers to inject arbitrary JavaScript through unsanitized href and xlink:href attributes on SVG <script> elements bound to untrusted data. Affects Angular versions prior to 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, with no public exploit identified at time of analysis despite a very low EPSS score of 0.01%. Patched releases are available from the Angular project, and exploitation requires the victim application to dynamically bind user-controlled values to those specific SVG script attributes.

XSS Angular
NVD GitHub HeroDevs VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-22685 HIGH PATCH This Week

DevToys versions 2.0.0.0 through 2.0.8.x are vulnerable to path traversal attacks during extension package installation, allowing attackers to write files outside the intended directory by crafting malicious NUPKG archives with directory traversal sequences. An attacker can exploit this to overwrite arbitrary files with DevToys process privileges, potentially enabling code execution or system compromise on affected systems. The vulnerability is patched in version 2.0.9.0.

Path Traversal Devtoys
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-21884 HIGH PATCH This Week

React Router is a router for React. In @remix-run/react version prior to 2.17.3. [CVSS 8.2 HIGH]

XSS React Router Remix Run React
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-62235 HIGH PATCH This Week

Authentication Bypass by Spoofing vulnerability in Apache NimBLE. Receiving specially crafted Security Request could lead to removal of original bond and re-bond with impostor. [CVSS 8.1 HIGH]

Apache Authentication Bypass Nimble
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-22595 HIGH PATCH This Week

Ghost CMS versions 5.121.0-5.130.5 and 6.0.0-6.10.3 incorrectly allow Staff Token authentication to access endpoints restricted to Staff Session authentication, enabling authenticated Admin/Owner-role users to perform unauthorized actions. An attacker with valid Staff Token credentials for elevated roles could bypass authentication restrictions and access sensitive endpoints not intended for token-based access. Patches are available in versions 5.130.6 and 6.11.0.

Node.js Ghost
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-22594 HIGH PATCH This Week

Ghost CMS versions 5.105.0-5.130.5 and 6.0.0-6.10.3 contain an authentication bypass in their two-factor authentication implementation that allows authenticated staff members to circumvent email-based 2FA requirements. An attacker with valid staff credentials can exploit this flaw to gain unauthorized access to administrative functions without completing the required second authentication factor. Patches are available in versions 5.130.6 and 6.11.0.

Node.js Ghost
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-22612 HIGH PATCH This Week

Fickling versions prior to 0.1.7 fail to properly detect malicious pickle payloads due to inadequate handling of the "builtins" module, allowing attackers to bypass security analysis and potentially execute arbitrary code. This vulnerability affects Python environments using vulnerable versions of Fickling for pickle inspection and static analysis. An attacker can craft specially designed pickle files that evade detection mechanisms, compromising the integrity of pickle validation workflows.

Python AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-22608 HIGH PATCH This Week

Fickling before version 0.1.7 allows local attackers to achieve arbitrary code execution through Python pickle deserialization by chaining unblocked ctypes and pydoc modules, bypassing the tool's safety scanner which incorrectly reports malicious files as LIKELY_SAFE. An attacker with user interaction can exploit this vulnerability to execute code with the privileges of the Python process. A patch is available in version 0.1.7 and later.

Python RCE Deserialization AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-59057 HIGH PATCH This Week

React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. [CVSS 7.6 HIGH]

XSS React Router Remix Run React
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-53477 HIGH PATCH This Week

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. [CVSS 7.5 HIGH]

Apache Null Pointer Dereference Nimble
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-13457 HIGH This Week

WooCommerce Square (WordPress plugin) versions up to 5.1.1 is affected by authorization bypass through user-controlled key (CVSS 7.5).

WordPress PHP
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-52435 HIGH PATCH This Week

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange. [CVSS 7.5 HIGH]

Apache Nimble
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22777 HIGH PATCH This Week

Comfyui-Manager versions up to 3.39.2 contains a vulnerability that allows attackers to security setting tampering or modification of application behavior (CVSS 7.5).

Code Injection Comfyui Manager
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21897 HIGH This Week

Out-of-bounds write in CryptoLib's SDLS-EP implementation allows unauthenticated network attackers to corrupt the gvcid_counter variable by writing beyond array bounds during parameter registration, potentially disrupting spacecraft-to-ground station communications security. Affected systems running CryptoLib versions prior to 1.4.3 are vulnerable to manipulation of parameter lookup logic without authentication or user interaction. No patch is currently available for this vulnerability affecting NASA's core Flight System deployments.

Buffer Overflow Cryptolib
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-22601 HIGH This Week

Arbitrary command execution in OpenProject versions 16.6.1 and below allows authenticated administrators to execute system commands by manipulating the sendmail binary path configuration and triggering a test email function. An admin-level attacker can leverage this to achieve full system compromise with high impact on confidentiality, integrity, and availability. No patch is currently available, and exploitation requires high privileges but no user interaction.

Command Injection RCE Openproject
NVD GitHub
CVSS 3.1
7.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy