Arbitrary local file read in Enhancesoft osTicket 1.18.x (before 1.18.3) and 1.17.x (before 1.17.7) lets a remote unauthenticated attacker embed the contents of server-side files into an exported ticket PDF. By submitting a ticket whose rich-text HTML carries crafted PHP filter expressions, the attacker abuses the mPDF export path to render attacker-chosen files as bitmap images, disclosing sensitive data such as configuration files and credentials. Publicly available exploit code exists (Horizon3 'Ticket to Shell' research) and the EPSS score of 13.58% (94th percentile) reflects elevated near-term exploitation likelihood; there is no public exploit identified as active in CISA KEV.
Opencode versions up to 1.0.216 is affected by missing authentication for critical function (CVSS 8.8).
Remote code execution in Emlog v2.6.1 and earlier allows authenticated attackers to upload arbitrary files through an insufficiently validated REST API endpoint (/index.php?rest-api=upload), enabling malicious PHP execution on the server. Attackers can exploit this by obtaining valid API credentials through administrator access or information disclosure flaws, then uploading executable scripts to achieve full system compromise. Public exploit code exists for this vulnerability, and affected administrators should apply available patches immediately.
Credential theft via Lua script execution in Envoy Gateway versions before 1.5.7 and 1.6.2 allows authenticated attackers to extract proxy credentials and subsequently access the control plane and all associated secrets including TLS private keys. Public exploit code exists for this vulnerability. Affected organizations running vulnerable Envoy Gateway instances should immediately upgrade as no patch is currently available for intermediate versions.
Denial-of-service in LlamaIndex (run-llama/llama_index) versions up to and including 0.12.2 lets remote unauthenticated attackers exhaust CPU and memory through the VannaPack VannaQueryEngine. The engine's custom_query() converts a user-supplied natural-language prompt into SQL and runs it via vn.run_sql() with no execution limits, so a crafted prompt can produce an unbounded or extremely expensive query. Publicly available exploit code exists (Huntr bounty report), though EPSS is low at 0.12% (30th percentile) and it is not listed in CISA KEV.
Denial of service in Ollama's multi-modal image processing (versions 0.11.5-rc0 through 0.13.5) lets remote attackers crash the model runner by POSTing crafted base64 image data to the /api/chat endpoint. The decoded data is passed to mtmd_helper_bitmap_init_from_buf without validating that it is valid media; the function returns NULL on malformed input and the unchecked pointer is dereferenced, triggering a segmentation fault that takes the model offline for all users until restart. Rated CVSS 4.0 8.7 (availability-only impact); publicly available exploit code exists via a Huntr bounty, but EPSS is low (0.09%, 25th percentile) and it is not on CISA KEV.
Denial-of-service in LangChain versions up to and including 0.3.1 lets remote attackers exhaust CPU by feeding a crafted string into the MRKLOutputParser.parse() method, whose backtracking-prone regular expression exhibits catastrophic backtracking (ReDoS). Because MRKL agents parse LLM output to extract tool actions, an attacker who can influence that text - typically via prompt injection in downstream applications - can stall or hang the parsing thread. Publicly available exploit code exists (huntr bounty), though EPSS is low at 0.08% and it is not on the CISA KEV list.
Arbitrary code execution in LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6 occurs when BGEM3Index.load_from_disk() calls pickle.load() on a multi_embed_store.pkl file read from an attacker-controlled persist_dir. A victim who loads a maliciously crafted index directory executes attacker-supplied code in their own process. Publicly available exploit code exists (huntr bounty submission), though EPSS is low (0.08%) and it is not listed in CISA KEV, so there is no public exploit identified as actively exploited.
WebErpMesV2 versions prior to 1.19 expose unauthenticated API endpoints that allow remote attackers to read sensitive manufacturing and business data including orders, quotes, and tasks without credentials. Public exploit code exists for this vulnerability, and attackers can additionally create company records and manipulate collaboration whiteboards. A patch is available in version 1.19 and should be applied immediately to restrict API access.
Incorrect access control in the /member/orderList API of xmall v1.1 allows attackers to arbitrarily access other users' order details via manipulation of the query parameter userId. [CVSS 8.2 HIGH]
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. [CVSS 8.1 HIGH]
Stored XSS in Termix File Manager (versions 1.7.0-1.9.0) allows attackers with SSH server access to execute arbitrary JavaScript by uploading malicious SVG files that bypass content sanitization. When a Termix user previews the crafted file, the payload executes within the application context with full access to sensitive operations. Public exploit code exists and no patch is currently available.
cpp-httplib versions prior to 0.30.1 are vulnerable to denial of service attacks due to insufficient validation of decompressed HTTP request body sizes. An unauthenticated remote attacker can send a malicious gzip or brotli-compressed request that decompresses to an arbitrarily large payload in memory, exhausting server resources. Public exploit code exists for this vulnerability, and a patch is available in version 0.30.1 and later.
Gin-vue-admin versions 2.8.7 and earlier contain a path traversal vulnerability in the breakpoint resume upload API that allows authenticated attackers to write arbitrary files to any directory on the system. Public exploit code exists for this vulnerability, which affects administrators and users with file upload privileges. An attacker can bypass directory restrictions by injecting traversal sequences (../) into the fileName parameter to escape the intended fileDir location.
Merit LILIN DVR/NVR devices allow authenticated remote attackers to execute arbitrary operating system commands through command injection, enabling complete system compromise. An attacker with valid credentials can bypass application controls and gain full control over the affected device without user interaction. No patch is currently available for this vulnerability, leaving deployed systems at significant risk.
Director versions up to 25.2.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. [CVSS 8.8 HIGH]
Merit LILIN IP Camera models contain an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands on affected devices with high privileges. The vulnerability requires valid credentials but no user interaction, enabling complete compromise of device confidentiality, integrity, and availability. No patch is currently available for this vulnerability.
Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. [CVSS 8.8 HIGH]
An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges and obtain sensitive information via a crafted js file [CVSS 8.2 HIGH]
Errands before 46.2.10 does not verify TLS certificates for CalDAV servers. [CVSS 8.2 HIGH]
Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the generation and signing of documents. [CVSS 8.1 HIGH]
IDOR vulnerability has been found in Viafirma Inbox v4.5.13 that allows any authenticated user without privileges in the application to list all users, access and modify their data. [CVSS 8.1 HIGH]
MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. [CVSS 8.1 HIGH]
Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. [CVSS 7.5 HIGH]
Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. [CVSS 7.5 HIGH]
Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier. [CVSS 7.5 HIGH]