PLY (Python Lex-Yacc) library 3.11 has an unsafe feature enabling remote code execution through pickle deserialization of cached parser tables, with EPSS 0.91%.
Multiple ipTIME router models have a command injection vulnerability in the upnp_relay() function, allowing remote attackers to execute arbitrary OS commands through crafted UPnP requests.
Heap buffer overflow in ImageMagick's XBM image decoder (ReadXBMImage) lets remote attackers write attacker-controlled data past an allocated heap buffer by submitting a maliciously crafted XBM file, affecting all versions prior to 7.1.2-13 and 6.9.13-38. Because any read or identify operation triggers the flaw, it is reachable through ordinary image upload and conversion pipelines, raising the risk of memory corruption and potential remote code execution. Publicly available exploit code exists and a vendor patch is available, though EPSS exploitation probability remains low (0.08%) and it is not listed in CISA KEV.
MedDream PACS Premium 7.3.6.870 has an arbitrary file read vulnerability in the encapsulatedDoc feature that allows attackers to read sensitive server files including DICOM medical records.
Oracle HTTP Server and WebLogic Server Proxy Plug-in have a CVSS 10.0 access control vulnerability allowing unauthenticated network attackers to fully compromise the middleware layer.
Node.js has a CVSS 10.0 permission model bypass that allows Unix Domain Socket connections to completely bypass network restrictions when --allow-net is configured.
Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 have a CVSS 9.9 command injection vulnerability allowing meeting participants to execute OS commands on the router.
Cloudflare Wrangler CLI has a CVSS 9.9 command injection vulnerability in the 'wrangler pages deploy' command that allows arbitrary code execution during deployment.
Oracle Agile PLM for Process has a CVSS 9.8 vulnerability in the Supply Chain Sourcing component that allows unauthenticated remote attackers to fully compromise the system.
Advanced Custom Fields: Extended plugin for WordPress has a privilege escalation vulnerability allowing unauthenticated users to gain admin access in all versions up to the latest.
PrismX MX100 AP controller by BROWAN has hard-coded credentials that allow remote attackers to gain full administrative access to the wireless network controller.
Chrome Split View prior to 144.0.7559.59 has a UI spoofing vulnerability that allows remote attackers to display misleading content in the split view interface.
Chrome for Android prior to 144.0.7559.59 has a security UI spoofing vulnerability that allows remote attackers to display misleading security indicators.
A server-side template injection vulnerability (CWE-1336) with CVSS 9.8 allows remote attackers to execute arbitrary code through crafted template expressions.
XDocReport v0.9.2 through v2.0.3 has an XML External Entity (XXE) vulnerability that allows attackers to read arbitrary files, perform SSRF, and potentially achieve remote code execution.
Orval, a TypeScript API client generator, has a command injection vulnerability that allows code execution through malicious OpenAPI specifications.
Google Chrome prior to 144.0.7559.59 has insufficient policy enforcement in Network that allows attackers who obtained a network position to access sensitive data.
Node.js has a permissions model bypass that allows attackers to circumvent --allow-fs-read and --allow-fs-write restrictions using alternate path representations.