Skip to main content
CVE-2022-25369 CRITICAL POC THREAT Emergency

Dynamicweb CMS before version 9.12.8 contains a critical authentication bypass that allows unauthenticated attackers to create new administrator accounts. The vulnerability exists because the application's setup wizard can be re-executed on deployed instances, enabling attackers to initialize a fresh admin account and subsequently upload webshells.

Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
79.9%
Threat
5.9
CVE-2026-24423 CRITICAL POC KEV THREAT Emergency

SmarterTools SmarterMail prior to build 9511 contains a second critical vulnerability (CVE-2026-24423) — an unauthenticated remote code execution flaw in the ConnectToHub API method. An attacker can redirect the SmarterMail server to connect to a malicious HTTP endpoint that serves OS commands for execution. KEV-listed with EPSS 29%, this is chainable with CVE-2026-23760 for complete server compromise.

RCE Command Injection Smartermail
NVD
CVSS 3.1
9.8
EPSS
29.3%
Threat
5.8
CVE-2026-0770 CRITICAL POC THREAT Emergency

Langflow has a third RCE vulnerability via exec_globals (EPSS 10.0%) allowing inclusion of untrusted code that executes in the application's global scope.

RCE AI / ML Langflow
NVD Exploit-DB VulDB
CVSS 3.0
9.8
EPSS
10.0%
CVE-2025-70457 CRITICAL POC Act Now

Sourcecodester Modern Image Gallery App v1.0 has an arbitrary file upload in the gallery endpoint allowing unauthenticated remote code execution.

PHP RCE Modern Image Gallery App
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2021-47891 CRITICAL POC Act Now

Unified Remote 3.9.0.2463 allows unauthenticated remote code execution by sending crafted network packets to the remote control service.

RCE
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-66719 CRITICAL POC PATCH GHSA Act Now

Free5gc NRF 1.4.0 has an authorization bypass in access token generation that allows authenticated users to request tokens with broader scope than permitted.

Golang Nrf
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-70985 CRITICAL POC Act Now

RuoYi v4.8.2 has an access control flaw in the update function allowing unauthorized attackers to modify arbitrary data in the admin management system.

Authentication Bypass Ruoyi
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-0768 CRITICAL Act Now

Langflow has a code injection vulnerability in the code component (EPSS 2.6%) enabling remote code execution through the visual AI workflow builder.

Python RCE Code Injection AI / ML Langflow
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2026-0761 CRITICAL Act Now

MetaGPT has a code injection vulnerability in actionoutput_str_to_mapping (EPSS 2.6%) allowing remote attackers to execute arbitrary code through crafted AI agent output processing.

Python RCE Code Injection AI / ML Metagpt
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2026-0769 CRITICAL Act Now

Langflow has an eval injection in eval_custom_component_code (EPSS 2.0%) enabling remote code execution through crafted custom component definitions.

Python RCE AI / ML Langflow
NVD
CVSS 3.0
9.8
EPSS
2.0%
CVE-2026-0763 CRITICAL Act Now

GPT Academic has an insecure deserialization in run_in_subprocess_wrapper_func (EPSS 1.7%) enabling remote code execution through crafted subprocess data.

RCE Deserialization AI / ML Gpt Academic
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2026-0760 CRITICAL Act Now

MetaGPT by Foundation Agents has an insecure deserialization in deserialize_message (EPSS 1.7%) enabling remote code execution through crafted serialized data in AI agent communications.

RCE Deserialization AI / ML Metagpt
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2026-0764 CRITICAL Act Now

GPT Academic has a second insecure deserialization vulnerability in the upload function (EPSS 1.5%) allowing remote code execution through crafted file uploads.

RCE Deserialization AI / ML Gpt Academic
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2025-15061 CRITICAL PATCH Act Now

Framelink Figma MCP Server has a command injection vulnerability in fetchWithRetry (EPSS 1.4%) enabling remote code execution on developer machines using the MCP integration.

RCE Command Injection AI / ML
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2026-0773 CRITICAL Act Now

Upsonic has an insecure deserialization via cloudpickle (EPSS 1.3%) enabling remote code execution through crafted serialized AI agent data.

RCE Deserialization AI / ML
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2025-4320 CRITICAL Act Now

A Birebir product has a CVSS 10.0 authentication bypass through a primary weakness in the password recovery mechanism, allowing complete account takeover without any authentication.

Authentication Bypass
NVD VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-0794 CRITICAL Act Now

ALGO 8180 has a use-after-free in SIP session handling (EPSS 1.1%) enabling remote code execution through crafted VoIP signaling sequences.

Golang RCE Use After Free 8180 Ip Audio Alerter Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2026-0759 CRITICAL Act Now

Katana Network Development Starter Kit has a command injection in executeCommand enabling remote code execution through the development framework.

RCE Command Injection AI / ML
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2026-0756 CRITICAL Act Now

github-kanban-mcp-server has a command injection in execAsync (EPSS 1.0%) enabling remote code execution on developer machines using the GitHub Kanban MCP integration.

Github RCE Command Injection AI / ML
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2025-15063 CRITICAL Act Now

Ollama MCP Server has a command injection vulnerability in execAsync (EPSS 1.0%) allowing remote attackers to execute arbitrary commands on systems running the Ollama AI integration.

RCE Command Injection AI / ML Ollama
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2026-0787 CRITICAL Act Now

ALGO 8180 IP Audio Alerter has a command injection in the SAC interface (EPSS 0.68%) allowing remote code execution on the emergency notification device.

Golang RCE Command Injection 8180 Ip Audio Alerter Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2026-24304 CRITICAL PATCH Act Now

Azure Resource Manager has a CVSS 9.9 access control vulnerability allowing authorized users to escalate privileges across Azure subscriptions and resource groups.

Azure Azure Resource Manager
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2026-0793 CRITICAL Act Now

ALGO 8180 has a heap-based buffer overflow in InformaCast message processing enabling remote code execution through the emergency notification protocol.

Golang RCE Buffer Overflow Heap Overflow 8180 Ip Audio Alerter Firmware
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2026-0792 CRITICAL Act Now

ALGO 8180 has a stack-based buffer overflow in SIP INVITE Alert-Info header processing, enabling remote code execution through the VoIP protocol.

Golang RCE Buffer Overflow Stack Overflow 8180 Ip Audio Alerter Firmware
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2026-0791 CRITICAL Act Now

ALGO 8180 has a stack-based buffer overflow in SIP INVITE Replaces header processing enabling remote code execution through crafted VoIP calls.

Golang RCE Buffer Overflow Stack Overflow 8180 Ip Audio Alerter Firmware
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-70983 CRITICAL Act Now

SpringBlade v4.5.0 has an access control flaw in authRoutes allowing low-privileged users to escalate to admin through the authentication routing mechanism.

Spring Java Privilege Escalation Authentication Bypass Springblade
NVD GitHub
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-0755 CRITICAL POC PATCH GHSA Act Now

gemini-mcp-tool has a command injection in execAsync allowing remote code execution on systems using the Gemini AI MCP integration.

RCE Command Injection AI / ML
NVD GitHub VulDB
CVSS 3.0
9.8
EPSS
0.5%
CVE-2026-1364 CRITICAL Act Now

IAQS and I6 by JNC have a missing authentication vulnerability allowing unauthenticated remote attackers to directly access sensitive system functionality.

Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-1363 CRITICAL Act Now

IAQS and I6 systems by JNC have a client-side enforcement vulnerability allowing unauthenticated attackers to bypass security controls and access server functionality.

Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-24132 CRITICAL PATCH Act Now

Orval TypeScript code generator versions 7.19+ have a command injection vulnerability allowing RCE through malicious OpenAPI specifications during code generation.

Command Injection Orval
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-67229 CRITICAL Act Now

ToDesktop Builder v0.32.1 has an improper certificate validation vulnerability allowing man-in-the-middle attackers to inject malicious code into desktop application builds.

Authentication Bypass Builder
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-22984 CRITICAL PATCH Act Now

A bounds checking vulnerability in the Linux kernel's libceph authentication handler allows local attackers with user privileges to trigger out-of-bounds memory reads, potentially leading to information disclosure or denial of service. The flaw exists in the handle_auth_done() function which fails to properly validate payload length before processing authentication data. A patch is available to address this vulnerability.

Linux Buffer Overflow Information Disclosure
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-4319 CRITICAL Act Now

A product by Birebir has weak authentication with improper rate limiting on login attempts and insecure password recovery, enabling brute-force attacks and account takeover.

Information Disclosure
NVD VulDB
CVSS 3.1
9.4
EPSS
0.1%
CVE-2025-52024 CRITICAL Act Now

Aptsys POS Platform Web Services module exposes internal API testing endpoints to the public, allowing unauthenticated access to point-of-sale backend systems.

Authentication Bypass Gemscms Backend
NVD GitHub
CVSS 3.1
9.4
EPSS
0.0%
CVE-2025-52025 CRITICAL Act Now

Aptsys gemscms POS Platform has a SQL injection in the GetServiceByRestaurantID endpoint allowing extraction of restaurant and payment data.

SQLi Gemscms Backend
NVD GitHub
CVSS 3.1
9.4
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy