Skip to main content
CVE-2026-24858 CRITICAL KEV THREAT CISA Emergency

Fortinet FortiAnalyzer and FortiManager contain a critical authentication bypass vulnerability (CVE-2026-24858, CVSS 9.8) that allows unauthenticated remote attackers to gain administrative access through an alternate authentication path. With EPSS 2.8% but KEV listing confirming active exploitation, this vulnerability threatens the security management infrastructure that organizations rely on to protect their networks.

Fortinet Authentication Bypass
NVD VulDB
CVSS 3.1
9.8
EPSS
2.8%
Threat
5.5
CVE-2026-24479 CRITICAL POC PATCH Act Now

HUSTOJ online judge has a path traversal vulnerability enabling arbitrary file access on the competition server.

Linux PHP MySQL RCE Path Traversal +1
NVD GitHub Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-15467 HIGH POC PATCH CISA Act Now

OpenSSL has a critical out-of-bounds write when parsing CMS AuthEnvelopedData/EnvelopedData with malicious AEAD parameters, enabling potential RCE.

OpenSSL RCE Buffer Overflow Memory Corruption
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.0%
Threat
5.3
CVE-2026-1470 CRITICAL POC PATCH Act Now

n8n has a fifth critical RCE vulnerability (CVSS 9.9) in the Expression evaluator, enabling code execution through crafted workflow expressions.

RCE AI / ML N8n
NVD GitHub
CVSS 3.1
9.9
EPSS
0.5%
CVE-2026-24770 CRITICAL POC PATCH Act Now

Path traversal vulnerability in RAGFlow RAG engine version 0.23.1 allows unauthenticated attackers to read arbitrary files from the server filesystem. PoC available, patch available.

RCE AI / ML Ragflow
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2026-22039 CRITICAL POC PATCH Act Now

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass and unauthorized cluster operations.

Kubernetes Kyverno Suse
NVD GitHub VulDB
CVSS 3.1
9.9
EPSS
0.1%
CVE-2026-24740 CRITICAL POC PATCH Act Now

Critical access control flaw in Dozzle Docker log viewer allows users restricted by label filters to escape their scope and obtain an interactive root shell on out-of-scope containers. PoC available, patch in v9.0.3.

Docker Dozzle Suse
NVD GitHub
CVSS 3.1
9.9
EPSS
0.0%
CVE-2020-36948 CRITICAL POC Act Now

VestaCP 0.9.8-26 has a session management vulnerability allowing remote attackers to hijack admin sessions through the LoginAs module.

Authentication Bypass
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2021-47900 CRITICAL POC Act Now

Gila CMS before 2.0.0 has an RFI vulnerability enabling unauthenticated RCE.

PHP RCE
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-24881 CRITICAL POC PATCH Act Now

Remote code execution and denial of service in GnuPG before 2.5.17 stem from a stack-based buffer overflow in gpg-agent when it processes a crafted CMS (S/MIME) EnvelopedData message containing an oversized wrapped session key during PKDECRYPT --kem=CMS handling. Any user or service decrypting attacker-supplied S/MIME mail with a vulnerable build can be crashed, and the memory corruption may be escalated to arbitrary code execution in the gpg-agent process that custodies private keys. Publicly available exploit code exists, but the issue is not in CISA KEV and EPSS is low (0.20%, 41st percentile), indicating no confirmed widespread exploitation yet.

RCE Buffer Overflow Stack Overflow Denial Of Service Gnupg +1
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-69559 CRITICAL POC Act Now

Computer Book Store v1.0 has file upload in admin_add.php.

PHP Computer Book Store
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69565 CRITICAL POC Act Now

Mobile Shop Management System has file upload enabling web shell deployment.

PHP Mobile Shop Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2021-47901 CRITICAL POC Act Now

Dirsearch 0.4.1 has CSV injection in scan reports.

Code Injection
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-36941 CRITICAL POC Act Now

Knockpy 4.1.1 has CSV injection in subdomain scan exports.

Code Injection Knockpy
NVD GitHub Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69563 CRITICAL POC Act Now

Mobile Shop Management System has SQL injection in ExLogin.php.

PHP SQLi Mobile Shop Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-69562 CRITICAL POC Act Now

Mobile Shop Management System has SQL injection in insertmessage.php.

PHP SQLi Mobile Shop Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-69564 CRITICAL POC Act Now

Mobile Shop Management System has code injection in ExAddNewUser.php.

PHP SQLi Mobile Shop Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2020-36940 CRITICAL POC Act Now

Easy CD & DVD Cover Creator 4.13 has a buffer overflow in serial number input.

Buffer Overflow Denial Of Service
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-24736 CRITICAL POC Act Now

Server-Side Request Forgery (SSRF) vulnerability in Squidex CMS webhook configuration allows authenticated administrators to make requests to internal services by specifying localhost or internal IP addresses as webhook destinations. PoC available.

SSRF Squidex
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2020-36942 HIGH POC This Week

Victor Cms versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP Victor Cms
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-24747 HIGH POC PATCH This Week

PyTorch is a Python package that provides tensor computation. [CVSS 8.8 HIGH]

Python Pytorch Checkpoint Code Injection RCE
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2020-36938 HIGH POC This Week

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory. [CVSS 8.8 HIGH]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2021-47902 HIGH POC This Week

Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2020-36951 HIGH POC This Week

Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers to manipulate database queries through the 'id' parameter. [CVSS 8.2 HIGH]

SQLi
NVD GitHub Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-24741 HIGH POC PATCH This Week

Arbitrary file deletion in ConvertX prior to version 0.17.0 allows authenticated attackers to remove files outside the intended upload directory by exploiting insufficient path validation in the POST /delete endpoint. The vulnerability enables attackers to supply path traversal sequences that bypass directory restrictions, with impact limited only by server process permissions. Public exploit code exists for this HIGH severity flaw, though a patch is available in version 0.17.0.

Path Traversal Convertx
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-24490 HIGH POC PATCH This Week

MobSF versions prior to 4.4.5 are vulnerable to stored XSS through unsanitized rendering of Android manifest attributes in HTML reports, allowing attackers to inject malicious JavaScript by uploading crafted APK files. Public exploit code exists for this vulnerability, and successful exploitation enables session hijacking and account takeover of security analysts using the framework. Upgrade to version 4.4.5 or later to remediate.

Android XSS Mobile Security Framework
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2020-36980 HIGH POC This Week

its Windows service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

Windows Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36983 HIGH POC This Week

Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36982 HIGH POC This Week

MotoHelperService.exe service contains a vulnerability that allows attackers to potentially inject malicious code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36981 HIGH POC This Week

PST Service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36979 HIGH POC This Week

Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup. [CVSS 7.8 HIGH]

Windows
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36977 HIGH POC This Week

ElevationService executable contains a vulnerability that allows attackers to potentially inject malicious code (CVSS 7.8).

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36976 HIGH POC This Week

its service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36975 HIGH POC This Week

EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36974 HIGH POC This Week

Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24882 HIGH POC PATCH This Week

Stack-based buffer overflow in GnuPG's tpm2daemon (versions before 2.5.17) allows a local attacker to corrupt the daemon's stack by sending a crafted PKDECRYPT command targeting TPM-backed RSA or ECC keys, potentially achieving arbitrary code execution in the daemon's context. The flaw affects GnuPG and the bundled Gpg4win distribution and has been patched by upstream and major Linux vendors (Red Hat, SUSE). Publicly available exploit code exists, though the EPSS score is negligible (0.01%) and it is not listed in CISA KEV (no public exploit identified as actively exploited in the wild).

Buffer Overflow Stack Overflow Gpg4win Gnupg
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23881 HIGH POC PATCH This Week

Kyverno versions up to 1.16.3 is affected by allocation of resources without limits or throttling (CVSS 7.7).

Denial Of Service Kyverno Suse
NVD GitHub
CVSS 3.1
7.7
EPSS
0.1%
CVE-2020-36939 HIGH POC This Week

Cassandra Web 0.5.0 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating path traversal parameters. [CVSS 7.5 HIGH]

Apache Path Traversal
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-36946 HIGH POC This Week

SyncBreeze 10.0.28 contains a denial of service vulnerability in the login endpoint that allows remote attackers to crash the service. Attackers can send an oversized payload in the login request to overwhelm the application and potentially disrupt service availability. [CVSS 7.5 HIGH]

Denial Of Service Syncbreeze
NVD Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2020-36949 HIGH POC This Week

Tapinradio versions up to 2.13.7 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Denial Of Service Tapinradio
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24477 HIGH POC This Week

Anythingllm versions up to 1.10.0 contains a vulnerability that allows attackers to complete compromise of the semantic search / retrieval functionality and indirec (CVSS 7.5).

Information Disclosure AI / ML Anythingllm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24486 HIGH POC PATCH This Week

Arbitrary file write in python-multipart prior to 0.0.22 lets remote attackers place uploaded files outside the intended upload directory by supplying a filename that begins with an absolute path (e.g. '/etc/...'). The flaw only manifests in deployments that enable the non-default options UPLOAD_DIR plus UPLOAD_KEEP_FILENAME=True, where os.path.join silently discards the configured directory. Publicly available exploit code exists (Exploit-DB 52543, GHSA-wp53-j4wj-2cfg), though EPSS is very low (0.03%, 7th percentile) and it is not in CISA KEV.

Python Path Traversal Python Multipart
NVD GitHub Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1448 HIGH POC This Week

Remote code execution in D-Link DIR-615 firmware through os command injection via the ipaddr parameter in the Web Management Interface allows unauthenticated remote attackers to execute arbitrary commands. The vulnerability affects unsupported firmware versions up to 4.10, and public exploit code is available. No patch has been released by the vendor.

D-Link PHP Command Injection Dir 615 Firmware
NVD VulDB
CVSS 3.1
7.2
EPSS
0.5%
CVE-2026-24478 HIGH POC This Week

AnythingLLM versions prior to 1.10.0 contain a path traversal vulnerability in the DrupalWiki integration that allows malicious administrators or attackers with admin privileges to write arbitrary files to the server, potentially achieving remote code execution through configuration file overwriting or malicious script injection. Public exploit code exists for this vulnerability, and no patch is currently available for affected deployments. The attack requires high-level privileges but carries critical risk due to the ability to completely compromise server integrity.

Drupal RCE Path Traversal AI / ML Anythingllm
NVD GitHub
CVSS 3.1
7.2
EPSS
0.2%
CVE-2026-24779 HIGH POC PATCH This Week

vLLM before version 0.14.1 contains a server-side request forgery vulnerability in the MediaConnector class where inconsistent URL parsing between libraries allows attackers to bypass host restrictions and force the server to make arbitrary requests to internal network resources. Public exploit code exists for this vulnerability, which poses significant risk in containerized environments where a compromised vLLM instance could be leveraged to access restricted internal systems. The vulnerability affects users running vLLM's multimodal features with untrusted input.

Python SSRF Denial Of Service Vllm Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2020-36947 HIGH POC This Week

LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. [CVSS 7.1 HIGH]

SQLi Librenms
NVD GitHub Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2020-36950 MEDIUM POC This Month

Laravel Nova 3.7.0 contains a denial of service vulnerability that allows authenticated users to crash the application by manipulating the 'range' parameter. Attackers can send simultaneous requests with an extremely high range value to overwhelm and crash the server. [CVSS 6.5 MEDIUM]

Laravel Denial Of Service
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2020-36978 MEDIUM POC This Month

Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules. [CVSS 6.4 MEDIUM]

XSS
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1467 MEDIUM POC PATCH This Month

libsoup's improper handling of URL-decoded input in HTTP proxy configurations allows remote attackers to inject CRLF sequences into the Host header, enabling injection of arbitrary HTTP headers or request bodies. Public exploit code exists for this vulnerability, which could allow attackers to manipulate downstream services through compromised proxy requests. Affected applications using libsoup with HTTP proxy functionality are at risk of integrity compromise, though no patch is currently available.

Authentication Bypass Red Hat Suse
NVD VulDB
CVSS 3.1
5.8
EPSS
0.1%
CVE-2026-24811 CRITICAL PATCH Act Now

ROOT data analysis framework has an input validation vulnerability in zlib modules enabling code execution through crafted data files.

Code Injection Root
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy