Skip to main content
CVE-2025-40551 CRITICAL POC KEV THREAT Emergency

SolarWinds Web Help Desk contains an unauthenticated Java deserialization vulnerability (CVE-2025-40551, CVSS 9.8) that enables remote code execution. With EPSS 80.6% and KEV listing, this is the more severe of two concurrent WHD vulnerabilities, allowing attackers to execute arbitrary commands on the host server without any credentials.

RCE Deserialization Web Help Desk
NVD
CVSS 3.1
9.8
EPSS
80.6%
Threat
7.4
CVE-2025-40536 HIGH POC KEV THREAT Act Now

SolarWinds Web Help Desk contains a security control bypass vulnerability (CVE-2025-40536) that allows unauthenticated attackers to access restricted functionality. With EPSS 69% and KEV listing, this CVSS 8.1 vulnerability is particularly concerning given SolarWinds' history of being targeted in supply chain attacks and the sensitive IT service data typically stored in help desk systems.

Authentication Bypass Web Help Desk
NVD
CVSS 3.1
8.1
EPSS
69.1%
Threat
6.7
CVE-2025-40552 CRITICAL POC Act Now

SolarWinds Web Help Desk has an authentication bypass vulnerability (EPSS 9.9%) that allows unauthenticated attackers to gain admin access to the helpdesk system.

Authentication Bypass Web Help Desk
NVD GitHub
CVSS 3.1
9.8
EPSS
9.9%
CVE-2025-40554 CRITICAL POC Act Now

SolarWinds Web Help Desk has a second authentication bypass (EPSS 7.8%) providing yet another path to unauthenticated admin access.

Authentication Bypass Web Help Desk
NVD
CVSS 3.1
9.8
EPSS
7.8%
CVE-2026-23830 CRITICAL POC PATCH Act Now

SandboxJS library prior to 0.8.26 has a CVSS 10.0 sandbox escape via AsyncFunction constructor, allowing execution of arbitrary code outside the sandbox boundary.

RCE Sandboxjs
NVD GitHub
CVSS 3.1
10.0
EPSS
0.2%
CVE-2026-24897 CRITICAL POC PATCH Act Now

Erugo file-sharing platform up to version 0.2.14 has a CVSS 10.0 path traversal allowing authenticated users to read any file on the server including secrets and configuration.

Golang RCE Erugo
NVD GitHub Exploit-DB VulDB
CVSS 3.1
10.0
EPSS
0.2%
CVE-2026-24841 CRITICAL POC PATCH Act Now

Dokploy self-hosted PaaS prior to 0.26.6 has a critical command injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary OS commands on the host.

Docker Command Injection Dokploy
NVD GitHub
CVSS 3.1
9.9
EPSS
0.1%
CVE-2020-36967 CRITICAL POC Act Now

Zortam Mp3 Media Studio 27.60 has a buffer overflow in the library file selection dialog that allows code execution through crafted library files.

RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2020-36962 CRITICAL POC PATCH Act Now

Tendenci 12.3.1 has a CSV formula injection in the contact form message field enabling code execution when administrators export and open data in spreadsheet applications.

Code Injection Tendenci
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2020-36961 CRITICAL POC Act Now

10-Strike Network Inventory Explorer 8.65 has a buffer overflow in exception handling that allows remote code execution by crashing the application with crafted network data.

Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-24857 CRITICAL POC Act Now

bulk_extractor digital forensics tool starting from version 1.4 has a heap buffer overflow in its embedded unrar code that can be triggered by crafted RAR archives.

Industrial Memory Corruption Denial Of Service Bulk Extractor Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-36964 CRITICAL POC Act Now

YATinyWinFTP has a denial of service vulnerability allowing remote attackers to crash the FTP service by sending a 272-byte crafted packet.

Buffer Overflow Denial Of Service
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69602 CRITICAL POC Act Now

66biolinks v62.0.0 has a session fixation vulnerability where the application doesn't regenerate session IDs after authentication, enabling session hijacking.

Information Disclosure 66biolinks
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-24769 CRITICAL POC PATCH Act Now

NocoDB spreadsheet platform prior to 0.301.0 has a stored XSS vulnerability (CVSS 9.0) that enables code execution through malicious cell content in shared views.

XSS Nocodb
NVD GitHub
CVSS 3.1
9.0
EPSS
0.0%
CVE-2020-36969 HIGH POC This Week

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. [CVSS 8.8 HIGH]

Privilege Escalation M Monit
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-67645 HIGH POC PATCH This Week

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a broken access control in the Profile Edit endpoint. [CVSS 8.8 HIGH]

Authentication Bypass Openemr
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-22243 HIGH POC PATCH This Week

SQL injection in EGroupware's Nextmatch filter allows authenticated attackers to execute arbitrary database commands by exploiting PHP type juggling that bypasses integer validation checks. Public exploit code exists for this vulnerability affecting EGroupware versions prior to 23.1.20260113 and 26.0.20260113, and no patch is currently available. Attackers with valid credentials can manipulate WHERE clauses to extract sensitive data, modify records, or compromise database integrity.

PHP SQLi Egroupware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2020-36970 HIGH POC This Week

PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. [CVSS 8.4 HIGH]

PHP
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2020-36971 HIGH POC This Week

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system. [CVSS 8.4 HIGH]

Buffer Overflow
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2020-36965 HIGH POC This Week

docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. [CVSS 8.4 HIGH]

Buffer Overflow
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2020-36945 HIGH POC This Week

WebDamn User Registration Login System contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating email credentials. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.4%
CVE-2020-36972 HIGH POC This Week

SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'id_post' parameter of the details controller that allows attackers to extract database information. [CVSS 8.2 HIGH]

SQLi Smartblog
NVD GitHub Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-55292 HIGH POC PATCH This Week

Meshtastic is an open source mesh networking solution. In the current Meshtastic architecture, a Node is identified by their NodeID, generated from the MAC address, rather than their public key. [CVSS 8.2 HIGH]

Information Disclosure Meshtastic Firmware
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-24842 HIGH POC PATCH This Week

node-tar before version 7.5.7 contains a path traversal vulnerability where inconsistent path resolution between validation and execution logic allows attackers to bypass security checks and create hardlinks to arbitrary files outside the intended extraction directory. Public exploit code exists for this vulnerability, affecting Node.js applications that process untrusted TAR archives. An attacker can craft a malicious TAR file to write to sensitive locations on the system.

Node.js Path Traversal Tar
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-40553 CRITICAL Act Now

SolarWinds Web Help Desk has a second deserialization vulnerability (EPSS 11.9%) providing another unauthenticated RCE path alongside CVE-2025-40551.

RCE Deserialization Web Help Desk
NVD GitHub
CVSS 3.1
9.8
EPSS
11.9%
CVE-2026-24840 HIGH POC PATCH This Week

Dokploy versions before 0.26.6 contain hardcoded database credentials in the installation script, causing nearly all deployments to share identical credentials that can be obtained from the publicly available install.sh file. An authenticated attacker on the network can leverage these credentials to access the database, potentially achieving high-impact compromise of confidentiality, integrity, and availability. Public exploit code exists for this vulnerability and a patch is available in version 0.26.6 and later.

Authentication Bypass Dokploy
NVD GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2022-40619 HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. [CVSS 7.7 HIGH]

Netgear Command Injection R7000 Firmware Xr300 Firmware R6230 Firmware +7
NVD
CVSS 3.1
7.7
EPSS
0.8%
CVE-2026-24856 HIGH POC PATCH This Week

Arbitrary code execution in iccDEV versions before 2.3.1.2 occurs when malformed ICC color profiles containing NaN floating-point values are parsed, causing undefined behavior during type conversion that corrupts memory structures. Local attackers can exploit this by crafting malicious ICC profiles that applications process, and public exploit code exists for this vulnerability. The issue affects any system using the iccDEV library to handle ICC profile data, with a patch available in version 2.3.1.2.

RCE Code Injection Iccdev
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36991 HIGH POC This Week

ShareMouse 5.0.43 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36986 HIGH POC This Week

Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot. [CVSS 7.8 HIGH]

Information Disclosure
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36985 HIGH POC This Week

its Windows service configuration contains a vulnerability that allows attackers to execute arbitrary code (CVSS 7.8).

Windows
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36992 HIGH POC This Week

its nordvpn-service contains a vulnerability that allows attackers to execute code with elevated privileges (CVSS 7.8).

Information Disclosure
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36990 HIGH POC This Week

its Windows service configuration contains a vulnerability that allows attackers to execute code with elevated privileges (CVSS 7.8).

Windows
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36989 HIGH POC This Week

ForensiT AppX Management Service 2.2.0.4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36987 HIGH POC This Week

PACService.exe contains a vulnerability that allows attackers to execute code with elevated privileges (CVSS 7.8).

Code Injection
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36984 HIGH POC This Week

SENADB service contains a vulnerability that allows attackers to execute code with elevated system privileges (CVSS 7.8).

Code Injection
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2022-40620 HIGH POC This Week

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. [CVSS 7.7 HIGH]

Netgear TLS R6230 Firmware Rax120 Firmware R8900 Firmware +7
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2020-36963 HIGH POC This Week

Intelbras Router RF 301K firmware version 1.1.2 contains an authentication bypass vulnerability that allows unauthenticated attackers to download router configuration files. [CVSS 7.5 HIGH]

Authentication Bypass
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-65889 HIGH POC This Week

A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 7.5 HIGH]

Denial Of Service Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-65888 HIGH POC This Week

A dimension validation flaw in the flow.empty() component of OneFlow 0.9.0 allows attackers to cause a Denial of Service (DoS) via a negative or excessively large dimension value. [CVSS 7.5 HIGH]

Denial Of Service Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-65886 HIGH POC This Week

A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted tensor shapes. [CVSS 7.5 HIGH]

Denial Of Service Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-71000 HIGH POC This Week

An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 7.5 HIGH]

Denial Of Service Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-71007 HIGH POC This Week

An input validation vulnerability in the oneflow.index_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 7.5 HIGH]

Denial Of Service AI / ML Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-71003 HIGH POC This Week

An input validation vulnerability in the flow.arange() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 7.5 HIGH]

Denial Of Service AI / ML Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2020-36943 HIGH POC This Week

aSc TimeTables 2021.6.2 contains a denial of service vulnerability that allows attackers to crash the application by overwriting subject title fields with excessive data. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-61726 HIGH POC PATCH This Week

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. [CVSS 7.5 HIGH]

Denial Of Service Go
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-65891 HIGH POC This Week

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice (DoS) by invoking flow.cuda.get_device_properties() with an invalid or negative device index. [CVSS 7.5 HIGH]

Denial Of Service Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-65890 HIGH POC This Week

A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) by calling flow.cuda.synchronize() with an invalid or out-of-range GPU device index. [CVSS 7.5 HIGH]

Denial Of Service Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-0750 HIGH POC This Week

Commerce Paybox versions up to 7.X-1.5. is affected by improper verification of cryptographic signature (CVSS 7.5).

Drupal Authentication Bypass Commerce Paybox
NVD HeroDevs
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-70999 HIGH POC This Week

A GPU device-ID validation flaw in the flow.cuda.get_device_capability() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted device ID. [CVSS 7.5 HIGH]

Denial Of Service Oneflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
Page 1 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy