SolarWinds Web Help Desk contains an unauthenticated Java deserialization vulnerability (CVE-2025-40551, CVSS 9.8) that enables remote code execution. With EPSS 80.6% and KEV listing, this is the more severe of two concurrent WHD vulnerabilities, allowing attackers to execute arbitrary commands on the host server without any credentials.
SolarWinds Web Help Desk has an authentication bypass vulnerability (EPSS 9.9%) that allows unauthenticated attackers to gain admin access to the helpdesk system.
SolarWinds Web Help Desk has a second authentication bypass (EPSS 7.8%) providing yet another path to unauthenticated admin access.
SandboxJS library prior to 0.8.26 has a CVSS 10.0 sandbox escape via AsyncFunction constructor, allowing execution of arbitrary code outside the sandbox boundary.
Erugo file-sharing platform up to version 0.2.14 has a CVSS 10.0 path traversal allowing authenticated users to read any file on the server including secrets and configuration.
Dokploy self-hosted PaaS prior to 0.26.6 has a critical command injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary OS commands on the host.
Zortam Mp3 Media Studio 27.60 has a buffer overflow in the library file selection dialog that allows code execution through crafted library files.
Tendenci 12.3.1 has a CSV formula injection in the contact form message field enabling code execution when administrators export and open data in spreadsheet applications.
10-Strike Network Inventory Explorer 8.65 has a buffer overflow in exception handling that allows remote code execution by crashing the application with crafted network data.
bulk_extractor digital forensics tool starting from version 1.4 has a heap buffer overflow in its embedded unrar code that can be triggered by crafted RAR archives.
YATinyWinFTP has a denial of service vulnerability allowing remote attackers to crash the FTP service by sending a 272-byte crafted packet.
66biolinks v62.0.0 has a session fixation vulnerability where the application doesn't regenerate session IDs after authentication, enabling session hijacking.
NocoDB spreadsheet platform prior to 0.301.0 has a stored XSS vulnerability (CVSS 9.0) that enables code execution through malicious cell content in shared views.
SolarWinds Web Help Desk has a second deserialization vulnerability (EPSS 11.9%) providing another unauthenticated RCE path alongside CVE-2025-40551.
Explorance Blue versions before 8.14.9 have a CVSS 10.0 SQL injection vulnerability enabling unauthenticated attackers to fully compromise the survey and assessment database.
Explorance Blue before 8.14.13 has an authenticated remote file download vulnerability in a web service that allows downloading arbitrary files from the server.
Snow Monkey Forms WordPress plugin has an arbitrary file deletion vulnerability through insufficient path validation, enabling attackers to delete critical WordPress files.
jsonpath library 1.1.1 has a prototype pollution vulnerability in the value function that allows attackers to modify JavaScript object prototypes and potentially achieve RCE.
Explorance Blue before 8.14.9 has an authenticated file upload vulnerability allowing administrators to upload executable files to the server.
DNN (DotNetNuke) CMS has a stored XSS vulnerability (CVSS 9.1) allowing persistent script injection that executes for all users viewing the affected content.
Clatter Noise protocol library has a broken cryptographic algorithm implementation that weakens post-quantum security guarantees in encrypted communications.