Skip to main content
CVE-2026-1281 CRITICAL POC KEV EUVD KEV PATCH THREAT Act Now

Ivanti Endpoint Manager Mobile (EPMM) contains a critical code injection vulnerability (CVE-2026-1281, CVSS 9.8) that allows unauthenticated remote attackers to execute arbitrary code. With EPSS 64.8% and KEV listing, this vulnerability in the mobile device management platform threatens the security of every managed mobile device in the organization, as EPMM has the ability to push configurations, certificates, and apps to enrolled devices.

Ivanti RCE Code Injection Endpoint Manager Mobile
NVD VulDB
CVSS 3.1
9.8
EPSS
64.8%
Threat
6.9
CVE-2026-1340 CRITICAL POC KEV EUVD KEV THREAT Emergency

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that allows unauthenticated attackers to achieve remote code execution on the mobile device management server. Compromising the MDM server provides access to all managed mobile device configurations, policies, and potentially the ability to push malicious profiles to enrolled devices.

Ivanti RCE Code Injection
NVD VulDB
CVSS 3.1
9.8
EPSS
50.9%
Threat
6.5
CVE-2025-69516 HIGH POC THREAT Act Now

A Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the server. [CVSS 8.8 HIGH]

Code Injection Tactical Rmm
NVD GitHub
CVSS 3.1
8.8
EPSS
42.9%
Threat
4.5
CVE-2026-24054 CRITICAL POC PATCH Act Now

Sandbox escape in Kata Containers allowing guest VM to access host resources. CVSS 10.0 — undermines the core security guarantee of hardware-isolated containers. PoC and patch available.

DNS Kata Containers Red Hat
NVD GitHub
CVSS 3.1
10.0
EPSS
0.1%
CVE-2020-37012 CRITICAL POC Act Now

Unauthenticated RCE in Tea LaTeX 1.0 via command injection in /api endpoint. EPSS 0.29% with PoC available.

PHP RCE
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2020-37000 CRITICAL POC Act Now

Stack buffer overflow in Free MP3 CD Ripper 2.8 allows remote code execution via crafted WAV files. PoC available.

Windows RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69929 CRITICAL POC Act Now

Client-side password hashing in N3uron Web UI v1.21.7 allows privilege escalation. Weak hashing enables attackers to forge authentication credentials. PoC available.

Privilege Escalation Web User Interface
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-37010 CRITICAL POC Act Now

Buffer overflow in BearShare Lite 5.2.5 Advanced Search keywords input allows code execution. PoC available.

Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-36997 CRITICAL POC Act Now

Buffer overflow in BacklinkSpeed 2.4 allows code execution via SEH chain corruption through malicious input. PoC available.

Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2020-37009 HIGH POC This Week

MedDream PACS Server 6.8.3.751 contains an authenticated remote code execution vulnerability that allows authorized users to upload malicious PHP files. [CVSS 8.8 HIGH]

PHP RCE
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-37002 HIGH POC This Week

Authentication bypass leading to command execution in Ajenti 2.1.36. Despite requiring login, the authentication can be bypassed for subsequent command execution. EPSS 0.64% with PoC available.

Authentication Bypass Command Injection
NVD GitHub Exploit-DB VulDB
CVSS 4.0
8.7
EPSS
0.6%
CVE-2026-24780 HIGH POC This Week

Remote code execution in AutoGPT Platform prior to v0.6.44 allows authenticated users to execute disabled blocks and write arbitrary Python code to the server filesystem. The vulnerability stems from insufficient validation of the disabled flag in block execution endpoints, enabling attackers to achieve code execution via the BlockInstallationBlock component. Public exploit code exists, and self-hosted instances with Supabase signup enabled are particularly vulnerable to account creation and exploitation.

Python RCE AI / ML Autogpt Platform
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-25040 HIGH POC This Week

Budibase is a low code platform for creating internal tools, workflows, and admin panels. [CVSS 8.8 HIGH]

Privilege Escalation Budibase
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-25047 HIGH POC PATCH This Week

Deephas versions up to 1.0.7 is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 8.8).

Node.js Deephas
NVD GitHub Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2020-37011 HIGH POC This Week

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. [CVSS 7.5 HIGH]

Memory Corruption Buffer Overflow
NVD Exploit-DB VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2020-37013 HIGH POC This Week

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. [CVSS 8.4 HIGH]

Buffer Overflow
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2020-37001 HIGH POC This Week

Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attackers to execute arbitrary code by overflowing the 'Archive To' input field. [CVSS 8.4 HIGH]

Buffer Overflow
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-62514 HIGH POC PATCH This Week

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, `libparsec_crypto`, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means an attacker in a man-in-the-middle position would be able to provide weak order points to both parties in the Diffie-Hellman exchange, resulting in a high probability to for both parties to obtain ...

Information Disclosure Parsec
NVD GitHub
CVSS 3.1
8.3
EPSS
0.0%
CVE-2020-36999 HIGH POC This Week

Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard by manipulating the login page with SQL injection. [CVSS 8.2 HIGH]

PHP SQLi Authentication Bypass
NVD GitHub Exploit-DB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2020-37006 HIGH POC This Week

berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src_record' parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through a crafted POST request to the index.php endpoint to potentially extract or modify database information. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2020-37021 HIGH POC This Week

10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup. [CVSS 7.8 HIGH]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37020 HIGH POC This Week

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. [CVSS 7.8 HIGH]

Information Disclosure
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37016 HIGH POC This Week

BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. [CVSS 7.8 HIGH]

Code Injection
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37017 HIGH POC This Week

CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-63657 HIGH POC This Week

An out-of-bounds read in the mk_mimetype_find function (mk_server/mk_mimetype.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]

Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2025-63656 HIGH POC This Week

An out-of-bounds read in the header_cmp function (mk_server/mk_http_parser.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]

Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2025-63653 HIGH POC This Week

An out-of-bounds read in the mk_vhost_fdt_close function (mk_server/mk_vhost.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]

Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2025-63652 HIGH POC This Week

A use-after-free in the mk_http_request_end function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]

Use After Free Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2025-63650 HIGH POC This Week

An out-of-bounds read in the mk_ptr_to_buf in mk_core function (mk_memory.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]

Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2025-63655 HIGH POC This Week

A NULL pointer dereference in the mk_http_range_parse function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]

Null Pointer Dereference Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2025-63651 HIGH POC This Week

A use-after-free in the mk_string_char_search function (mk_core/mk_string.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]

Use After Free Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2026-25116 HIGH POC This Week

Runtipi versions 4.5.0 through 4.7.1 contain an unauthenticated path traversal vulnerability in the UserConfigController that allows remote attackers to overwrite the docker-compose.yml configuration file through insecure URN parsing. An attacker can inject a malicious stack configuration that executes arbitrary code when the instance restarts, achieving full remote code execution and host compromise. Public exploit code exists and no patch is currently available.

Docker RCE Path Traversal Runtipi
NVD GitHub
CVSS 3.1
7.6
EPSS
0.1%
CVE-2025-63658 HIGH POC This Week

A stack overflow in the mk_http_index_lookup function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2020-37008 HIGH POC This Week

EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to manipulate SQL queries in JSON requests to access admin user information. [CVSS 7.5 HIGH]

Authentication Bypass
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25061 HIGH POC This Week

Denial-of-service attacks against tcpflow up to version 1.61 are possible via malformed 802.11 management frames that trigger a stack-based buffer overflow in TIM element parsing. An unauthenticated remote attacker can craft a specially designed wireless frame to cause a one-byte out-of-bounds write, crashing the application or potentially executing arbitrary code. Public exploit code exists, but no patches are currently available for affected Debian Linux systems and other distributions using vulnerable tcpflow versions.

Denial Of Service Tcpflow Debian Linux Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2020-36995 HIGH POC This Week

Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-63649 HIGH POC This Week

An out-of-bounds read in the http_parser_transfer_encoding_chunked function (mk_server/mk_http_parser.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted POST request to the server. [CVSS 7.5 HIGH]

Denial Of Service Monkey
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-23896 HIGH POC This Week

Immich versions prior to 2.5.0 contain an improper access control flaw that allows any authenticated API key to escalate its privileges to full administrator level by manipulating the update endpoint. Public exploit code exists for this vulnerability, enabling attackers with basic API access to completely compromise the system. The flaw affects all unpatched Immich installations and requires upgrading to version 2.5.0 or later to remediate.

Privilege Escalation Immich
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2020-37015 HIGH POC This Week

Ruijie Networks Switch eWeb S29_RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. [CVSS 7.5 HIGH]

Path Traversal
NVD Exploit-DB VulDB
CVSS 4.0
7.1
EPSS
0.4%
CVE-2020-37004 HIGH POC This Week

Ultimate Project Manager CRM PRO 2.0.5 contains a blind SQL injection vulnerability that allows attackers to extract usernames and password hashes from the tbl_users database table. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-24902 HIGH POC PATCH This Week

TrustTunnel versions prior to 0.9.114 fail to validate private network restrictions when processing numeric IP addresses in TCP connections, enabling authenticated attackers to bypass SSRF protections and reach loopback or internal network targets. The vulnerability exists because IP-based connection requests skip the same security checks applied to hostname-based requests. Public exploit code exists; upgrade to version 0.9.114 or later to remediate.

SSRF Trusttunnel
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2020-37005 HIGH POC This Week

TimeClock Software 1.01 contains an authenticated time-based SQL injection vulnerability that allows attackers to enumerate valid usernames by manipulating the 'notes' parameter. [CVSS 7.1 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-25126 HIGH POC PATCH This Week

PolarLearn versions prior to 0-PRERELEASE-15 fail to validate the `direction` parameter in the forum vote API endpoint, allowing authenticated attackers to submit arbitrary values that bypass business logic and corrupt vote data. Public exploit code exists for this vulnerability. The issue affects authenticated users who can manipulate voting behavior through improper input validation.

Code Injection Polarlearn
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-15545 MEDIUM POC This Month

The backup restore function does not properly validate unexpected or unrecognized tags within the backup file. When such a crafted file is restored, the injected tag is interpreted by a shell, allowing execution of arbitrary commands with root privileges. [CVSS 6.8 MEDIUM]

Code Injection Archer Re605x Firmware
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-24905 MEDIUM POC PATCH GHSA This Month

Inspektor Gadget versions prior to 0.48.1 allow local attackers with limited privileges to execute arbitrary commands during custom gadget image builds due to insufficient input sanitization in Makefile generation. An attacker who can control buildOptions parameters can inject shell commands that execute with the privileges of the build process. Public exploit code exists for this vulnerability.

Kubernetes Command Injection
NVD GitHub VulDB
CVSS 4.0
6.6
EPSS
0.1%
CVE-2020-37018 MEDIUM POC This Month

GOautodial 4.0 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through message subjects. [CVSS 6.4 MEDIUM]

XSS
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-71011 MEDIUM POC This Month

An input validation vulnerability in the flow.Tensor.new_empty/flow.Tensor.new_ones/flow.Tensor.new_zeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 6.2 MEDIUM]

Denial Of Service AI / ML Oneflow
NVD GitHub
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-71009 MEDIUM POC This Month

An input validation vulnerability in the flow.scatter/flow.scatter_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted indices. [CVSS 6.2 MEDIUM]

Denial Of Service AI / ML Oneflow
NVD GitHub
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-71008 MEDIUM POC This Month

Oneflow versions up to 0.9.0 contains a vulnerability that allows attackers to cause a Denial of Service (DoS) via a crafted input (CVSS 6.2).

Denial Of Service AI / ML Oneflow
NVD GitHub
CVSS 3.1
6.2
EPSS
0.0%
CVE-2020-36994 MEDIUM POC This Month

QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionality. [CVSS 6.2 MEDIUM]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy