Skip to main content
CVE-2026-25512 HIGH POC PATCH THREAT Act Now

Authenticated attackers can execute arbitrary commands on Group-Office servers through unsanitized user input in the email attachment endpoint, where shell metacharacters are directly passed to system execution functions. The vulnerability affects Group-Office versions prior to 6.8.150, 25.0.82, and 26.0.5, and public exploit code exists. Organizations should apply available patches immediately as this is actively exploitable by authenticated users.

RCE Group Office
NVD GitHub
CVSS 3.1
8.8
EPSS
13.5%
CVE-2025-69213 HIGH POC This Week

OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, a SQL Injection vulnerability exists in the ajax_complete.php endpoint when handling the get_sedi operation. [CVSS 8.8 HIGH]

PHP SQLi Openstamanager
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-69215 HIGH POC This Week

OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, there is a SQL Injection vulnerability in the Stampe Module. [CVSS 8.8 HIGH]

SQLi Openstamanager
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25161 HIGH POC PATCH GHSA This Week

Path traversal in Alist prior to version 3.57.0 allows authenticated users to manipulate filename parameters and bypass directory restrictions within the same storage mount. Attackers can exploit this vulnerability to perform unauthorized file operations including deletion, movement, and copying across user boundaries. Public exploit code exists for this vulnerability.

Path Traversal Alist Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25514 HIGH POC PATCH This Week

FacturaScripts is open-source enterprise resource planning and accounting software. [CVSS 8.8 HIGH]

SQLi Facturascripts
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25513 HIGH POC PATCH This Week

Authenticated users can execute arbitrary SQL commands against FacturaScripts REST API endpoints through unsanitized sort parameters in the ModelClass::getOrderBy() method, allowing data theft, modification, or deletion. Public exploit code exists for this vulnerability affecting all versions prior to 2025.81. Organizations using vulnerable FacturaScripts instances should immediately apply the available patch and restrict API access to trusted users.

SQLi Facturascripts
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25538 HIGH POC PATCH This Week

Devtron is an open source tool integration platform for Kubernetes. [CVSS 8.8 HIGH]

Kubernetes Devtron Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-24884 HIGH POC PATCH This Week

Compressing library versions 1.10.3 and prior, and 2.0.0 fail to validate symbolic link targets during TAR archive extraction, allowing attackers to write files to arbitrary locations on the filesystem. Public exploit code exists for this vulnerability, which could enable overwriting critical system files or establishing persistence. Patched versions 1.10.4 and 2.0.1 are available.

Path Traversal Compressing
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-22038 HIGH POC PATCH This Week

AutoGPT platform versions prior to v0.6.46 expose API keys and authentication secrets in application logs due to insecure logging of decrypted credentials across three Stagehand integration blocks. Authenticated users can access these plaintext secrets through log files, enabling credential theft and unauthorized access to integrated services. Public exploit code exists for this vulnerability, though a patch is available in v0.6.46 and later.

Information Disclosure AI / ML Autogpt Platform
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-25584 HIGH POC PATCH This Week

Stack buffer overflow in iccDEV versions prior to 2.3.1.3 allows local attackers to corrupt memory, leak sensitive information, or execute arbitrary code by supplying malformed ICC color profile files. The vulnerability exists in the CIccTagFloatNum<>::GetValues() function and is triggered during profile processing, affecting users who handle untrusted ICC files. Public exploit code exists for this vulnerability.

Memory Corruption Information Disclosure Iccdev
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25585 HIGH POC PATCH This Week

Out-of-bounds memory read in iccDEV versions prior to 2.3.1.3 allows local attackers to disclose sensitive memory contents or trigger application crashes by crafting malformed ICC color profiles that bypass array bounds validation. The vulnerability exists in IccCmm.cpp during profile index processing and has public exploit code available. Update to version 2.3.1.3 or later to remediate.

Buffer Overflow Iccdev
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25583 HIGH POC PATCH This Week

Heap buffer overflow in iccDEV versions prior to 2.3.1.3 allows local attackers to achieve code execution with high privileges by crafting malformed ICC color profile files that trigger unsafe memory operations during file parsing. Public exploit code exists for this vulnerability. All users of iccDEV should upgrade to version 2.3.1.3 or later immediately.

Buffer Overflow Iccdev
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25582 HIGH POC PATCH This Week

Heap buffer overflow in iccDEV versions prior to 2.3.1.3 allows local attackers with user interaction to read sensitive memory and potentially execute code by supplying malformed XML files to the iccFromXml tool during ICC profile conversion. Public exploit code exists for this vulnerability. A patch is available in version 2.3.1.3 and later.

Buffer Overflow Iccdev
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25537 HIGH POC PATCH This Week

jsonwebtoken prior to version 10.3.0 allows attackers to bypass JWT time-based validation checks through type confusion when standard claims like nbf or exp are provided with incorrect JSON types. The library incorrectly treats malformed claims as absent rather than invalid, enabling bypass of critical security restrictions if validation is enabled but the claim is not explicitly marked as required. Public exploit code exists for this vulnerability.

Buffer Overflow Jsonwebtoken Red Hat
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25575 HIGH POC PATCH This Week

Navigatum contains a vulnerability that allows attackers to overwrite files in directories writable by the application user (e (CVSS 7.5).

Path Traversal Navigatum
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25499 HIGH POC PATCH This Week

The Terraform/OpenTofu Proxmox Provider prior to version 0.93.1 contains a path traversal vulnerability in its SSH sudoer configuration documentation that permits attackers to escape directory restrictions using ../ sequences and modify arbitrary files on the system. Public exploit code exists for this vulnerability, affecting users who implement the documented SSH configuration. The vulnerability has been patched in version 0.93.1 and a fix is available.

SSH Proxmox Terraform Provider Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-71031 HIGH POC This Week

Water-Melon Melon commit 9df9292 and below is vulnerable to Denial of Service. The HTTP component doesn't have any maximum length. [CVSS 7.5 HIGH]

Denial Of Service Melon
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25541 HIGH POC PATCH This Week

Integer overflow in the Bytes library versions 1.2.1 through 1.11.0 allows attackers to corrupt the BytesMut capacity value, leading to out-of-bounds memory access and undefined behavior in release builds. Public exploit code exists for this vulnerability, affecting applications that depend on Bytes for buffer management. A patch is available in version 1.11.1.

Integer Overflow Bytes
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-20098 HIGH This Week

Unauthenticated file upload in Cisco Meeting Management's Certificate Management interface allows authenticated attackers to write arbitrary files and execute commands with root privileges on affected systems. An attacker with valid credentials can exploit improper input validation in the web management interface to overwrite system files processed with elevated privileges, leading to complete system compromise. No patch is currently available for this vulnerability.

Cisco Meeting Management
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-25056 HIGH PATCH This Week

N8N versions up to 1.118.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

RCE AI / ML N8n
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-1756 HIGH This Week

WP FOFT Loader (WordPress plugin) is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress RCE
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-1819 HIGH This Week

Karel Electronics Industry and Trade Inc. ViPort is affected by cross-site scripting (xss) (CVSS 8.8).

XSS
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-15368 HIGH This Week

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'template_name' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be...

WordPress PHP LFI Information Disclosure RCE
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-23098 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's netrom subsystem allows local attackers with user privileges to cause a denial of service or potentially execute code by triggering a double-free condition in the nr_route_frame() function when nr_neigh->ax25 is NULL. The vulnerability requires local access and user-level privileges to exploit, with no patch currently available.

Linux Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-0945 HIGH PATCH This Week

The Drupal Role Delegation module versions 1.3.0 through 1.5.0 contains an unsafe privilege definition vulnerability that permits authenticated users with delegation permissions to escalate their privileges within the application. An attacker with limited account access could exploit this flaw to gain elevated permissions and modify system settings or access restricted functionality. No patch is currently available for this vulnerability.

Privilege Escalation Role Delegation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-0538 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted GIF file, triggering an out-of-bounds write (CWE-787) in its image-handling code. The flaw lets an attacker run code in the context of the user running 3ds Max; no public exploit identified at time of analysis and EPSS estimates exploitation probability at just 0.03%.

Buffer Overflow RCE Memory Corruption 3ds Max
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-0661 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted RGB image file, resulting in a CWE-787 out-of-bounds write that corrupts memory and lets an attacker run code in the context of the user running 3ds Max. No public exploit identified at time of analysis, and the EPSS probability is only 0.01%, but the CVSS base score of 8.4 reflects the high impact when a victim is convinced to open a weaponized asset file.

Memory Corruption Buffer Overflow RCE 3ds Max
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-0537 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted RGB image file, triggering an out-of-bounds write (CWE-787) that corrupts memory in the running process. Exploitation requires a victim to open the malicious file locally, but no public exploit has been identified at time of analysis and EPSS rates real-world exploitation likelihood at just 0.01%. The flaw was reported by Autodesk PSIRT and is tracked under advisory ADSK-SA-2026-0002.

Memory Corruption Buffer Overflow RCE 3ds Max
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-0660 HIGH This Week

Stack-based buffer overflow in Autodesk 3ds Max enables arbitrary code execution when the application parses a maliciously crafted GIF file, running attacker code in the context of the current user process. The flaw carries a CVSS 8.4 (High) rating due to local attack vector but full confidentiality, integrity, and availability impact, with no public exploit identified at time of analysis and a very low EPSS probability (0.01%) reflecting the file-open user-interaction model typical of DCC software.

Buffer Overflow Stack Overflow RCE 3ds Max
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-24843 HIGH PATCH This Week

Melange versions 0.11.3 through 0.40.2 suffer from a path traversal vulnerability in the retrieveWorkspace function that fails to validate tar entry paths, allowing an attacker with control over a QEMU guest VM's tar stream to write arbitrary files outside the intended workspace directory on the host system. An attacker exploiting this vulnerability could achieve arbitrary file write capabilities on the host machine, potentially leading to system compromise. A patch is available in version 0.40.3 and later.

Path Traversal Melange Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-25055 HIGH PATCH This Week

n8n is an open source workflow automation platform. [CVSS 8.1 HIGH]

SSH RCE AI / ML N8n
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-25519 HIGH PATCH This Week

OpenSlides versions prior to 4.2.29 allow unauthorized authentication bypass for SAML-synchronized users through the local login form by using the victim's username with a hardcoded trivial password. An attacker can gain complete access to any SAML user account without knowing their actual credentials, potentially compromising sensitive assembly management data including agendas, motions, and election information. A patch is available in version 4.2.29 and should be applied immediately to all affected instances.

Authentication Bypass Openslides
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-69621 HIGH This Week

file import process of Comic Book Reader v1.0.95 contains a vulnerability that allows attackers to overwrite critical internal files, potentially leading to arbitrary code executi (CVSS 6.5).

RCE
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-24844 HIGH PATCH This Week

melange allows users to build apk packages using declarative pipelines. [CVSS 7.9 HIGH]

Command Injection RCE Melange Suse
NVD GitHub
CVSS 3.1
7.9
EPSS
0.0%
CVE-2026-23078 HIGH PATCH This Week

A buffer overflow in the Linux kernel's ALSA scarlett2 USB driver allows local attackers with user privileges to corrupt memory and potentially execute code by triggering improper endianness conversion during audio device configuration retrieval. The vulnerability stems from incorrect size validation that causes the function to access more bytes than allocated when processing multiple configuration elements. No patch is currently available for this vulnerability affecting Linux systems with Scarlett audio interfaces.

Linux Buffer Overflow Memory Corruption Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23074 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's teql qdisc implementation allows local attackers with low privileges to trigger memory corruption and cause denial of service or potential code execution by improperly nesting teql as a non-root qdisc when it is designed to operate only as a root qdisc. The flaw exists due to missing validation of qdisc constraints and currently has no available patch. This affects all Linux systems using the vulnerable kernel versions.

Linux Information Disclosure Memory Corruption Use After Free
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23105 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq.

Linux Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23089 HIGH POC PATCH This Week

A use-after-free vulnerability in the Linux kernel's ALSA USB audio mixer can be triggered by local attackers with low privileges when mixer initialization fails, causing the kernel to access freed memory during sound card registration and potentially leading to information disclosure or denial of service. The flaw affects Linux systems with USB audio devices and remains unpatched, exploitable without user interaction after initial access to the system.

Linux Use After Free Memory Corruption Information Disclosure Linux Kernel +2
NVD VulDB GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23083 HIGH PATCH This Week

Local privilege escalation in the Linux kernel's FOU (Foo-over-UDP) tunnel implementation allows authenticated local users to trigger a memory leak and denial of service by setting the FOU_ATTR_IPPROTO attribute to zero, causing network packets to remain unfreed in memory. This vulnerability affects all Linux systems with the vulnerable kernel code and requires local access to exploit. No patch is currently available for this high-severity issue.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23073 HIGH PATCH This Week

The RSI911x WiFi driver in the Linux kernel fails to allocate sufficient memory for virtual interface driver data, causing out-of-bounds writes to the ieee80211_vif structure and memory corruption. A local attacker with low privileges can exploit this to corrupt kernel memory and potentially execute arbitrary code. No patch is currently available.

Linux Memory Corruption Buffer Overflow Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25546 HIGH PATCH This Week

Remote code execution in Godot MCP prior to version 0.1.1 results from unsafe shell command execution when processing user-supplied project paths. An unauthenticated attacker can inject shell metacharacters through multiple tools (create_scene, add_node, load_sprite, etc.) to execute arbitrary commands with the privileges of the MCP server process. No patch is currently available for affected deployments.

RCE Command Injection Godot Mcp
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0659 HIGH This Week

Malicious USD files trigger an out-of-bounds write vulnerability in Autodesk Arnold and 3ds Max, enabling arbitrary code execution within the affected application when a user loads or imports the crafted file. Local attackers with user interaction can exploit this to gain full system compromise with the privileges of the running process. No patch is currently available.

Buffer Overflow RCE
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23092 HIGH PATCH This Week

Local stack buffer overflow in the Linux kernel's AD3552R DAC driver allows a local authenticated attacker to write beyond allocated buffer boundaries through improper bounds checking in the ad3552r_hs_write_data_source function. An attacker with local access can trigger out-of-bounds writes on the stack, potentially leading to privilege escalation or denial of service. No patch is currently available for this vulnerability.

Linux Memory Corruption Buffer Overflow Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23077 HIGH PATCH This Week

Linux kernel memory corruption via use-after-free (UAF) in virtual memory area (VMA) handling allows local attackers with user privileges to cause denial of service or potentially execute code by triggering incorrect VMA merges during mremap() operations on faulted and unfaulted memory regions. The vulnerability stems from improper handling of anonymous VMA merges when remapping memory adjacent to unfaulted pages. No patch is currently available for this high-severity issue affecting the Linux kernel.

Linux Memory Corruption Information Disclosure Use After Free Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23068 HIGH PATCH This Week

Double-free vulnerability in the Linux kernel's spi-sprd-adi driver allows local attackers with low privileges to cause a denial of service or potentially execute code by triggering a probe error path that improperly frees the SPI controller structure twice. The vulnerability exists in error handling where devm_spi_register_controller() is paired with manual spi_controller_put() calls, causing the kernel to attempt freeing the same memory region twice when device registration fails. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23066 HIGH PATCH This Week

A local privilege escalation in the Linux kernel's rxrpc subsystem allows authenticated users to trigger use-after-free or reference count underflow conditions by exploiting improper queue management in the recvmsg() function when MSG_DONTWAIT is specified. An attacker with local access can cause denial of service or potentially execute arbitrary code by corrupting the recvmsg queue through repeated calls that unconditionally requeue already-queued items. No patch is currently available for this medium-severity vulnerability (CVSS 5.5).

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25143 HIGH PATCH This Week

Melange versions 0.10.0 through 0.40.2 allow unauthenticated command injection through the patch pipeline, enabling attackers to execute arbitrary shell commands on build hosts by injecting shell metacharacters into patch-related inputs such as series paths and filenames. This vulnerability affects users who build APK packages using melange build or melange license-check operations, particularly in CI/CD environments where build inputs may be controlled by untrusted sources. A patch is available in version 0.40.3 and later.

Command Injection RCE Melange Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0662 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when users open max files from maliciously crafted project directories that exploit an untrusted search path vulnerability. Local attackers can leverage this to execute arbitrary code with the privileges of the current user without requiring special permissions or interaction beyond opening a file. No patch is currently available for this high-severity vulnerability affecting 3ds Max users.

Privilege Escalation RCE 3ds Max
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20983 HIGH This Week

Android versions up to 14.0 contains a vulnerability that allows attackers to launch arbitrary activity with Samsung Dialer privilege (CVSS 7.8).

Samsung Android
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20979 HIGH This Week

Android versions up to 15.0 contains a vulnerability that allows attackers to launch arbitrary activity with Settings privilege (CVSS 7.8).

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy