Skip to main content
CVE-2025-69212 HIGH POC This Week

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a critical OS Command Injection vulnerability exists in the P7M (signed XML) file decoding functionality. [CVSS 8.8 HIGH]

Command Injection Openstamanager
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2070 HIGH POC This Week

Remote code execution in UTT 520W firmware versions up to 1.7.7-180627 through a buffer overflow in the /goform/formPolicyRouteConf endpoint allows authenticated attackers to execute arbitrary commands on affected devices. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. The flaw stems from improper bounds checking in the GroupName parameter handling.

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2068 HIGH POC This Week

Remote code execution in UTT 520W firmware 1.7.7-180627 allows authenticated attackers to execute arbitrary code via a buffer overflow in the ServerIp parameter of the /goform/formSyslogConf endpoint. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure attempts. The attack requires network access and valid credentials but executes with full system privileges.

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2067 HIGH POC This Week

Remote code execution in UTT 520W firmware through a buffer overflow in the /goform/formTimeGroupConfig endpoint allows authenticated attackers to achieve complete system compromise via manipulation of the year1 parameter. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification. The high CVSS score of 8.8 reflects the combination of network accessibility, low attack complexity, and full impact on confidentiality, integrity, and availability.

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2066 HIGH POC This Week

Remote code execution in UTT 520W firmware versions up to 1.7.7-180627 via stack buffer overflow in the /goform/formIpGroupConfig endpoint allows authenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early disclosure notification. Affected devices are remotely exploitable with no user interaction required.

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-69214 HIGH POC This Week

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajax_select.php endpoint when handling the componenti operation. [CVSS 8.8 HIGH]

PHP SQLi Openstamanager
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25533 HIGH POC PATCH This Week

Enclave versions up to 2.10.1 is affected by loop with unreachable exit condition (infinite loop) (CVSS 8.8).

Denial Of Service RCE AI / ML Enclave
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25635 HIGH POC PATCH This Week

Remote code execution in Calibre prior to version 9.2.0 through a path traversal flaw in the CHM reader allows local attackers to write arbitrary files with user permissions, enabling payload execution via the Windows Startup folder. Public exploit code exists for this vulnerability. Windows users should upgrade to Calibre 9.2.0 or later to remediate the risk.

Windows RCE Path Traversal Calibre Red Hat +1
NVD GitHub
CVSS 3.1
8.6
EPSS
0.2%
CVE-2026-25580 HIGH POC PATCH This Week

Pydantic AI versions 0.0.26 through 1.55.x contain a server-side request forgery vulnerability in URL download functionality that allows remote attackers to make arbitrary HTTP requests to internal network resources when applications process untrusted message history. Public exploit code exists for this vulnerability, which could enable attackers to access internal services or cloud credentials. Applications must upgrade to version 1.56.0 or later to remediate the issue.

Python SSRF Pydantic Ai
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-25628 HIGH POC PATCH This Week

Arbitrary file append vulnerability in Qdrant vector database versions 1.9.3 through 1.15.x allows authenticated users with minimal read-only privileges to write to arbitrary files through an unsanitized log file path parameter in the /logger endpoint. Public exploit code exists for this vulnerability, enabling attackers to corrupt system files or inject malicious content with high impact to confidentiality, integrity, and availability. The issue is resolved in version 1.16.0.

Information Disclosure AI / ML Qdrant
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-25636 HIGH POC PATCH This Week

Calibre 9.1.0 and earlier contains a path traversal vulnerability in EPUB conversion that allows malicious EPUB files to corrupt or modify arbitrary files writable by the Calibre process. The vulnerability exploits improper handling of CipherReference URIs in encryption metadata, enabling attackers to write outside the intended extraction directory. Public exploit code exists for this high-severity issue, which is patched in version 9.2.0.

Path Traversal Calibre Red Hat Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2019-25304 HIGH POC This Week

SecurosCtrlService contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).

Information Disclosure
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25266 HIGH POC This Week

Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25293 HIGH POC This Week

BstHdLogRotatorSvc service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25302 HIGH POC This Week

DsiWMIService contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).

Information Disclosure
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25634 HIGH POC PATCH This Week

Stack buffer overlap in iccDEV's color profile processing library prior to version 2.3.1.4 enables local attackers with user interaction to achieve arbitrary code execution through malicious ICC color management profiles. The vulnerability exists in the CIccTagMultiProcessElement::Apply() function where SrcPixel and DestPixel buffers overlap, and public exploit code is currently available. A patch has been released in version 2.3.1.4 to address this issue.

Buffer Overflow Iccdev
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25305 HIGH POC This Week

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions. [CVSS 7.8 HIGH]

Code Injection
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25731 HIGH POC PATCH This Week

calibre is an e-book manager. [CVSS 7.8 HIGH]

RCE Calibre Red Hat Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25292 HIGH POC This Week

Alps HID Monitor Service 8.1.0.10 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-70963 HIGH POC PATCH This Week

Gophish <=0.12.1 is vulnerable to Incorrect Access Control. The administrative dashboard exposes each user’s long-lived API key directly inside the rendered HTML/JavaScript of the page on every login. [CVSS 7.6 HIGH]

Authentication Bypass Information Disclosure Gophish Suse
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-25732 HIGH POC PATCH GHSA This Week

Path traversal in NiceGUI before 3.7.0 allows remote attackers to write arbitrary files outside intended directories by exploiting unsanitized filename metadata in the FileUpload.name property, potentially leading to remote code execution when developers incorporate this value directly into file paths. Public exploit code exists for this vulnerability, affecting applications using common patterns like concatenating user-supplied filenames with upload directories. Developers are only protected if they use fixed paths, generate filenames server-side, or explicitly sanitize user input.

Python RCE Path Traversal Nicegui
NVD GitHub Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25758 HIGH POC PATCH This Week

Spree Commerce's guest checkout feature contains an insecure direct object reference (IDOR) flaw that allows unauthenticated attackers to access other customers' personally identifiable information by manipulating address parameters during transaction processing. Public exploit code exists for this vulnerability, which affects all guest checkout flows across multiple Spree versions. Patches are available for versions 4.10.3, 5.0.8, 5.1.10, 5.2.7, and 5.3.2.

Ruby DNS Spree
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-68621 HIGH POC PATCH This Week

Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. [CVSS 7.4 HIGH]

Authentication Bypass Trilium
NVD GitHub
CVSS 3.1
7.4
EPSS
0.1%
CVE-2019-25303 HIGH POC This Week

TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. [CVSS 7.1 HIGH]

SQLi
NVD GitHub Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2019-25300 HIGH POC This Week

thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information. [CVSS 7.1 HIGH]

SQLi
NVD GitHub Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2019-25299 HIGH POC This Week

RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers to manipulate database queries through crafted POST requests. [CVSS 7.1 HIGH]

Linux SQLi
NVD GitHub Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-2103 HIGH POC This Week

Syteline Erp versions up to 10.0.8803.16889 is affected by use of hard-coded cryptographic key (CVSS 7.1).

Information Disclosure Syteline Erp
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-1499 HIGH This Week

WP Duplicate WordPress plugin has a missing authorization vulnerability leading to arbitrary file deletion that can destroy the WordPress installation.

WordPress RCE Authentication Bypass Path Traversal File Upload
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2026-24851 HIGH PATCH This Week

Improper policy enforcement in OpenFGA versions 1.8.5 through 1.11.2 (and corresponding Helm Chart and Docker releases) allows authenticated users to bypass authorization checks through specially crafted tuple configurations that mix type-bound public and non-public access policies. An attacker with valid credentials can exploit mismatched tuple assignments to gain unauthorized access to protected resources by leveraging lexicographic object ID ordering in the authorization engine. No patch is currently available.

Docker Openfga Helm Charts Red Hat Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-15566 HIGH This Week

A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. [CVSS 8.8 HIGH]

Nginx Kubernetes RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-64175 HIGH PATCH This Week

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, Gogs’ 2FA recovery code validation does not scope codes by user, enabling cross-account bypass. [CVSS 8.8 HIGH]

Authentication Bypass Gogs Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25593 HIGH PATCH This Week

OpenClaw prior to version 2026.1.20 allows local unauthenticated attackers to execute arbitrary commands as the gateway user by exploiting the WebSocket API to inject malicious command paths through the config.apply function. The vulnerability stems from insufficient validation of the cliPath parameter, which is subsequently used for command discovery without proper sanitization. No patch is currently available for affected versions.

Command Injection AI / ML Openclaw
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-24930 HIGH This Week

UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 8.4 HIGH]

Industrial Harmonyos
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-24926 HIGH This Week

Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 8.4 HIGH]

Buffer Overflow Harmonyos
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-23989 HIGH PATCH This Week

Unauthenticated attackers can bypass public link scope verification in OpenCloud Reva versions prior to 2.42.3 and 2.40.3 through a flaw in GRPC authorization middleware. By exploiting the archiver service, an attacker can create archives containing all resources accessible to the public link creator, resulting in unauthorized information disclosure. A patch is available in versions 2.42.3 and 2.40.3.

Authentication Bypass Opencloud Reva Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-24135 HIGH PATCH This Week

Arbitrary file deletion in Gogs 0.13.3 and earlier allows authenticated repository contributors to exploit a path traversal flaw in the wiki page update function, enabling deletion of arbitrary files on the affected server. An attacker with wiki write access can manipulate the old_title parameter to traverse the filesystem and remove critical files. No patch is currently available for this high-severity vulnerability (CVSS 8.1).

Path Traversal Gogs Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-25793 HIGH PATCH This Week

Nebula is a scalable overlay networking tool. [CVSS 8.1 HIGH]

Information Disclosure Nebula Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-13523 HIGH PATCH This Week

Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connection link that, when visited, renders the attacker's display name without proper sanitization. [CVSS 7.7 HIGH]

Confluence Suse
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-25644 HIGH This Week

DataHub versions prior to 1.3.1.8 are vulnerable to man-in-the-middle attacks during LDAP authentication due to insufficient TLS certificate validation, allowing attackers on the network to intercept and eavesdrop on sensitive authentication credentials. An unauthenticated attacker can downgrade the TLS connection to capture plaintext LDAP credentials without requiring user interaction. No patch is currently available for affected deployments.

TLS LDAP Datahub
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25751 HIGH PATCH This Week

Unauthenticated attackers can retrieve sensitive InfluxDB credentials from FUXA versions through 1.2.9 due to missing authentication controls, enabling direct database access. An attacker exploiting this vulnerability can read, modify, or delete all historical process data and perform denial of service attacks by corrupting the database. FUXA 1.2.10 addresses this issue, but no patch is currently available for affected versions.

SCADA Denial Of Service Information Disclosure Fuxa
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25762 HIGH PATCH This Week

Memory exhaustion in AdonisJS @adonisjs/bodyparser prior to versions 10.1.3 and 11.0.0-next.9 allows unauthenticated remote attackers to trigger denial of service by uploading files that cause unbounded memory accumulation during multipart parsing. The vulnerable multipart handler fails to enforce memory limits while processing file type detection, enabling attackers to exhaust server resources and crash the application. No patch is currently available for affected installations.

Denial Of Service Bodyparser
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25650 HIGH PATCH This Week

Unauthenticated attackers can exploit arbitrary attribute access in MCP Salesforce Connector versions prior to 0.1.10 to extract sensitive Salesforce authentication tokens. This vulnerability requires only network access with no user interaction, enabling complete disclosure of credentials used for Salesforce API integration. Organizations using affected versions should upgrade to 0.1.10 immediately.

Information Disclosure AI / ML Mcp Salesforce Connector
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21626 HIGH This Week

Easydiscuss fails to enforce access control restrictions on custom forum post fields when outputting data in JSON format, allowing unauthenticated remote attackers to retrieve sensitive information that should be restricted. This information disclosure vulnerability affects users whose forum configurations rely on field-level access controls. No patch is currently available for affected installations.

Information Disclosure Easydiscuss
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24925 HIGH This Week

Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 7.3 HIGH]

Buffer Overflow Heap Overflow Harmonyos
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-25754 HIGH PATCH This Week

AdonisJS is a TypeScript-first web framework. versions up to 10.1.3 is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 7.2).

Prototype Pollution Information Disclosure Bodyparser
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy