Unauthenticated arbitrary file upload in WPvivid Backup & Migration WordPress plugin. EPSS 0.44%.
RCE in Chevereto 3.13.4 image hosting via code injection during database configuration. Allows injecting code during installation/setup. PoC available.
Multiple vulnerabilities in ASTPP 4.0.1 including XSS and command injection in SIP device configuration and plugin management. PoC available.
Stack overflow in Allok Video Converter 4.6.1217 License Name input. PoC available.
Stack overflow in Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 via SEH chain. PoC available.
Stack overflow in Torrent FLV Converter 1.51 Build 117 via SEH overwrite. PoC available.
Stack overflow in Torrent 3GP Converter 1.51 via SEH overwrite. PoC available.
Prototype pollution in set-in npm package allows modification of Object prototype. PoC and patch available.
Authentication bypass via path traversal in ZBT WE2001 router's check_token function. EPSS 0.69% — crafted requests bypass authentication entirely. CVSS 10.0.
Unauthenticated web shell in METIS DFS devices (versions <= oscore 2.1.234-r18). Same vulnerability as CVE-2026-2248 but on DFS product line.
Unauthenticated web shell in METIS WIC devices (versions <= oscore 2.1.234-r18). The /console endpoint provides shell access without authentication. First of two related METIS CVEs.
Path traversal in nanotar npm package through 0.2.0. The parseTar() and parseTarGzip() functions allow attackers to write files outside the extraction directory.
Authentication bypass in ZLAN5143D by directly accessing internal URLs. Access controls enforced only at the frontend, bypassed by direct API calls.
Unauthenticated device password change API in industrial/IoT device. Remote attackers can change the device password without any authentication.
Unsafe deserialization in DiskCache Python library through 5.6.3. Uses pickle by default, allowing attackers with cache directory write access to execute arbitrary code.
Symlink following vulnerability in multiple QNAP NAS operating system versions allows remote attackers to exploit link resolution for unauthorized access.
Missing authentication for critical functions in Dinosoft ERP. Unauthenticated access to business functionality.
Buffer overflow in PJSIP multimedia library version 2.16 and earlier in PJNATH ICE implementation. Patch available. Affects VoIP/communication applications built on PJSIP.
Stack buffer overflow in OpenSatKit 2.2.1 satellite ground station software. The ErrStr buffer overflows when formatting filenames. Space infrastructure vulnerability.
Sensitive information exposure in Logo j-Platform via externally-accessible files or directories.
Code replay attack on PF-50 keyfob of PGST PG107 Alarm System 1.25.05.hf. Physical security system vulnerable to replay of wireless signals.
Critical XSS vulnerability in E-Kalite software allows remote attackers to execute arbitrary code.
{method} and /execute/{method} feed attacker-supplied request bodies straight into pickle.loads(), and the intended nonce authorization gate is bypassed because the nonce defaults to an empty string and is skipped by default. A detailed technical write-up (chocapikk.com) and a VulnCheck advisory describe the flaw; it is not listed in CISA KEV and EPSS is low (0.14%, 34th percentile), indicating no evidence of widespread active exploitation.
Race condition in Apple macOS/iOS symlink handling allows privilege escalation. Fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5.