Skip to main content
CVE-2025-14009 HIGH POC PATCH GHSA This Week

Arbitrary code execution in the NLTK (Natural Language Toolkit) Python library affects all versions through its data downloader: the _unzip_iter function in nltk/downloader.py calls zipfile.extractall() with no path validation, so a malicious data package can drop attacker-controlled Python files (e.g. __init__.py) that execute automatically on import. Any application that downloads NLTK data from an attacker-influenced source is exposed to full remote code execution. Publicly available exploit code exists (huntr.com bounty), EPSS is modest at 0.57% (68th percentile), and there is no public exploit identified as actively exploited in CISA KEV.

Python RCE Nltk Code Injection
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-70151 HIGH POC This Week

Scholars Tracking System versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE Scholars Tracking System
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-70064 HIGH POC This Week

PHPGurukul Hospital Management System v4.0 contains a Privilege Escalation vulnerability. A low-privileged user (Patient) can directly access the Administrator Dashboard and all sub-modules (e.g., User Logs, Doctor Management) by manually browsing to the /admin/ directory after authentication. [CVSS 8.8 HIGH]

Privilege Escalation Hospital Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2019-25351 HIGH POC This Week

Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. [CVSS 8.8 HIGH]

Authentication Bypass
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2019-25360 HIGH POC This Week

Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. [CVSS 9.8 CRITICAL]

RCE Buffer Overflow Stack Overflow Aida64
NVD Exploit-DB VulDB
CVSS 4.0
8.4
EPSS
0.2%
CVE-2019-25357 HIGH POC This Week

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). [CVSS 8.4 HIGH]

Windows Buffer Overflow Stack Overflow
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-27179 HIGH POC This Week

Unauthenticated SQL injection in MajorDoMo's commands module allows remote attackers to extract database contents including unsalted MD5 password hashes without authentication, enabling credential compromise and admin panel access. The vulnerability stems from unsanitized $_GET parameters in SQL queries accessible via the /objects/?module=commands endpoint, and public exploit code is available. Affected versions lack a patch and impact both MajorDoMo and PHP installations running this software.

PHP SQLi Majordomo
NVD GitHub
CVSS 3.1
8.2
EPSS
0.1%
CVE-2019-25359 HIGH POC This Week

SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to inject malicious SQL statements through POST parameters 'idtyp' and 'idgremium'. [CVSS 8.2 HIGH]

.NET SQLi Information Disclosure
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2019-25355 HIGH POC This Week

gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. [CVSS 7.5 HIGH]

Path Traversal Gsoap Suse
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
2.0%
CVE-2019-25352 HIGH POC This Week

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. [CVSS 7.5 HIGH]

Windows Path Traversal
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-70147 HIGH POC This Week

Online Time Table Generator versions up to 1.0 is affected by missing authentication for critical function (CVSS 7.5).

PHP Online Time Table Generator
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-23491 HIGH POC PATCH This Week

Unauthenticated attackers can read arbitrary files from InvoicePlane servers through path traversal in the Guest controller's file retrieval function, potentially exposing database credentials and other sensitive configuration data. This vulnerability affects InvoicePlane versions up to 1.6.3 and has public exploit code available. Version 1.6.4 resolves the issue.

Path Traversal Invoiceplane
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2019-25401 HIGH POC This Week

Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer contains a denial of service vulnerability in the admin configuration page. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-70148 HIGH POC This Week

Missing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference (IDOR). [CVSS 7.5 HIGH]

PHP Membership Management System
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-22860 HIGH POC PATCH This Week

Directory traversal in Rack versions prior to 2.2.22, 3.1.20, and 3.2.5 allows unauthenticated remote attackers to list directories outside the configured root by exploiting a string prefix matching flaw in path validation. An attacker can craft requests with path traversal sequences to enumerate sensitive directories if the target path shares a common prefix with the configured root directory. Public exploit code exists for this vulnerability.

Rack Path Traversal
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2019-25358 HIGH POC This Week

FileOptimizer 14.00.2524 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the FileOptimizer32.ini configuration file. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2019-25353 HIGH POC This Week

Foscam Video Management System 1.1.4.9 contains a denial of service vulnerability in the username input field that allows attackers to crash the application. Attackers can overwrite the username with a 520-byte buffer of repeated 'A' characters to trigger an application crash during device login. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2019-25349 HIGH POC This Week

ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer in the Servername field. Attackers can paste a 257-character buffer during login to trigger an application crash on iOS devices. [CVSS 7.5 HIGH]

SCADA Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-27181 HIGH POC This Week

Unauthenticated module deletion in Majordomo's market module allows remote attackers to completely disable installations through a series of GET requests. The vulnerability stems from improper authentication checks that expose the uninstall functionality without requiring credentials, enabling attackers to iteratively remove all modules and associated files. Public exploit code exists for this high-severity flaw, and no patch is currently available.

Authentication Bypass Majordomo
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2019-25350 HIGH POC This Week

XMedia Recode 3.4.8.6 contains a denial of service vulnerability that allows attackers to crash the application by loading a specially crafted .m3u playlist file. Attackers can create a malicious .m3u file with an oversized buffer to trigger an application crash when the file is opened. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2019-25354 HIGH POC This Week

iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2019-25363 HIGH POC This Week

Wmv To Avi Mpeg Dvd Wmv Convertor versions up to 4.6.1217 is affected by stack-based buffer overflow (CVSS 7.5).

Buffer Overflow Denial Of Service Wmv To Avi Mpeg Dvd Wmv Convertor
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1368 HIGH POC This Week

Video Conferencing with Zoom WordPre versions up to 4.6.6 is affected by improper authentication (CVSS 7.5).

WordPress Zoom
NVD WPScan
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-27178 HIGH POC This Week

MajorDomo's shoutbox feature is vulnerable to stored XSS due to unsanitized user input in the /objects/?method= endpoint, allowing unauthenticated attackers to inject malicious scripts that persist in the database. When administrators access the auto-refreshing dashboard, the stored payload executes automatically, enabling session hijacking and cookie theft. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP XSS Majordomo
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-27177 HIGH POC This Week

MajorDoMo's unauthenticated /objects/?op=set endpoint fails to sanitize property values, allowing remote attackers to inject stored XSS payloads that execute when administrators access the property editor, with public exploit code available. The vulnerability is compounded by session cookies lacking HttpOnly protection, enabling attackers to enumerate properties via the /api.php/data/ endpoint and hijack admin sessions through JavaScript exfiltration.

PHP IoT XSS Majordomo
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-1426 HIGH This Week

PHP Object Injection in the Advanced AJAX Product Filters plugin for WordPress (versions up to 3.1.9.6) allows authenticated authors and above to deserialize malicious objects through the Live Composer compatibility layer. While the plugin itself lacks a gadget chain for exploitation, the vulnerability can enable arbitrary file deletion, data theft, or remote code execution if a POP chain exists in installed themes or plugins. No patch is currently available, and exploitation requires valid WordPress user credentials.

WordPress PHP Deserialization
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2648 HIGH PATCH This Week

Google Chrome's PDFium library contains a heap buffer overflow vulnerability that enables remote attackers to execute arbitrary code or corrupt memory by opening specially crafted PDF files, affecting all users without requiring authentication or special user interaction. The vulnerability impacts Chrome versions prior to 145.0.7632.109 with a high CVSS score of 8.8, though no patch is currently available. An attacker can exploit this to achieve complete compromise of the affected system including confidentiality, integrity, and availability of data.

Buffer Overflow Chrome Google Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-23230 HIGH PATCH CISA This Week

Linux kernel SMB client denial of service vulnerability caused by concurrent bitfield updates in the cached_fid structure that can corrupt flag states through read-modify-write races. A local attacker with standard privileges can trigger this race condition to cause availability disruptions by forcing inconsistent flag states in cached file handle management. No patch is currently available for this medium-severity issue.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2649 HIGH PATCH This Week

Heap corruption in Google Chrome's V8 engine prior to version 145.0.7632.109 can be triggered through integer overflow vulnerabilities when processing malicious HTML pages. An unauthenticated attacker can exploit this by tricking users into visiting a crafted webpage, potentially achieving arbitrary code execution with high impact to confidentiality, integrity, and availability. No patch is currently available for this vulnerability.

Google Integer Overflow Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2650 HIGH PATCH This Week

Google Chrome versions before 145.0.7632.109 contain a heap buffer overflow in the Media component that can be triggered by a remote attacker through a specially crafted HTML page, potentially leading to heap corruption and arbitrary code execution. The vulnerability requires user interaction to exploit and affects all Chrome users who encounter a malicious webpage. No patch is currently available for this high-severity issue.

Google Buffer Overflow Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23226 HIGH PATCH This Week

The Linux kernel ksmbd subsystem contains a use-after-free vulnerability in multi-channel session handling due to missing synchronization on the ksmbd_chann_list xarray, allowing a local attacker with user privileges to cause memory corruption and potentially execute arbitrary code. The vulnerability affects the channel lookup and deletion operations between multiple concurrent sessions. A patch is available to add proper locking mechanisms to protect xarray access.

Linux Use After Free Memory Corruption Information Disclosure Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-1714 HIGH This Week

Unauthenticated attackers can abuse the ShopLentor plugin for WordPress (versions up to 3.3.2) to send arbitrary emails through affected websites due to insufficient input validation in an AJAX endpoint, allowing them to conduct spam and phishing campaigns with full control over recipient addresses, subject lines, and message content. The vulnerability requires no user interaction and affects all installations of the vulnerable plugin. No patch is currently available.

WordPress
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2026-27182 HIGH This Week

Saturn Remote Mouse Server on local networks is vulnerable to unauthenticated command injection through specially crafted UDP JSON packets sent to port 27000, enabling attackers to execute arbitrary code with service account privileges. Affected systems lack input validation on command parameters, allowing network-adjacent threat actors to achieve remote code execution without authentication. No patch is currently available for this high-severity vulnerability.

RCE Command Injection
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2026-24708 HIGH This Week

OpenStack Nova compute nodes using the Flat image backend can have their host data destroyed when an authenticated user crafts a malicious QCOW header on a disk image and triggers a resize operation, causing qemu-img to execute without format restrictions. Affected versions include Nova before 30.2.2, 31.x before 31.2.1, and 32.x before 32.1.1, with no patch currently available. This vulnerability requires low privileges and user interaction but impacts the integrity and availability of the host system across trust boundaries.

Information Disclosure
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-33245 HIGH PATCH This Week

NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 8.0 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
8.0
EPSS
0.3%
CVE-2026-27099 HIGH PATCH This Week

Jenkins versions 2.483-2.550 and LTS 2.492.1-2.541.1 contain a stored XSS vulnerability in the agent offline cause description field that fails to properly sanitize user input. Attackers with Agent/Configure or Agent/Disconnect permissions can inject malicious scripts that execute in the browsers of other users viewing the affected agent configuration. No patch is currently available for this vulnerability.

Jenkins XSS Red Hat
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-33243 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33252 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33241 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33251 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-33250 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-33253 HIGH PATCH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-60038 HIGH This Week

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. [CVSS 7.8 HIGH]

RCE Deserialization Rexroth Indraworks
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-60037 HIGH This Week

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. [CVSS 7.8 HIGH]

RCE Deserialization Rexroth Indraworks
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-60036 HIGH This Week

A vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. [CVSS 7.8 HIGH]

RCE Deserialization Rexroth Ua.Testclient Rexroth Indraworks
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-60035 HIGH This Week

A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. [CVSS 7.8 HIGH]

RCE Deserialization Rexroth Indraworks
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-33246 HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. [CVSS 7.8 HIGH]

Privilege Escalation Command Injection Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23222 HIGH PATCH CISA This Week

Memory allocation errors in the Linux kernel's OMAP crypto driver cause scatterlist objects to be undersized by 4x, enabling local authenticated attackers to trigger denial of service conditions through memory corruption. An attacker with local access and user-level privileges can exploit this miscalculation to crash the system or cause unpredictable kernel behavior. No patch is currently available for this vulnerability.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23221 HIGH PATCH This Week

The Linux kernel's fsl-mc bus driver contains a use-after-free vulnerability in the driver_override_show() function that reads device configuration without proper locking, allowing a local privileged user to trigger memory corruption by concurrently modifying the same data. This vulnerability affects Linux systems running vulnerable kernel versions and could enable local denial of service or potential privilege escalation through heap memory manipulation. No patch is currently available for this issue.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23216 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's iSCSI target implementation allows local attackers with low privileges to cause memory corruption and potential denial of service by exploiting a race condition in the connection usage counting mechanism. The flaw occurs when a spinlock is released after calling complete(), allowing a waiting thread to free the connection structure before the current thread finishes its unlock operation. No patch is currently available for this vulnerability.

Linux Use After Free Memory Corruption Information Disclosure Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy