Skip to main content
CVE-2026-27622 HIGH POC PATCH This Week

Out-of-bounds heap write in OpenEXR's CompositeDeepScanLine::readPixels lets a crafted multi-part deep-scanline EXR file corrupt memory when parsed by an application that links the library. Attacker-controlled per-part sample counts are accumulated into 32-bit total_sizes entries that wrap modulo 2^32, yielding an undersized overall_sample_count used to size the composite sample buffer, while decode setup and generic_unpack_deep_pointers in core unpack consume the true (larger) counts and write past the buffer. Publicly available exploit code exists, but EPSS exploitation probability is very low (0.01%, 2nd percentile) and it is not listed in CISA KEV, so no public evidence of active exploitation exists at time of analysis.

Buffer Overflow Openexr Memory Corruption
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-27601 HIGH POC PATCH This Week

Unbounded recursion in Underscore.js versions before 1.13.8 enables denial of service attacks when the _.flatten or _.isEqual functions process deeply nested untrusted data structures. An attacker can trigger stack overflow conditions by supplying specially crafted recursive input, causing affected applications to crash. Public exploit code exists for this vulnerability, and patches are available.

Denial Of Service Underscore
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-20777 HIGH POC This Week

Arbitrary code execution in libbiosig 3.9.2 and Master Branch can be triggered by parsing malicious Nicolet WFT files through a heap buffer overflow in the WFT parsing functionality. An attacker can exploit this vulnerability by supplying a crafted .wft file to execute arbitrary code on affected systems. Public exploit code exists for this vulnerability, though no patch is currently available.

Buffer Overflow Heap Overflow Libbiosig
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-27905 HIGH POC PATCH This Week

Arbitrary file write in BentoML prior to version 1.4.36 allows local attackers to write files to arbitrary locations on the host system by crafting malicious tar archives containing symlinks that point outside the extraction directory. The vulnerability exists because the safe_extract_tarfile() function fails to validate symlink targets, only validating the symlink path itself, enabling attackers to bypass directory traversal protections. Public exploit code exists for this vulnerability; users should upgrade to version 1.4.36 or later.

Python AI / ML Bentoml
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-69765 HIGH POC This Week

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution. [CVSS 7.5 HIGH]

RCE Stack Overflow Memory Corruption Ax3 Firmware Tenda
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-27932 HIGH POC PATCH This Week

Joserfc versions 1.6.2 and earlier fail to validate the PBES2 iteration count parameter in JWE tokens, allowing unauthenticated attackers to trigger CPU exhaustion by specifying arbitrarily large values in the p2c header field. An attacker can exploit this resource exhaustion vulnerability to cause denial of service against any system using the library to decrypt JWE tokens. Public exploit code exists for this vulnerability, and a patch is available.

Python Denial Of Service Joserfc Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-63912 HIGH POC This Week

Tranzman versions up to 4.0 is affected by use of a broken or risky cryptographic algorithm (CVSS 7.5).

Information Disclosure Tranzman
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-63911 HIGH POC This Week

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability. [CVSS 7.2 HIGH]

Command Injection Tranzman
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2025-67840 HIGH POC This Week

Multiple authenticated OS command injection vulnerabilities exist in the Cohesity (formerly Stone Ram) TranZman 4.0 Build 14614 through TZM_1757588060_SEP2025_FULL.depot web application API endpoints (including Scheduler and Actions pages). [CVSS 7.2 HIGH]

RCE Command Injection Tranzman
NVD GitHub
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-63910 HIGH POC This Week

Tranzman versions up to 4.0 is affected by insufficient verification of data authenticity (CVSS 7.2).

File Upload Authentication Bypass RCE Tranzman
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-26892 HIGH POC This Week

Simple Logistic Hub Parcel\'S Management System versions up to 1.0 is affected by sql injection (CVSS 7.2).

PHP SQLi
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-63909 HIGH POC This Week

Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files. [CVSS 7.2 HIGH]

Privilege Escalation Authentication Bypass Tranzman
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-66680 HIGH POC This Week

An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request. [CVSS 7.1 HIGH]

Path Traversal Wise Force Deleter
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2024-55022 HIGH This Week

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter. [CVSS 8.8 HIGH]

Command Injection Cmt 3072xh2 Firmware Easyweb
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-2448 HIGH This Week

Page Builder by SiteOrigin (WordPress plugin) versions up to 2.33.5 is affected by path traversal (CVSS 8.8).

WordPress PHP Path Traversal RCE Information Disclosure
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-0869 HIGH This Week

Brocade Active Support Connectivity Gateway versions up to 3.4.0 contains a vulnerability that allows attackers to an unauthorized user to perform ASCG operations related to Brocade Support Link( (CVSS 8.8).

Authentication Bypass Brocade Active Support Connectivity Gateway
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-1566 HIGH This Week

Authenticated agents in the LatePoint WordPress plugin versions up to 5.2.7 can arbitrarily link customer accounts to any user ID during account creation, enabling privilege escalation to administrator accounts. An attacker with agent-level access can exploit this to reset an administrator's password and gain full site control. No patch is currently available.

WordPress Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-24502 HIGH This Week

Command \| Intel Vpro Out Of Band versions up to 4.7.0 is affected by uncontrolled search path element (CVSS 8.8).

Privilege Escalation Dell
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-1876 HIGH This Week

Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all is affected by improper resource shutdown or release.

Information Disclosure Melsec Iq F Fx5 Enet Ip Firmware
NVD VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-1875 HIGH This Week

Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all is affected by improper resource shutdown or release.

Information Disclosure Melsec Iq F Fx5 Eip Firmware
NVD VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-1874 HIGH This Week

Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP is affected by always-incorrect control flow implementation.

Information Disclosure Melsec Iq F Fx5 Eip Firmware Melsec Iq F Fx5 Enet Ip Firmware
NVD VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-2637 HIGH This Week

Local privilege escalation in iBoysoft NTFS for Mac 8.0.0 allows authenticated macOS users to gain root access through the ntfshelperd privileged helper daemon. The daemon exposes an unauthenticated NSConnection service running as root, enabling any local user with standard privileges to communicate directly with the root-level service and execute privileged operations. EPSS probability is very low (0.02%, 6th percentile) with no confirmed active exploitation or public POC at time of analysis, suggesting limited real-world targeting despite high technical severity.

Privilege Escalation Ntfs For Mac
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-28518 HIGH This Week

OpenViking 0.2.1 and earlier contain a path traversal vulnerability in .ovpack file imports that enables local attackers to write arbitrary files outside the intended directory by crafting malicious ZIP archives with traversal sequences or absolute paths. An attacker with user interaction can overwrite or create files with the privileges of the importing process, potentially leading to code execution or system compromise. No patch is currently available for this vulnerability.

Path Traversal Openviking
NVD GitHub
CVSS 4.0
8.4
EPSS
0.0%
CVE-2021-35484 HIGH This Week

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic (for the View Campaign page) via the sortColumn HTTP GET parameter. [CVSS 8.2 HIGH]

SQLi Impact
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2021-35486 HIGH This Week

Impact Mobile versions up to 19.11.2.10-20210118042150283 is affected by cross-site request forgery (csrf) (CVSS 8.1).

CSRF Impact Mobile
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2021-35485 HIGH This Week

Impact versions up to 19.11.2.10-20210118042150283 is affected by unrestricted upload of file with dangerous type (CVSS 8.0).

File Upload Impact
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-52365 HIGH This Week

A command injection vulnerability in the szc script of the ccurtsinger/stabilizer repository allows remote attackers to execute arbitrary system commands via unsanitized user input passed to os.system(). [CVSS 7.8 HIGH]

Command Injection
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-15595 HIGH This Week

A privilege escalation vulnerability in Inno Setup 6.2.1 and earlier versions allows local attackers to gain elevated privileges through DLL hijacking. This vulnerability requires user interaction but no authentication, enabling attackers to execute arbitrary code with higher privileges by placing a malicious DLL in a location searched by the installer. While not currently listed in CISA KEV, the vulnerability has a moderate EPSS score of 0.043% and affects a widely-used Windows installer creation tool.

Privilege Escalation Inno Setup
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25673 HIGH PATCH This Week

Django URL field validation triggers excessive Unicode normalization on Windows when processing certain malicious Unicode characters, enabling remote attackers to cause denial of service through crafted URL inputs. Affected versions include Django 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29, with potential impact to unsupported series 5.0.x, 4.1.x, and 3.2.x. A patch is available for all affected supported versions.

Python Django Denial Of Service Microsoft
NVD VulDB HeroDevs
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-62817 HIGH This Week

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session->ncp_hdr_buf in __pilot_parsing_ncp() causes a denial of service. [CVSS 7.5 HIGH]

Samsung Null Pointer Dereference Denial Of Service Exynos 2400 Firmware Exynos 1280 Firmware +5
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-66363 HIGH This Week

An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages. [CVSS 7.5 HIGH]

Samsung Exynos 2200 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-62814 HIGH This Week

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service. [CVSS 7.5 HIGH]

Samsung Null Pointer Dereference Denial Of Service Exynos 1380 Firmware Exynos 1280 Firmware +3
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-55021 HIGH This Week

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol. [CVSS 7.5 HIGH]

Authentication Bypass Cmt 3072xh2 Firmware Easyweb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-55019 HIGH This Week

Incorrect access control in the component download_wb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files. [CVSS 7.5 HIGH]

Authentication Bypass Easyweb Cmt 3072xh2 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-55027 HIGH This Week

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uac_temp.db. [CVSS 7.5 HIGH]

Information Disclosure Cmt 3072xh2 Firmware Easyweb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-27981 HIGH This Week

Homebox prior to version 0.24.0 fails to validate the TrustProxy configuration setting, allowing attackers to bypass authentication rate limiting by forging the X-Real-IP header on direct connections. This enables an attacker to attempt unlimited authentication attempts by spoofing a different IP address for each request, compromising both confidentiality and integrity of the system. The vulnerability affects all Homebox installations where the TrustProxy option is disabled or misconfigured.

Authentication Bypass Homebox
NVD GitHub
CVSS 3.1
7.4
EPSS
0.1%
CVE-2025-12345 HIGH POC This Week

A security vulnerability has been detected in LLM-Claw 0.1.0/0.1.1/0.1.1a/0.1.1a-p1. The affected element is the function agent_deploy_init of the file /agents/deploy/initiate.c of the component Agent Deployment. [CVSS 8.8 HIGH]

Buffer Overflow
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.1%
CVE-2026-25906 HIGH This Week

Optimizer versions up to 6.3.1 is affected by improper link resolution before file access (CVSS 7.3).

Path Traversal Dell Optimizer
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-2269 HIGH This Week

Server-Side Request Forgery in the Uncanny Automator WordPress plugin up to version 7.0.0.3 allows authenticated administrators to make arbitrary web requests from the affected server and store remote file contents locally, potentially enabling remote code execution. The vulnerability requires administrator-level privileges and has no available patch. Attackers can exploit this to interact with internal services and upload arbitrary files to the web server.

WordPress RCE SSRF File Upload
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2026-3342 HIGH This Week

WatchGuard Fireware OS contains an out-of-bounds write vulnerability in its management interface that permits authenticated administrators to achieve root-level code execution. The flaw affects versions 11.9 through 11.12.4_Update1, 12.0 through 12.11.7, and 2025.1 through 2026.1.1, with no patch currently available. While exploitation requires high-level administrative privileges, successful attacks grant complete system compromise.

Buffer Overflow RCE Fireware
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-2568 HIGH This Week

Stored cross-site scripting in WP Zendesk for Contact Form 7 and related WordPress plugins through version 1.1.5 allows unauthenticated attackers to inject malicious scripts into form submissions that execute in other users' browsers. The vulnerability stems from inadequate input sanitization and output escaping on submitted form data. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-1567 HIGH This Week

Infosphere Information Server versions up to 11.7.1.6 is affected by improper restriction of xml external entity reference (CVSS 7.1).

IBM XXE Infosphere Information Server
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-2915 HIGH This Week

HP System Event Utility versions prior to 3.2.16 allow local authenticated users to corrupt system integrity and cause denial of service through arbitrary file writes with elevated privileges. An attacker with local access and valid credentials can leverage this vulnerability to modify critical files and disrupt system availability. No patch is currently available for affected installations.

Denial Of Service System Event Utility
NVD
CVSS 3.1
7.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy