Critical vulnerability in Lantronix EDS serial device server (EDS5000/EDS3000PS). Multiple injection and auth bypass vulnerabilities in the management interface.
RCE in NetGain EM Plus 10.1.68. PoC available.
Arbitrary file upload in FileThingie 2.5.7 via ZIP archives. PoC available.
Command execution in SAPIDO RB-1732 V2.0.43 router. PoC available.
OGNL injection in Epross AVCON6 management platform. PoC available.
Path traversal in Vociferous speech-to-text tool before 4.4.2. CVSS 10.0.
Default password in Himmelblau Azure Entra ID suite 3.0.0-3.0.x. CVSS 10.0.
Arbitrary code execution in Jellyfin iOS GitHub Actions workflow. CVSS 10.0.
Insecure access control in Asseco SEE Live 2.0. Remote access to attachments.
Access control bypass in Winter CMS before 1.0.477/1.1.12/1.2.12. CVSS 9.9.
OS command injection in Cloud CLI (Claude Code UI) before 1.25.0. EPSS 0.39%.
LFI to RCE in IFTOP by WellChoose.
Unauthenticated REST endpoint in Datalogics Ecommerce Delivery WordPress plugin before 2.6.60.
Auth bypass in AdGuard Home before 0.107.73.
Missing auth in Taskosaur project management 1.0.0.
Critical vulnerability in Lantronix EDS serial device server (EDS5000/EDS3000PS). Multiple injection and auth bypass vulnerabilities in the management interface.
RCE in OpenClaw Agent Platform v2026.2.6 via prompt injection.
Auth bypass in HPE Aruba AOS-CX switch web management.
SQL injection in Parse Server before 9.6.0-alpha.2/8.6.28.
Critical vulnerability in Lantronix EDS serial device server (EDS5000/EDS3000PS). Multiple injection and auth bypass vulnerabilities in the management interface.
SQL injection in Frappe framework before 15.84.0/14.99.0.
SQL injection in WeGIA before 3.6.6.
SQL injection in Parse Server before 9.6.0-alpha.5/8.6.31. Third Parse Server SQLi.
SQL injection in Parse Server before 9.6.0-alpha.5/8.6.31.
Hardcoded password in ThermaKube Kubernetes monitoring.
Critical vulnerability in Lantronix EDS serial device server (EDS5000/EDS3000PS). Multiple injection and auth bypass vulnerabilities in the management interface.
File path control in Zoom Workplace for Windows Mail feature before 6.6.0.
Sandbox escape via Web Speech in Chrome before 146.0.7680.71. Patch available.
Remote attackers can completely bypass authentication on MR-GM5L-S1 and MR-GM5A-L1 devices to arbitrarily modify device configurations. The vulnerability requires no authentication, no user interaction, and low attack complexity (CVSS:4.0 AV:N/AC:L/PR:N/UI:N), scoring 9.3 critical. EPSS exploitation probability is low (0.10%, 28th percentile) with no confirmed active exploitation or public exploit code identified at time of analysis, suggesting limited real-world targeting to date despite the severe access control failure.
embedded SwiFTP FTP server component contains a vulnerability that allows attackers to log in without valid credentials.
Hard-coded credentials in MR-GM5L-S1 and MR-GM5A-L1 enable remote unauthenticated attackers to gain administrative access with critical CVSS 9.3 score. The CWE-798 flaw allows complete system compromise through embedded default credentials that cannot be changed by users. EPSS score of 0.04% (14th percentile) suggests low observed exploitation probability despite the critical severity, though authentication bypass capabilities make this a priority for affected deployments.
SSRF in Plunk email platform before 0.7.0.
Blind SSRF in 2FAuth 2FA manager before 6.1.0.
Command injection in Cloud CLI (Claude Code UI) Git operations before 1.24.0.
Critical vulnerability in Lantronix EDS serial device server (EDS5000/EDS3000PS). Multiple injection and auth bypass vulnerabilities in the management interface.
Auth bypass in Unity Catalog 0.4.0 and earlier.
Default credentials in netbox-docker before 2.5.0.