SQL injection in code-projects Online Food Ordering System 1.0's Shopping Cart Module (cart.php) allows unauthenticated remote attackers to manipulate the del parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Affected PHP-based installations are at immediate risk of database compromise and data exfiltration.
SQL injection in SourceCodester Food Ordering System 1.0 via the custom parameter in /purchase.php allows unauthenticated remote attackers to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects PHP-based installations of this food ordering platform.
SQL injection in SourceCodester Malawi Online Market 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /display.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. The vulnerability remains unpatched and affects PHP-based deployments of this application.
Cross-site scripting in OpenBao's OIDC/JWT authentication method allows theft of Web UI session tokens when roles are configured with callback_mode=direct. Attackers exploit the unsanitized error_description parameter on failed authentication pages to inject malicious scripts that execute in victims' browsers, granting access to authentication tokens. The vulnerability affects OpenBao installations prior to v2.5.2 and has no public exploit identified at time of analysis, though the technical implementation details are publicly documented in the vendor advisory.
Remote code execution is possible in DataDog's dd-trace-java agent versions prior to 1.60.3 when running on JDK 16 or earlier with exposed JMX/RMI ports. The vulnerability stems from unsafe deserialization in the RMI instrumentation's custom endpoint, allowing network-accessible attackers to execute arbitrary code if gadget-chain libraries exist on the classpath. Vendor-released patch: version 1.60.3. No public exploit identified at time of analysis, though the issue was responsibly disclosed through DataDog's bug bounty program by Mohamed Amine ait Ouchebou.
Remote code execution in plank/laravel-mediable PHP package through version 6.4.0 allows unauthenticated attackers to upload executable PHP files disguised with benign MIME types, achieving arbitrary code execution when files land in web-accessible directories. EPSS score of 0.39% (60th percentile) indicates low observed exploitation probability, though SSVC analysis confirms the vulnerability is automatable with total technical impact. No vendor-released patch identified at time of analysis despite coordinated disclosure attempts.
Langflow's Agentic Assistant feature executes LLM-generated Python code server-side during component validation, enabling arbitrary code execution when attackers can influence model outputs. The vulnerability affects the pip package 'langflow' and exists in endpoints /assist and streaming paths that invoke exec() on dynamically generated component code. A proof-of-concept exists demonstrating the execution chain from user input through validation to code execution. Authentication requirements depend on deployment configuration, with AUTO_LOGIN=true defaults potentially widening exposure. No public exploit identified at time of analysis beyond the documented PoC, though the technical details and code references provide a complete exploitation blueprint.
The LeadConnector WordPress plugin before version 3.0.22 contains an authorization bypass vulnerability in a REST API endpoint, allowing unauthenticated attackers to overwrite existing data without authentication. This vulnerability affects an unknown vendor's LeadConnector product and has a publicly available proof-of-concept exploit, making it actively exploitable. The vulnerability enables unauthorized data manipulation, which could compromise business data integrity and customer information stored within the plugin.
Tandoor Recipes versions prior to 2.6.0 allow unlimited brute-force password guessing attacks against any known username through API endpoints accepting BasicAuthentication headers. While Django AllAuth rate limiting protects the HTML login form (5 attempts per minute per IP), API endpoints completely bypass these controls, enabling high-speed credential stuffing with no account lockout. A proof-of-concept exploit exists and the attack is automatable per SSVC analysis, though no active exploitation is confirmed in CISA KEV.
Account takeover in Outline collaborative documentation service versions 0.86.0 through 1.5.x enables unauthenticated attackers to brute force Email OTP codes due to insufficient validation logic combined with rate limiter bypass. Attackers can submit unlimited OTP attempts within the code's validity window, compromising user accounts. CVSS 9.1 (Critical) severity reflects network-accessible attack vector requiring no privileges or user interaction. No public exploit identified at time of analysis, though the authentication bypass mechanism is documented in GHSA-cwhc-53hw-qqx6.
Daylight Studio FuelCMS v1.5.2 allows remote attackers to exfiltrate password reset tokens through a mail splitting attack, enabling account takeover without authentication. The vulnerability exploits improper handling of email headers during the password reset workflow, permitting attackers to intercept or redirect sensitive reset tokens to attacker-controlled addresses. No public exploit code or active exploitation has been independently confirmed at time of analysis.
Certificate chain spoofing in node-forge (npm) <= 1.3.3 lets an attacker present any non-CA leaf certificate as a trusted intermediate CA, because pki.verifyCertificateChain() skips RFC 5280 basicConstraints enforcement when a certificate carries neither the basicConstraints nor the keyUsage extension. An attacker holding such a leaf certificate can sign certificates for arbitrary identities and have node-forge accept the forged chain, defeating authentication for any application relying on it for custom PKI, S/MIME, PKCS#7, or device-certificate validation. Rated CVSS 9.1 by the reporter and fixed in 1.4.0; publicly available exploit code exists (full PoC in the GHSA), but EPSS is only 0.02% and it is not on CISA KEV.
Remote denial-of-service in Siemens CPCI85 Central Processing/Communication and RTUM85 RTU Base (versions below V26.10) allows adjacent network attackers to exhaust system resources via high-volume requests, forcing device reset or reboot to restore parameterization functionality. No public exploit identified at time of analysis. CVSS 7.1 (High) with adjacent network access vector and no privileges required indicates moderate real-world risk for industrial environments where these RTU and control processing devices operate.
AVideo, a popular open-source video platform, stores video access passwords in plaintext within the database, enabling attackers who gain read access through SQL injection, backup exposure, or misconfigured controls to harvest all protected video passwords without cracking. The vulnerability is tracked as CWE-312 (Cleartext Storage of Sensitive Information) and affects AVideo installations using the video password protection feature. A proof-of-concept demonstrating direct database extraction is documented in the GitHub advisory. Vendor patch is available via commit f2d68d2adbf73588ea61be2b781d93120a819e36, and no public exploit identified at time of analysis beyond the documented PoC.
Squid proxy versions prior to 7.5 contain use-after-free and premature resource release vulnerabilities in ICP (Internet Cache Protocol) traffic handling that enable reliable, repeatable denial of service attacks. Remote attackers can exploit these memory safety bugs to crash the Squid service by sending specially crafted ICP packets, affecting deployments that have explicitly enabled ICP support via non-zero icp_port configuration. While no CVSS score or EPSS value is currently published, the vulnerability is confirmed by vendor advisory and includes a public patch commit, indicating moderate to high real-world risk for affected deployments.
DOM-based Cross-Site Scripting in Ory Polis (formerly BoxyHQ Jackson) SAML-to-OAuth bridge allows unauthenticated remote attackers to execute arbitrary JavaScript in victim browsers via crafted callbackUrl parameters. Versions prior to 26.2.0 are affected, with vendor-released patch available in version 26.2.0. No public exploit identified at time of analysis. CVSS score of 8.8 reflects network-based attack vector with low complexity requiring only user interaction, though SSVC framework rates technical impact as partial with no observed exploitation and non-automatable attack pattern.
Authentication bypass in Incus webui (versions prior to 6.23.0) permits local or remote attackers to gain unauthorized access to the system container and virtual machine manager via an improperly validated authentication token. The vulnerability allows attackers who can reach the temporary localhost web server to escalate privileges to the level of the user running 'incus webui', enabling control over containers, virtual machines, and potentially underlying system resources. CVSS score of 8.8 (High) reflects network attack vector with low complexity requiring user interaction; no public exploit identified at time of analysis.
Remote code execution vulnerability in EVerest electric vehicle charging software stack allows adjacent network attackers to execute arbitrary code by sending malformed SLAC protocol frames. EVerest-core versions prior to 2026.02.0 are affected due to a stack buffer overflow in HomeplugMessage::setup_payload that trusts an attacker-controlled length parameter in release builds. SSVC analysis indicates proof-of-concept exploit code exists, though the vulnerability is not automatable and requires adjacent network access (CVSS 8.8, AV:A).
The Amelia Booking plugin for WordPress contains an Insecure Direct Object Reference (IDOR) vulnerability in versions up to and including 9.1.2 that allows authenticated attackers with customer-level permissions to bypass authorization controls and modify user passwords, including administrator accounts, potentially leading to complete site takeover. This vulnerability affects the pro version of the plugin available on CodeCanyon and carries a CVSS score of 8.8 (HIGH). No evidence of active exploitation (KEV) or public proof-of-concept is currently documented, but the vulnerability has been publicly disclosed by Wordfence.
The Masteriyo LMS plugin for WordPress contains a critical privilege escalation vulnerability that allows authenticated users with Student-level access or higher to elevate their privileges to administrator level. All versions up to and including 2.1.6 are affected. The vulnerability is exploitable over the network with low attack complexity and requires no user interaction, resulting in a critical CVSS score of 9.8, though the CVSS vector indicates no authentication required (PR:N) which conflicts with the description stating Student-level access is needed.
WP Lightbox 2 WordPress plugin before version 3.0.7 contains a Stored Cross-Site Scripting (XSS) vulnerability in its settings due to insufficient input sanitization and output escaping. High-privilege users, particularly administrators, can inject malicious JavaScript that persists in the database and executes in the browsers of other users, even in multisite installations where the unfiltered_html capability is restricted. A publicly available proof-of-concept demonstrates active exploitation potential, making this a practical threat in WordPress environments.
Vienna Assistant 1.2.542 on macOS allows local privilege escalation through an unauthenticated XPC service endpoint that accepts connections from any process. The vulnerable VSL privileged helper service exposes functions to write arbitrary files to any location and execute arbitrary binaries with any arguments, enabling a low-privileged local user to gain root access. A proof-of-concept exploit exists per SSVC assessment, with an EPSS score of 0.02% indicating low observed exploitation probability in the wild.
Unauthenticated remote code execution as root is possible in thingino-firmware through the WiFi captive portal CGI script due to command injection in query and POST parameter parsing. Attackers on the adjacent network (AV:A) can inject arbitrary commands through unsanitized HTTP parameter names, enabling full device takeover including root password reset and SSH key manipulation for persistent access. No public exploit is identified at time of analysis, though VulnCheck has published an advisory detailing the vulnerability mechanics.
Netty HTTP/2 servers can be rendered unresponsive by remote attackers flooding CONTINUATION frames with zero-byte payloads, bypassing existing header size limits and exhausting CPU resources. The affected package is io.netty:netty-codec-http2 (tracked via GitHub Security Advisory GHSA-w9fj-cfpg-grvv). Authentication requirements are not confirmed from available data. No public exploit identified at time of analysis, though the technical details provided in the advisory enable straightforward reproduction. The low bandwidth requirement for this CPU-based denial of service makes it highly practical for disrupting services at scale.
Small HTTP Server 3.06.36 contains an unquoted service path vulnerability (CWE-428) allowing local authenticated attackers to execute arbitrary code with elevated privileges by placing malicious executables in higher-priority directories. Despite a CVSS 4.0 score of 8.7, real-world risk is significantly lower with only 0.02% EPSS probability (4th percentile) and no public exploit identified at time of analysis. INCIBE has reported this vulnerability with patches available from the vendor.
ClearanceKit 4.1 and earlier for macOS allows local authenticated users to completely bypass configured file access policies via seven unmonitored file operation event types. The opfilter Endpoint Security extension only intercepted ES_EVENT_TYPE_AUTH_OPEN events, enabling processes to perform rename, unlink, and five other file operations without policy enforcement or denial logging. Version 4.2 branch contains the fix via commit a3d1733. No public exploit identified at time of analysis, but exploitation requires only local access with low privileges (CVSS PR:L) and no special complexity.
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Web management interface of ASUS router models that allows an unauthenticated attacker to perform actions with the privileges of an authenticated administrator, potentially including arbitrary system command execution. The vulnerability affects ASUS router products across multiple versions due to insufficient CSRF token validation in the web interface. While no CVSS score or EPSS data is currently available, the ability to execute system commands on a network-critical device represents a critical severity threat.
RATOC RAID Monitoring Manager for Windows contains an insecure directory permissions vulnerability when the installation folder is customized to a non-default location. The installer fails to properly set access control lists (ACLs) on custom installation directories, allowing non-administrative users to modify folder contents and execute arbitrary code with SYSTEM privileges. With a CVSS 4.0 score of 8.5, this represents a high-severity local privilege escalation vulnerability affecting Windows systems where this RAID management software is installed.
TigerVNC x0vncserver versions prior to 1.16.2 expose screen contents to unauthorized local users through incorrect file permissions in Image.cxx, enabling information disclosure, screen manipulation, or denial of service. The vulnerability has CVSS 8.5 (High) with local attack vector requiring no privileges or user interaction, and scope change indicating potential impact beyond the vulnerable component. No public exploit identified at time of analysis, though technical details are available via GitHub commit and mailing list disclosure.
Small HTTP Server 3.06.36 allows local attackers with low privileges to execute arbitrary code through an unquoted service path vulnerability in the http.exe service executable. By placing a malicious executable in a higher-priority directory along the unquoted path 'C:\Program Files (x86)\shttps_mg\http.exe service', attackers can achieve full system compromise with high confidentiality, integrity, and availability impact. No public exploit has been identified at time of analysis, and CISA SSVC framework indicates no current exploitation, though technical impact is rated as total.
Stack-based buffer overflow in EVerest EV charging software allows unauthenticated local attackers to execute arbitrary code via overly long CAN interface names during initialization. The vulnerability (CWE-121) affects everest-core versions prior to 2026.02.0 with CVSS 8.4 (High severity). Proof-of-concept exploit code exists according to SSVC assessment, and the flaw triggers before privilege checks, enabling attack with no user privileges required. The vulnerability is tracked as EUVD-2026-16199 by ENISA.
RATOC RAID Monitoring Manager for Windows contains a DLL hijacking vulnerability in its installer that loads DLLs from the current directory without proper path validation. If an attacker can place a malicious DLL in the directory where a user runs the installer, arbitrary code can be executed with administrator privileges. The vulnerability has a CVSS score of 8.4 with local attack vector requiring user interaction, and has been publicly disclosed through JPCERT coordination with vendor advisory available.
Local authenticated attackers can bypass file access policies in ClearanceKit (macOS system extension) versions prior to 4.2.4 by using specific file operation event types (ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVENT_TYPE_AUTH_CLONE) that were not intercepted by the opfilter enforcement mechanism. This policy bypass allows unauthorized file access, modification, and data exfiltration despite configured access controls. EPSS exploitation probability is minimal (0.01%, 2nd percentile) and no active exploitation or public POC has been identified. Patch available in version 4.2.4 via commit 6181c4a, requiring system extension reactivation.
Stack-based buffer overflow in EVerest EV charging software stack enables local code execution when processing certificate filenames of exactly 100 characters due to off-by-one boundary check error in IsoMux component. EVerest-core versions prior to 2026.02.0 are affected (CPE cpe:2.3:a:everest:everest-core). The vulnerability has a CVSS score of 8.4 with local attack vector and no privilege requirements (AV:L/PR:N), allowing unauthenticated local attackers to achieve code execution. No public exploit identified at time of analysis, though technical details are available in GitHub security advisory GHSA-cpqf-mcqc-783m.
BuildKit versions prior to 0.28.1 allow untrusted custom frontends to write arbitrary files outside the execution state directory through crafted API messages, enabling path traversal attacks. This affects users who specify custom frontends via #syntax directives or --build-arg BUILDKIT_SYNTAX parameters with untrusted images. The vulnerability carries a CVSS score of 8.4 with local attack vector requiring no privileges or user interaction, posing high risk to confidentiality, integrity, and availability. No public exploit identified at time of analysis.
Session fixation via remote phishing in OpenBao before 2.5.2 lets an unauthenticated attacker hijack a victim's identity when a JWT/OIDC auth role is configured with callback_mode=direct. Because direct mode skips any confirmation prompt and calls back straight to the API, an attacker initiates the auth flow, lures a victim into completing the login through a crafted URL, then polls the API to collect the OpenBao token that gets issued under the victim's identity. There is no public exploit identified at time of analysis, EPSS is low (0.06%, 19th percentile), and it is not in CISA KEV, though SSVC rates the technical impact as total.
SQL injection in HCL Aftermarket DPC version 1.0.0 enables unauthenticated remote attackers to extract sensitive database contents and potentially compromise data integrity and availability. The vulnerability carries a CVSS score of 8.3 with network-based attack vector requiring user interaction. No public exploit is identified at time of analysis, and SSVC assessment indicates no current exploitation with non-automatable attack characteristics.
Remote denial-of-service in libssh 0.11.x and earlier allows unauthenticated attackers to crash SSH server daemon processes via malformed GSSAPI authentication OID payloads. The vulnerability affects the ssh_get_hexa() API function when processing zero-length input, exploitable remotely when GSSAPI authentication is enabled and logging verbosity is set to SSH_LOG_PATCH (level 3) or higher. Red Hat, Ubuntu, SUSE, and Debian have released patches (libssh 0.11.4 and 0.12.0). EPSS score of 0.09% and SSVC assessment indicate low real-world exploitation likelihood despite network attack vector, with no active exploitation confirmed. Ubuntu classified this as low priority, and CISA SSVC notes exploitation as 'none' but 'automatable' with partial impact.
Saloon PHP library versions prior to 4.0.0 contain a PHP object injection vulnerability in the AccessTokenAuthenticator::unserialize() method, which unsafely deserializes OAuth token state using unserialize() with allowed_classes set to true. An attacker who can control the serialized token string-such as by overwriting a cached token file or injecting malicious data-can supply a crafted serialized gadget object that executes arbitrary code through PHP magic methods during deserialization. In environments with common dependencies like Monolog present, this vulnerability can be reliably chained to achieve remote code execution (RCE), making it a critical threat to any API integration or SDK built on vulnerable Saloon versions.
Concurrent access to shared memory in EVerest EV charging software (versions prior to 2026.02.0) enables remote attackers to trigger undefined behavior and potential memory corruption through unauthenticated MQTT messages. The data race condition in Charger::shared_context occurs when processing switch_three_phases_while_charging commands without proper locking, yielding CVSS 8.2 (High) with potential for availability disruption and data integrity impact. No public exploit identified at time of analysis, though the attack vector is network-accessible without authentication requirements (CVSS:3.1/AV:N/AC:L/PR:N/UI:N).
Path traversal in Moby BuildKit allows remote unauthenticated attackers to read files outside Git repository roots during Docker image builds using crafted URL fragments. Affects builds using Git URLs with subdir components (e.g., git://repo#ref:subdir syntax). Exploitation probability is low (EPSS 2%, 4th percentile) with no public exploit identified at time of analysis. Vendor-released patch available in BuildKit v0.28.1.
Red Hat OpenShift AI llama-stack-operator permits unauthorized cross-namespace access to Llama Stack service endpoints due to missing NetworkPolicy enforcement, enabling authenticated users in one namespace to view or modify sensitive data in another user's Llama Stack instances. CVSS 8.1 (High) reflects high confidentiality and integrity impact with low-privilege authenticated network access. No public exploit identified at time of analysis, though the authentication bypass weakness (CWE-653) is architecturally straightforward to leverage once cluster access is obtained.
Tandoor Recipes versions through 2.5.3 permit Host header injection attacks that enable invite link poisoning, allowing authenticated administrators with high privileges to be social-engineered into sending system-generated invite tokens to attacker-controlled servers. The Django application's default ALLOWED_HOSTS='*' configuration fails to validate HTTP Host headers, which combined with request.build_absolute_uri() usage allows manipulation of all absolute URLs including invite emails, API pagination, and OpenAPI schemas. No public exploit identified at time of analysis; CVSS 8.1 reflects network-based attack requiring high privileges and user interaction with changed scope.
OpenEMR contains an Insecure Direct Object Reference (IDOR) vulnerability in the patient notes functionality where authenticated users can modify or delete notes belonging to any patient without proper authorization checks. This affects OpenEMR versions prior to 8.0.0.3 and allows attackers with low-level privileges to access, modify, or delete sensitive medical records they should not have access to. The vulnerability has a CVSS score of 8.1 with high confidentiality and integrity impact, though there is no current evidence of active exploitation in the wild or public proof-of-concept code.
Missing functional level access control in HCL Aftermarket DPC version 1.0.0 enables privilege escalation attacks that can compromise application integrity and confidentiality. Unauthenticated attackers can leverage this access control flaw to manipulate and exfiltrate data with user interaction required (CVSS 8.1, AV:N/AC:L/PR:N/UI:R). No public exploit has been identified at time of analysis, with CISA SSVC rating the technical impact as partial and exploitation status as none.
Remote code execution is achievable in Red Hat Foreman and Satellite 6 via command injection in the WebSocket proxy implementation when users access VM VNC console functionality. An attacker controlling a malicious compute resource server can inject unsanitized hostname values into shell commands, compromising the Foreman server and potentially the entire managed infrastructure. A proof-of-concept exploit exists according to SSVC data, elevating real-world risk despite requiring low-privileged authentication and user interaction.
Mattermost's mmctl command-line administration tool fails to sanitize ANSI and OSC escape sequences embedded in user-generated post content, enabling authenticated low-privilege attackers to inject malicious terminal control codes when administrators export or query messages. Exploitation allows screen manipulation, fake prompt injection, and clipboard hijacking against administrators running mmctl commands, potentially leading to secondary code execution if administrators are tricked into running injected commands. CISA SSVC framework indicates no current exploitation, non-automatable attack requiring high complexity and user interaction, but with total technical impact potential.
Firecrawl's Playwright scraping service through version 2.8.0 permits attackers to bypass SSRF protections and access internal network resources by exploiting a validation gap in redirect handling. Unauthenticated remote attackers can supply externally valid URLs that redirect to restricted internal endpoints, as network policy checks apply only to the initial request and not subsequent redirect destinations. With a CVSS score of 7.8 and high subsequent system confidentiality impact (SC:H), this represents a distinct post-redirect enforcement weakness separate from general redirect-based SSRF (CVE-2024-56800), though no public exploit is identified at time of analysis.
BentoML, a Python framework for ML model serving, contains a command injection vulnerability in the docker.system_packages configuration field of bentofile.yaml files. The vulnerability affects all versions supporting this feature (confirmed in version 1.4.36) and allows attackers to execute arbitrary commands during the Docker image build process (bentoml containerize). This is a high-severity supply chain risk with a CVSS score of 7.8, requiring user interaction to trigger but achieving full command execution as root during container builds.
The Zen C compiler (versions prior to 0.4.4) crashes or enables arbitrary code execution when processing maliciously crafted .zc source files containing excessively long identifiers for structs, functions, or traits, triggering a stack-based buffer overflow (CWE-121). A proof-of-concept exploit exists per SSVC assessment, though attack complexity remains moderate as it requires local access and user interaction (CVSS:3.1/AV:L/AC:L/PR:N/UI:R). Vendor-released patch: version 0.4.4.