Skip to main content
CVE-2026-4999 LOW POC Monitor

Path traversal in z-9527 admin's file upload function allows authenticated remote attackers to manipulate the fileType parameter in /server/utils/upload.js to access files outside the intended directory, potentially leading to information disclosure or file overwrite. The vulnerability affects all versions up to commit 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2, with publicly available exploit code documented and a CVSS score of 5.3 (low confidentiality, integrity, and availability impact). The vendor has not responded to early disclosure notification.

Path Traversal Admin
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5011 LOW POC Monitor

Remote code execution in elecV2P up to version 3.8.3 allows authenticated attackers to inject arbitrary code via manipulation of the rawcode argument in the runJSFile function of the /webhook JSON Parser endpoint. The vulnerability has publicly available exploit code and the vendor has not yet responded to early disclosure notifications, making this an active security concern for deployed instances.

Code Injection RCE Elecv2P
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5015 LOW POC Monitor

Reflected cross-site scripting (XSS) in elecV2P up to version 3.8.3 allows remote attackers to inject malicious scripts via the filename parameter in the /logs endpoint, requiring user interaction to execute. The vulnerability has publicly available exploit code and affects all versions through 3.8.3, with no vendor patch released despite early notification through issue reporting.

XSS Elecv2P
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4995 LOW POC Monitor

Stored cross-site scripting (XSS) in wandb OpenUI up to version 1.0 via the Window Message Event Handler in frontend/public/annotator/index.html allows authenticated remote attackers to inject malicious scripts with user interaction. The vulnerability has a low CVSS score (3.5) due to authentication and user-interaction requirements, but publicly available exploit code exists and the vendor has not responded to early disclosure notifications.

XSS Openui
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-4994 LOW POC Monitor

Information disclosure in wandb OpenUI up to version 1.0/3.5-turb allows authenticated local network attackers to expose sensitive information through error messages in the APIStatusError handler by manipulating the key argument. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification. Attack complexity is low and requires only local network access and low-level privileges.

Information Disclosure Openui
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-5007 LOW POC Monitor

OS command injection in kazuph mcp-docs-rag through version 0.5.0 allows local attackers with limited privileges to execute arbitrary commands via the cloneRepository function in src/index.ts. The vulnerability affects the add_git_repository and add_text_file components, with publicly available exploit code demonstrating the attack. No vendor patch has been released despite early notification through a GitHub issue.

Command Injection Mcp Docs Rag
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.2%
CVE-2026-4993 LOW POC Monitor

Wandb OpenUI up to version 1.0 contains hard-coded credentials exposure in backend/openui/config.py where the LITELLM_MASTER_KEY argument is improperly handled, allowing local authenticated users with low privileges to read sensitive authentication material. The vulnerability has a low CVSS score (3.3) due to local-only attack vector and low impact scope, but publicly available exploit code exists and vendor contact has been unsuccessful, increasing practical risk for deployed instances.

Authentication Bypass Openui
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy