Arbitrary code execution in TrueConf Client allows authenticated attackers on adjacent networks to deliver malicious updates due to missing integrity verification. The auto-update mechanism accepts unsigned or unverified payloads, enabling man-in-the-middle attackers with high privileges to substitute trojanized updates that execute with the application's permissions. EPSS data not available; no confirmed active exploitation (not in CISA KEV); publicly available exploit code not identified at time of analysis. CVSS 7.8 reflects the adjacent network attack vector and user interaction requirement, reducing immediate internet-scale risk.
Remote code execution in Contact Form by Supsystic plugin for WordPress (all versions ≤1.7.36) allows unauthenticated attackers to execute arbitrary PHP functions and OS commands via Server-Side Template Injection. Attackers exploit the plugin's unsandboxed Twig template engine by injecting malicious Twig expressions through GET parameters in the cfsPreFill functionality, leveraging registerUndefinedFilterCallback() to register arbitrary PHP callbacks. CVSS 9.8 (Critical) with network-accessible, low-complexity attack vector requiring no authentication. EPSS data not provided, but the combination of unauthenticated RCE in a widely-deployed WordPress plugin represents severe real-world risk. No KEV status confirmed at time of analysis.
Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated low-privilege attackers to escape Node.js vm sandbox and execute arbitrary commands as root inside Docker containers. The vulnerability exploits exposed WritableWorkerStdio stream objects in the sandbox console to traverse the prototype chain, access the host-realm Function constructor, load unrestricted Node.js modules (child_process), and spawn system commands. Confirmed exploited with reverse shell access, database credential theft (DB_PASSWORD, INIT_ROOT_PASSWORD), and arbitrary filesystem operations. EPSS data not available; public exploit code exists with detailed proof-of-concept demonstrating root shell access in nocobase/nocobase:latest Docker image. Critical 10.0 CVSS score reflects network-exploitable, low-complexity attack with complete confidentiality, integrity, and availability impact plus scope change (container escape implications).
Remote unauthenticated nginx service takeover in nginx-ui's MCP integration allows network attackers to create, modify, or delete nginx configuration files and trigger automatic reloads without authentication. The /mcp_message endpoint lacks authentication middleware while exposing the same MCP tool handlers as the protected /mcp endpoint, and the IP whitelist defaults to empty (allow-all). Attackers can inject malicious server blocks to intercept credentials, exfiltrate backend topology, or crash nginx with invalid configs. CVSS 9.8 (Critical) with network attack vector, no authentication required, and high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though detailed proof-of-concept HTTP request provided in advisory.
Reflected Cross-Site Scripting (XSS) in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary web script or HTML via the unvalidated 'msg' parameter in add_stock.php. The vulnerability is publicly demonstrated with available proof-of-concept code, enabling attackers to execute malicious scripts in users' browsers without requiring authentication or special privileges.
Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User domain field. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
{expr} payload embedded in a modeline to be evaluated even when the protective 'modelineexpr' setting is off (the default). A publicly available exploit exists, though EPSS rates real-world exploitation probability at just 0.02% (6th percentile) and CISA SSVC marks exploitation as 'none' - indicating no observed in-the-wild activity. The flaw is severe (CVSS 8.6) because it needs only that the user open a file in Vim's default configuration.
Stack-based buffer overflow in Tenda CH22 router firmware version 1.0.0.1 allows authenticated remote attackers to achieve arbitrary code execution with high confidentiality, integrity, and availability impact. The vulnerability resides in the formQuickIndex function's handling of the mit_linktype parameter in the /goform/QuickIndex endpoint. Publicly available exploit code exists on GitHub, significantly lowering the barrier to exploitation. With a CVSS score of 8.8 and low attack complexity requiring only low-privilege authentication, this represents a critical risk to deployed Tenda CH22 devices, though CISA KEV status is not confirmed.
Stack-based buffer overflow in Tenda CH22 router (versions 1.0.0.1 and 1.If) allows authenticated remote attackers to achieve code execution via crafted 'funcname' parameter to the /goform/setcfm endpoint. Publicly available exploit code exists (GitHub POC), significantly lowering exploitation barrier. CVSS 7.4 with low attack complexity and authenticated remote vector indicates moderate risk for targeted attacks against devices with compromised credentials.
Stack-based buffer overflow in Tenda CH22 router version 1.0.0.1 allows authenticated remote attackers to achieve arbitrary code execution via the formCreateFileName function. The vulnerability resides in the /goform/createFileName endpoint where insufficient input validation of the 'fileNameMit' parameter enables memory corruption. Publicly available exploit code exists on GitHub, significantly lowering the barrier to exploitation. While requiring low-privilege authentication (PR:L), the attack complexity is low (AC:L) and can be executed remotely over the network.
Stack-based buffer overflow in Tenda CH22 router (version 1.0.0.1) allows authenticated remote attackers to achieve code execution or denial of service via the wanmode parameter in the /goform/AdvSetWan endpoint. Public exploit code exists (GitHub POC), significantly lowering exploitation barriers. CVSS 7.4 reflects network-accessible attack requiring only low-privilege authentication, with high impact to confidentiality, integrity, and availability.
Unauthenticated credential disclosure in ZTE ZXHN H188A routers (versions V6.0.10P2_TE and V6.0.10P3N3_TE) allows local network attackers to retrieve sensitive credentials including default administrator passwords, WLAN PSK, and PPPoE credentials via the wizard interface, with some cases enabling unauthenticated configuration changes. No CVSS or EPSS data is available, and KEV status is unconfirmed; however, a publicly available technical analysis exists on GitHub indicating detailed exploitation methodology.
Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Navicat for Oracle 12.1.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SmartFTP Client 9.0.2615.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WebDrive 18.00.5057 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the username field during Secure WebDAV. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
HeidiSQL 9.5.0.5196 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long file path in the logging preferences. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Valentina Studio 9.0.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Softros LAN Messenger 9.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the custom log files location. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Reflected cross-site scripting (XSS) in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary JavaScript or HTML through the 'msg' parameter in index.php. Publicly available proof-of-concept code exists, enabling attackers to craft malicious URLs that execute scripts in victim browsers when clicked. No CVSS vector or patch information is available; the vulnerability appears limited in scope to a single PHP parameter.
Reflected cross-site scripting (XSS) in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary JavaScript or HTML through an unsanitized 'msg' parameter in add_category.php, enabling session hijacking, credential theft, or malware distribution via malicious URLs. Publicly available exploit code exists, increasing real-world attack likelihood despite the absence of formal CVSS scoring or CVE severity data.
Reflected cross-site scripting in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary JavaScript or HTML through an unsanitized 'msg' parameter in add_customer.php, enabling session hijacking, credential theft, or malware distribution via crafted URLs. Publicly available exploit code exists demonstrating the vulnerability.
Reflected XSS in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary JavaScript or HTML through the msg parameter in add_supplier.php, enabling session hijacking, credential theft, or malware distribution without authentication. The vulnerability has publicly available proof-of-concept code demonstrating the attack vector.
Reflected XSS in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary JavaScript or HTML through an unsanitized 'msg' parameter in add_purchase.php, enabling session hijacking, credential theft, or malware distribution via crafted URLs. The vulnerability has publicly available exploit code but lacks CVSS scoring and is not confirmed as actively exploited.
Reflected XSS in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary JavaScript or HTML through the msg parameter in add_sales.php, enabling session hijacking, credential theft, or malware distribution via crafted URLs. Publicly available exploit code exists.
Reflected cross-site scripting in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary JavaScript or HTML via the unvalidated "limit" parameter in view_customers.php, affecting unauthenticated users who click malicious links. Publicly available exploit code exists demonstrating the vulnerability, though no CVSS score is available to quantify severity.
Reflected Cross-Site Scripting (XSS) in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary JavaScript or HTML through the 'limit' parameter in view_supplier.php due to insufficient input sanitization. The vulnerability is accessible without authentication via crafted URLs, and publicly available exploit code exists demonstrating the attack vector.
Reflected Cross-Site Scripting (XSS) in SourceCodester Sales and Inventory System 1.0 allows remote attackers to inject arbitrary web scripts or HTML through the 'limit' parameter in view_payments.php due to insufficient input sanitization. Publicly available exploit code exists, enabling attackers to craft malicious URLs that execute JavaScript in victims' browsers when visited, potentially leading to session hijacking, credential theft, or defacement.
Stored cross-site scripting (XSS) in SourceCodester Sales and Inventory System 1.0 allows authenticated attackers to inject malicious scripts via the unvalidated website parameter in update_details.php, which are persisted in the database and executed whenever the store details page is accessed by any user. Publicly available exploit code exists, though the vulnerability requires prior authentication and affects primarily self-hosted instances of this open-source inventory management application.
ArthurFiorette steam-trader 2.1.1 exposes complete Steam account credentials through an unauthenticated API endpoint, enabling account takeover. Attackers can retrieve usernames, passwords, identity secrets, shared secrets, and session tokens via the /users endpoint without authentication (CVSS:3.1 AV:N/AC:L/PR:N). This critical vulnerability (CVSS 10.0) allows generation of valid Steam Guard 2FA codes and complete account hijacking. EPSS data unavailable, no CISA KEV listing, and critically: no patch exists as the repository is archived and unmaintained. Authentication bypass and information disclosure tags confirm trivial exploitation requiring only network access.
Path traversal in MLflow's tar.gz extraction (mlflow/mlflow versions <3.7.0) allows remote attackers to overwrite arbitrary files and potentially escape sandbox isolation via malicious archive uploads. The vulnerability affects the `extract_archive_to_dir` function which fails to validate tar member paths during extraction. Exploitation requires user interaction (CVSS UI:R) but needs no authentication (PR:N). EPSS data not provided, but no CISA KEV listing indicates no confirmed active exploitation at time of analysis. Public exploit code exists via Huntr bounty disclosure.
Critical command injection in MLflow 3.8.0 enables remote code execution during model deployment when attackers supply malicious artifacts via the `env_manager=LOCAL` parameter. The `_install_model_dependencies_to_env()` function unsafely interpolates dependency specifications from `python_env.yaml` directly into shell commands without sanitization. With CVSS 10.0 (network-accessible, no authentication, no complexity) and publicly available exploit code exists (reported via Huntr bug bounty, patched in 3.8.2), this represents an immediate critical risk for organizations using MLflow model serving infrastructure. EPSS data not available, but exploitation scenario is straightforward for adversaries with model deployment access.
Remote code execution in DSAI-Cline's command auto-approval module allows unauthenticated attackers to bypass whitelist validation by embedding newline characters in command payloads, forcing automatic approval and sequential execution of arbitrary OS commands via PowerShell without user interaction.
Remote code execution in Roo Code's command auto-approval module allows unauthenticated attackers to bypass the whitelist security mechanism via shell command substitution in command arguments. The vulnerability exploits inadequate regular expression parsing that fails to detect $(...) and backtick syntax, enabling an attacker to inject malicious commands (e.g., git log --grep="$(malicious_command)") that are automatically approved and executed with full system privileges. No CVSS scoring, KEV status, or official patch information is currently available.
Remote code execution in Syntx's command auto-approval module allows unauthenticated attackers to bypass whitelist security via shell command substitution syntax in command arguments. The vulnerability exploits inadequate regular expression parsing that fails to detect $(…) and backtick command substitution patterns, enabling an attacker to inject malicious commands within seemingly benign git operations (e.g., git log --grep="$(malicious_command)") that are automatically approved and executed with full system privileges. No CVSS score or KEV status data available; no public exploit code confirmed at time of analysis.
Authentication bypass in OpenOlat e-learning platform versions 10.5.4 through 20.2.4 allows remote unauthenticated attackers to forge authentication tokens due to missing JWT signature verification in OpenID Connect implementation. The platform accepts JWTs without cryptographic validation, enabling attackers to impersonate any user by crafting tokens with arbitrary claims. CVSS 9.8 (Critical) with network attack vector, low complexity, and no privileges required. No public exploit identified at time of analysis, though the vulnerability is trivial to exploit given the complete absence of signature verification.
CrewAI fails to validate Docker runtime availability during execution and silently reverts to an insecure sandbox mode, enabling remote code execution. Affected versions prior to the patch rely on Docker for isolation; when Docker becomes unavailable or is misconfigured, the fallback mechanism does not enforce adequate sandboxing constraints, allowing attackers to execute arbitrary commands within the application context. No CVSS score or official CVE details are available at this time, though the vulnerability has been reported to CERT and carries high practical risk due to the automatic unsafe fallback behavior.
Server-side request forgery in CrewAI's RAG search tools allows remote attackers to access internal and cloud services by injecting malicious URLs at runtime without proper validation. The vulnerability affects CrewAI's content acquisition mechanisms, enabling unauthorized data exfiltration from internal networks and cloud-hosted resources. No CVSS score, active exploitation status, or patch information is currently available in public sources.
HAI Build Code Generator's automatic command execution feature can be bypassed through prompt injection attacks, allowing unauthenticated remote code execution by misleading the AI model into misclassifying malicious commands as safe. The vulnerability exploits a fundamental design flaw in the model's safety classification logic, where attackers can wrap destructive commands in generic templates to bypass the user approval requirement that should be triggered for potentially dangerous operations.
Kyverno versions 1.16.0 and later contain a server-side request forgery vulnerability in unrestricted CEL HTTP functions that allow attackers to make arbitrary HTTP requests from the Kyverno controller, potentially accessing internal services and metadata endpoints. The vulnerability affects Kubernetes clusters running vulnerable Kyverno versions with policies utilizing CEL-based HTTP operations, with no CVSS or EPSS data currently available to quantify severity.
SakaDev's automatic terminal command execution feature can be bypassed via prompt injection attacks, allowing unauthenticated remote attackers to execute arbitrary commands without user approval by wrapping malicious commands in templates that mislead the underlying language model into misclassifying destructive operations as safe. The vulnerability exploits a design flaw in the model-based safety classification mechanism rather than a traditional code defect, affecting the extension across all versions where the 'Execute safe commands' option is enabled.
Remote code execution in CrewAI's CodeInterpreter tool occurs when Docker connectivity fails and the system falls back to SandboxPython, allowing unauthenticated remote attackers to execute arbitrary C functions and achieve code execution. The vulnerability affects systems relying on CrewAI's code execution capabilities where Docker is unavailable or unreachable, creating a dangerous fallback condition that bypasses intended sandboxing protections.
Remote SQL injection in YunaiV yudao-cloud up to version 2026.01 allows unauthenticated attackers to execute arbitrary SQL queries via the Website parameter in the /admin-api/system/tenant/get-by-website endpoint. The vulnerability has a CVSS score of 6.9 with public exploit code available, enabling remote compromise of database confidentiality and integrity without authentication or user interaction. The vendor has not responded to early disclosure notification.
Remote authenticated attackers can achieve arbitrary command execution on nginx-ui v2.3.3 servers by manipulating encrypted backup archives during restoration. The vulnerability stems from a circular trust model where backup integrity metadata is encrypted using the same AES key provided to clients, allowing attackers to decrypt backups, inject malicious configuration (including command execution directives), recompute valid hashes, and re-encrypt the archive. The restore process accepts tampered backups despite hash verification warnings. Publicly available exploit code exists with detailed proof-of-concept demonstrating configuration injection leading to arbitrary command execution. Vendor-released patch available in nginx-ui v2.3.4. This represents a regression from GHSA-g9w5-qffc-6762, which addressed backup access control but not the underlying cryptographic design flaw.
Server-Side Request Forgery (SSRF) in HAPI FHIR Validator HTTP service leaks authentication credentials for configured FHIR package registries to attacker-controlled domains. The unauthenticated `/loadIG` endpoint accepts arbitrary URLs, and a flawed `startsWith()` prefix matching logic in credential provider causes Bearer tokens, Basic auth, and API keys to be sent to domains like `packages.fhir.org.attacker.com` when legitimate servers like `packages.fhir.org` are configured. No public exploit identified at time of analysis, but EPSS score and detailed proof-of-concept in advisory indicate high weaponization potential. CVSS 9.3 (Critical) reflects scope change — stolen credentials compromise external FHIR registries and clinical data repositories beyond the vulnerable validator.