Out-of-bounds read in Corosync allows unauthenticated remote attackers to crash cluster nodes and potentially leak memory via malformed UDP packets. Affects default totemudp/totemudpu configurations across Red Hat Enterprise Linux 7/8/9/10 and OpenShift Container Platform 4. CVSS 8.2 (High) with network attack vector, low complexity, and no authentication required. EPSS and exploitation status data not available; no public exploit identified at time of analysis. Impacts high-availability clustering infrastructure commonly used in enterprise production environments.
Devolutions Server 2026.1.11 and earlier allows authenticated remote attackers to bypass two-factor authentication by reusing a partially authenticated session token, enabling unauthorized account access without completing the second authentication factor. The vulnerability affects all versions up to and including 2026.1.11, with no CVSS score or public exploit confirmation available at analysis time.
Devolutions Server versions 2026.1.11 and earlier allow authenticated remote attackers to bypass multi-factor authentication through improper validation of OAuth login requests, enabling account takeover without second-factor verification. CISA KEV status and exploit availability not confirmed at time of analysis.
BEAM VM atom table exhaustion in Ash Framework's Module type allows remote denial-of-service against Elixir applications. The ash package (all versions prior to v3.22.0) unconditionally creates Erlang atoms from user-supplied strings in Ash.Type.Module.cast_input/2 before validation, enabling attackers to crash the entire VM by submitting ~1 million unique 'Elixir.*' strings to any API endpoint with :module-typed attributes. Vendor patch released in commit 7031103 (v3.22.0). No public exploit identified at time of analysis, though the advisory provides detailed proof-of-concept code demonstrating trivial exploitation via repeated API requests.
Stored XSS in DbGate npm package escalates to remote code execution in Electron desktop app via unsanitized SVG icon rendering. Attackers who inject malicious SVG payloads into application definition files can execute arbitrary JavaScript when victims view matching database entries. In the Electron desktop client, insecure configuration (nodeIntegration: true, contextIsolation: false) allows XSS payloads to invoke Node.js APIs, enabling local code execution including file system access. Web depl
Insufficient entropy in cookie encryption within Auth0 PHP SDK versions 8.0.0 through 8.18.x enables brute-force attacks against session cookie encryption keys, potentially allowing authenticated threat actors with network access to forge arbitrary session cookies and bypass authentication controls. Vendor-released patch available in version 8.19.0. No public exploit identified at time of analysis, though CVSS score of 8.2 reflects high severity due to potential for complete authentication bypass with cross-scope impact.
### Impact TorchGeo 0.4-0.6.0 used an [`eval`](https://docs.python.org/3/library/functions.html#eval) statement in its model weight API that could allow an unauthenticated, remote attacker to execute. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
Path traversal in Ferret's IO::FS::WRITE and IO::FS::READ functions enables remote code execution when web scraping operators process attacker-controlled filenames. The vulnerability affects github.com/MontFerret/ferret (all v2.x and earlier versions), allowing malicious websites to write arbitrary files outside intended directories by injecting '../' sequences into filenames returned via scraped content. Attackers can achieve RCE by writing to /etc/cron.d/, ~/.ssh/authorized_keys, shell profile
Authentication bypass in IBM Verify Identity Access and IBM Security Verify Access (versions 10.0-10.0.9.1 and 11.0-11.0.2, both container and non-container deployments) allows remote attackers to gain unauthorized access under specific high-load conditions without authentication. The vulnerability carries an EPSS score indicating moderate exploitation probability, with vendor patch available but no confirmed active exploitation or public proof-of-concept at time of analysis. Attack complexity is rated high (AC:H), suggesting exploitation requires specific timing or environmental conditions related to load stress.
Authenticated path traversal in SillyTavern's chat import API enables authenticated users to write arbitrary files outside intended directories. Attackers exploit unsanitized 'character_name' parameters in /api/chats/import (versions prior to 1.17.0) to inject traversal sequences (e.g., '../../../../tmp/malicious'), causing file writes to arbitrary filesystem locations accessible to the service account. With CVSS 8.1 (AV:N/AC:L/PR:L), this requires low-privilege authentication but no user intera
Out-of-bounds read in WebCodecs functionality in Google Chrome prior to version 146.0.7680.178 allows remote attackers to read arbitrary memory contents via a crafted HTML page. The vulnerability affects all Chrome versions before the patched release and requires only user interaction (visiting a malicious webpage) to trigger. No public exploit code or active exploitation has been confirmed at time of analysis.
Authentication bypass in goshs (Go Simple HTTP Server) allows unauthenticated attackers to execute arbitrary system commands via WebSocket connections by exploiting a logic flaw in the BasicAuthMiddleware's share token validation. The middleware processes share tokens before credential checks, and attackers can combine a legitimate share token (intended for single-file downloads) with WebSocket query parameters to gain full CLI access. Confirmed actively exploited (CISA KEV). Public proof-of-concept code demonstrates remote command execution retrieving /etc/passwd. EPSS score indicates elevated exploitation probability given the simplicity of the attack chain.
Improper authorization in Cisco EPNM's REST API allows authenticated low-privilege attackers to access active user session data, including administrative credentials, enabling full device compromise. The vulnerability (CWE-862: Missing Authorization) affects the web management interface with CVSS 8.0 severity. Authentication is required (PR:L) but exploitation complexity is low once authenticated. No public exploit identified at time of analysis, with EPSS data unavailable for this 2026-dated CVE identifier.
Command injection in PraisonAI's run_python() function allows authenticated local attackers to execute arbitrary operating system commands with the privileges of the application process. The vulnerability stems from incomplete input sanitization that fails to escape shell metacharacters ($() and backticks) before passing user-controlled code to subprocess.run() with shell=True. Attackers with low-privilege local access can exploit this to achieve full system compromise (confidentiality, integrity, and availability impact rated High). Proof-of-concept code demonstrates successful command injection via the praisonaiagents Python package. No active exploitation confirmed via CISA KEV at time of analysis, but publicly available exploit code exists in the GitHub security advisory.
Use-after-free in Foxit PDF Reader and Editor allows arbitrary code execution when processing maliciously crafted PDF documents containing list box calculation arrays. The vulnerability (CVSS 7.8) occurs when stale references to deleted or re-created page/form objects persist in calculation logic, enabling local attackers to execute code with user privileges when victims open weaponized PDFs. No public exploit identified at time of analysis, though the memory corruption primitive is well-understood by exploit developers.
Use-after-free in Linux kernel AppArmor allows local authenticated users to achieve high confidentiality, integrity, and availability impact through a race condition between inode eviction and filesystem callbacks. The vulnerability stems from premature reference release of i_private data before inode cleanup completes. Patch available from kernel.org stable branches affecting Linux 4.13+ with Ubuntu marking priority=high across 729 releases. EPSS score of 0.02% suggests limited observed exploitation attempts despite widespread kernel deployment.
Use-after-free in Linux kernel AppArmor allows local authenticated attackers to achieve high-impact code execution, privilege escalation, or denial of service via race condition on rawdata inode dereference. Affects kernel 4.13+ including current LTS branches. Patches available for 6.6.130, 6.12.77, 6.18.18, 6.19.8, and 7.0-rc4. EPSS score is low (0.02%) with no public exploit identified at time of analysis, but Ubuntu rated this priority=high affecting 729 releases.
Double-free memory corruption in Linux kernel's AppArmor profile replacement allows local authenticated users to trigger kernel crashes or potentially execute arbitrary code with kernel privileges. The flaw affects Linux kernel versions from 5.5 onwards, with vendor patches available across multiple stable branches (6.6.130, 6.12.77, 6.18.18, 6.19.8, 7.0-rc4). EPSS exploitation probability is low (0.02%, 5th percentile) and no public exploit identified at time of analysis, though Ubuntu rates this medium priority with patches deployed across 729 releases.
Out-of-bounds read and write in Linux kernel AppArmor DFA verification allows local authenticated users to cause memory corruption and potential privilege escalation. Affects Linux kernel 4.17+ through 6.12.x, actively patched in stable branches 6.6.130, 6.12.77, 6.18.18, and 6.19.8. The vulnerability occurs during AppArmor policy loading when malformed DFA structures bypass bounds checking in verify_dfa(). EPSS score of 0.02% suggests low exploitation probability in the wild; no public exploit code or CISA KEV listing identified. Ubuntu rates this medium priority with patches released via USN-8152-1.
Out-of-bounds memory read in Linux kernel AppArmor DFA matching affects kernel versions since 4.17 due to macro side-effect bug. The match_char() macro evaluates its character parameter multiple times when called with *str++, causing the pointer to advance past buffer boundaries during differential encoding chain traversal. Ubuntu has released patches (USN-8152-1) with fixes available in kernels 6.6.130, 6.12.77, 6.18.18, 6.19.8, and 7.0-rc4. EPSS score of 0.02% (5th percentile) indicates very low exploitation probability, and no public exploit or CISA KEV listing exists. CVSS 7.8 reflects local high-privilege impact, but real-world risk is limited to authenticated local users who can trigger AppArmor path permission checks.
DLL search path hijacking in Foxit PDF Editor and Foxit PDF Reader update services enables local privilege escalation to SYSTEM. Low-privileged authenticated users can plant malicious libraries in writable directories that are resolved during update checks, achieving arbitrary code execution with elevated privileges. CVSS 7.8 (High) with low attack complexity. No public exploit identified at time of analysis, EPSS data not provided.
Authentication bypass via OAuth token race condition in tinyauth allows concurrent attackers to hijack user sessions and gain unauthorized access to victim accounts. The vulnerability affects tinyauth v5.0.4 and earlier versions where singleton OAuth service instances share mutable PKCE verifier and access token fields across all concurrent requests. When two users authenticate simultaneously with the same OAuth provider (GitHub, Google, or generic OAuth), the second request overwrites the first
Server-Side Request Forgery in PraisonAI's passthrough API allows authenticated remote attackers to access internal cloud metadata services and private network resources. The vulnerability affects the praisonai Python package where the passthrough() and apassthrough() functions accept unvalidated caller-controlled api_base parameters that are directly concatenated and passed to httpx requests. With default AUTH_ENABLED=False configuration, this is remotely exploitable to retrieve EC2 IAM credent
Server-Side Request Forgery in Payload CMS versions prior to 3.79.1 allows authenticated users with upload permissions to force the server to make HTTP requests to arbitrary URLs, potentially exposing internal network resources and sensitive data. The vulnerability affects the upload functionality and enables information disclosure with high confidentiality impact. CVSS score of 7.7 reflects network-accessible attack vector with low complexity requiring only low-privilege authentication. No public exploit identified at time of analysis, though the vulnerability requires only basic authenticated access to upload-enabled collections.
Mbed TLS before version 3.6.6 and TF-PSA-Crypto before version 1.1.0 contain a PRNG seed misuse vulnerability that enables information disclosure. An attacker who gains access to a seeded PRNG instance can potentially predict or replicate pseudo-random number generation, compromising cryptographic material confidentiality. The vulnerability affects cryptographic libraries used in embedded systems and IoT devices, with confirmed availability of vendor security advisories but no CVSS score assigned at time of analysis.
Broken access control in Open WebUI allows authenticated users to access tool values across tenant boundaries, exposing sensitive information from other users' AI tool configurations. The vulnerability affects self-hosted Open WebUI instances prior to version 0.8.11. With CVSS 7.7 (High) and network-accessible attack vector requiring only low-privilege authentication, this represents a significant confidentiality breach in multi-tenant deployments. No public exploit identified at time of analysis, with EPSS data not yet available for this recent CVE.
SQL injection in IBM Storage Protect Server 8.2.0 and Storage Protect Plus Server allows authenticated remote attackers to execute arbitrary SQL commands against the back-end database, enabling unauthorized data access, modification, or deletion. The vulnerability requires low attack complexity and low-level privileges (CVSS 7.6, PR:L), making it exploitable by any authenticated user. No public exploit identified at time of analysis, though SQL injection techniques are well-documented. EPSS data not provided, but SQL injection vulnerabilities historically see moderate exploitation rates when authentication barriers are low.
DNS rebinding attacks can bypass same-origin policy in Model Context Protocol (MCP) Go SDK versions prior to 1.4.0, enabling malicious websites to send unauthorized requests to localhost HTTP servers. Affects servers using StreamableHTTPHandler or SSEHandler when run without authentication on localhost. No public exploit identified at time of analysis, though the attack technique (DNS rebinding) is well-documented. CVSS scoring unavailable, but real-world risk is constrained to non-recommended configurations lacking authentication.
NULL pointer dereference in Mbed TLS distinguished name (X.509) parsing allows remote attackers to trigger a denial of service by writing to address 0, affecting Mbed TLS versions 3.6.5 and earlier, and 4.0.0. The vulnerability is reachable during X.509 certificate processing and does not require authentication. No public exploit code or active exploitation has been confirmed at the time of analysis.
Remote denial of service via integer overflow in Corosync cluster engine affects Red Hat Enterprise Linux 7-10 and OpenShift Container Platform 4. Unauthenticated attackers can send crafted UDP packets to crash Corosync services running in totemudp/totemudpu mode (CVSS 7.5, AV:N/PR:N). EPSS data not provided; no public exploit identified at time of analysis. Impacts high-availability cluster deployments where Corosync provides quorum and messaging services.
Unauthorized access to password-protected PDFs in PdfDing versions prior to 1.7.0 allows unauthenticated remote attackers to bypass shared-link password verification and retrieve confidential documents via direct file-serving endpoint calls. The vulnerability (CWE-863: Incorrect Authorization) has CVSS 7.5 (High) severity with network attack vector requiring no privileges or user interaction. EPSS data not available; no evidence of active exploitation (not in CISA KEV). Publicly available exploit code exists via GitHub commit demonstrating the bypass mechanism. Vendor-released patch available in version 1.7.0.
XML injection in xmldom's CDATA serialization allows remote attackers to inject arbitrary markup into generated XML documents without authentication. The vulnerability affects both the legacy xmldom package and @xmldom/xmldom when applications embed untrusted input into CDATA sections. Attackers can break out of CDATA context by including the sequence ]]> in user-controlled strings, causing downstream XML consumers to parse injected elements as legitimate markup. Vendor-released patches are avai
Buffer overflow in Mbed TLS versions 3.5.0 through 3.6.5 allows remote attackers to cause a denial of service or potentially execute arbitrary code via crafted input to the x509_inet_pton_ipv6() function used in X.509 certificate parsing. The vulnerability is fixed in Mbed TLS 3.6.6 and 4.1.0. No public exploit code or confirmed active exploitation has been identified at the time of analysis.
Remote code execution in Google Chrome prior to 146.0.7680.178 via use-after-free vulnerability in Dawn graphics subsystem allows an attacker who has already compromised the renderer process to execute arbitrary code through a crafted HTML page. This vulnerability requires prior renderer compromise but presents significant risk in multi-process exploitation chains; vendor has released patched version 146.0.7680.178 to address the issue.
Integer overflow in ANGLE (Google's OpenGL abstraction layer) in Chrome on Windows before version 146.0.7680.178 enables out-of-bounds memory writes if the renderer process is compromised, allowing an attacker to execute arbitrary code with renderer privileges. The vulnerability requires prior renderer process compromise, limiting the immediate attack surface but representing a critical post-compromise escalation vector. Chromium severity is rated High; patch availability confirms vendor remediation.
Packet filter (pf) rule hash calculation regression in FreeBSD causes rules with address range syntax (x.x.x.x - y.y.y.y) differing only in address ranges to be silently dropped as duplicates, loading only the first rule and potentially causing unexpected packet filtering behavior including unintended blocking or allowing of traffic. The regression affects pf's duplicate detection mechanism but does not impact rules using CIDR notation (address/mask-bits syntax). Only the first of multiple such rules is loaded, creating a silent configuration failure with no warning to administrators.
Local file inclusion in VertiGIS FM's upload/download mechanism allows authenticated attackers to read arbitrary server files by manipulating file paths during upload, with potential for remote code execution if web.config is obtained and NTLM-relay attacks via UNC path resolution. VertiGIS FM version 10.5.00119 and earlier are affected, and the vulnerability requires valid application credentials to exploit.
Local privilege escalation to SYSTEM via race condition in Lakeside SysTrack Agent 11 (versions prior to 11.2.1.28) allows unauthenticated local attackers to gain complete system control through timing-dependent exploitation. EPSS risk assessment and KEV status not available at time of analysis; no public exploit identified at time of analysis. Attack complexity is rated high, requiring precise timing manipulation of concurrent operations.
Command injection vulnerability in IBM Security Verify Access and IBM Verify Identity Access (versions 10.0-10.0.9.1 and 11.0-11.0.2, both containerized and non-containerized deployments) allows remote unauthenticated attackers to execute arbitrary commands with lower user privileges. The vulnerability stems from improper validation of user-supplied input (CWE-78). With CVSS 7.3 and network-accessible attack vector requiring no authentication or user interaction, this represents a significant exposure for internet-facing identity and access management infrastructure. No public exploit identified at time of analysis, though EPSS data not provided. Vendor patch available per IBM advisory.
Reflected cross-site scripting in VertiGIS FM dashboard search functionality allows authenticated attackers to execute arbitrary JavaScript in victim browsers through malicious URLs. The vulnerability affects VertiGIS FM across versions and requires user interaction (victim clicking a crafted link), but provides no authentication bypass-victims must already be logged into the application. CVSS score is not available; exploitation requires victim interaction and authentication context.
Privilege escalation in Cisco Smart Software Manager On-Prem (SSM On-Prem) web interface allows authenticated remote attackers with System User role to gain administrative access by intercepting session credentials from status messages. CVSS 7.3 (High severity) with network attack vector, low complexity, and requires low privileges plus user interaction. No public exploit code or active exploitation confirmed at time of analysis (EPSS data not provided).
SQL injection in pandas-ai v3.0.0 allows remote code execution through the pandasai.agent.base._execute_sql_query component, enabling attackers to manipulate SQL queries and potentially access, modify, or exfiltrate database contents. No CVSS score, EPSS data, or KEV status is available; however, the vulnerability affects a widely-used data analysis library and publicly available proof-of-concept code exists, elevating real-world risk despite incomplete severity metrics.
Incorrect permission assignment in Dell AppSync 4.6.0 enables local privilege escalation to high-impact system access. Authenticated attackers with low-privilege local access can exploit misconfigured resource permissions to elevate privileges, achieving full confidentiality, integrity, and availability compromise. No public exploit identified at time of analysis. Dell has released security advisory DSA-2026-163 addressing this vulnerability. EPSS data unavailable; CVSS 7.3 reflects significant local threat requiring user interaction.
UNIX symbolic link following in Dell AppSync 4.6.0 allows local authenticated attackers with low privileges to tamper with information and potentially escalate impact to high integrity and availability compromise. CVSS 7.3 (High) with low attack complexity. No public exploit identified at time of analysis. EPSS data not available, but local-only access requirement significantly reduces real-world attack surface compared to remotely exploitable vulnerabilities.
Installer privilege escalation in Foxit PDF Reader and Foxit PDF Editor allows local authenticated users to execute arbitrary code with elevated system privileges via DLL search path manipulation. The installer's failure to use absolute paths for system executables enables attackers to plant malicious DLLs in user-writable directories that take precedence during installation, exploiting the trusted installer's elevated permissions. EPSS data not available; no public exploit identified at time of analysis; not listed in CISA KEV.
Remote code execution in OpenSTAManager v2.10.1 and earlier allows authenticated attackers to achieve unauthenticated RCE via chained exploitation of arbitrary SQL injection (GHSA-2fr7-cc4f-wh98) and insecure PHP deserialization in the oauth2.php endpoint. The unauthenticated oauth2.php file calls unserialize() on attacker-controlled database content without class restrictions, enabling gadget chain exploitation (Laravel/RCE22) to execute arbitrary system commands as www-data. Attack requires in
Path traversal in Poetry's wheel installer (versions prior to 2.3.3) allows malicious Python packages to write arbitrary files outside the installation directory during package installation. Attackers can craft wheel files containing ../ directory traversal sequences that bypass containment checks, enabling file overwrite with Poetry process privileges. This directly threatens CI/CD pipelines and developer workstations installing untrusted packages from PyPI or private repositories. No active exploitation confirmed at time of analysis, but a functional proof-of-concept is publicly documented in the GitHub advisory.
Stored cross-site scripting (XSS) in YesWiki allows unauthenticated attackers to inject malicious JavaScript through form title fields, achieving persistent code execution in browsers of all users viewing affected pages. The vulnerability requires no authentication and affects the BazaR form component, with publicly available exploit code demonstrating injection via the 'Name of the event' and 'Description' fields. Successful exploitation enables session hijacking, credential theft, and arbitrary actions in victim contexts including administrative users.
Path traversal via symlink/junction bypass in @tinacms/graphql FilesystemBridge allows authenticated remote attackers with low privileges to read, write, and delete arbitrary files outside the configured content root. The vulnerability exploits a realpath canonicalization gap where path validation checks lexical string paths but filesystem operations follow symlink targets. Attack complexity is high (CVSS AC:H) as it requires pre-existing symlinks/junctions within the content tree or the ability
TinaCMS CLI media handlers can be bypassed via symlink/junction traversal, allowing authenticated low-privilege attackers to list, write, and delete files outside the configured media root directory. The vulnerability exists in @tinacms/cli's dev server media routes despite recent path-traversal hardening, because validation performs only lexical string checks without resolving symlink targets. Attack complexity is high (requires pre-existing symlink under media root), but impact is significant with confirmed read/write primitives. Vendor patch available via GitHub commit f124eaba. EPSS and KEV data not provided; no public exploit identified at time of analysis beyond researcher's local Windows junction proof-of-concept.