Skip to main content
CVE-2019-25711 MEDIUM POC This Month

SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized buffer in the Name field during registration. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Spotftp Password Recover
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2019-25712 MEDIUM POC This Month

BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Memory Corruption Blueauditor
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-6130 MEDIUM POC This Month

OS command injection in chatboxai chatbox up to version 1.20.0 allows remote attackers to execute arbitrary system commands by manipulating the args/env parameters in the StdioClientTransport component of the Model Context Protocol Server Management System. The vulnerability has a publicly available proof-of-concept exploit and affects the IPC stdio transport mechanism that handles subprocess spawning without proper input sanitization. While the vendor was notified early, no patch has been released as of the analysis date.

Command Injection Chatbox
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.8%
CVE-2026-6129 MEDIUM POC This Month

Authentication bypass in zhayujie chatgpt-on-wechat CowAgent up to version 2.0.4 allows remote unauthenticated attackers to manipulate the Agent Mode Service component, resulting in missing authentication checks (CWE-306). Publicly available exploit code exists, and the vulnerability has been reported to the project without response. CVSS 6.9 reflects moderate confidentiality, integrity, and availability impact with network-accessible attack vector and no user interaction required.

Authentication Bypass Chatgpt On Wechat Cowagent
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-6126 MEDIUM POC This Month

Missing authentication in zhayujie chatgpt-on-wechat CowAgent 2.0.4 administrative HTTP endpoint allows remote attackers to bypass access controls and perform unauthorized administrative operations without credentials. Publicly available exploit code exists. EPSS risk not available; CVSS 7.3 reflects network-based attack requiring no privileges or user interaction. The vendor has not responded to the vulnerability disclosure (GitHub issue #2733) at time of analysis.

Authentication Bypass Chatgpt On Wechat Cowagent
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-6110 MEDIUM POC PATCH GHSA This Month

Code injection in FoundationAgents MetaGPT versions up to 0.8.1 allows unauthenticated remote attackers to execute arbitrary code via the Tree-of-Thought Solver's generate_thoughts function. Publicly available exploit code exists (GitHub issue #1933), and a vendor-supplied patch is available via pull request #1946. The vulnerability requires no user interaction and has low attack complexity, with confirmed impact to confidentiality, integrity, and availability. CVSS 7.3 (High) reflects moderate impact across all CIA triad elements.

RCE Code Injection Metagpt
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2019-25708 MEDIUM POC This Month

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Heatmiser Wifi Thermostat
NVD Exploit-DB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2017-20239 MEDIUM POC This Month

MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by injecting malicious code through the location hash parameter. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mdwiki
NVD Exploit-DB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-1116 MEDIUM PATCH This Month

Cross-site scripting in parisneo/lollms prior to version 2.2.0 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim browsers via malicious HTML payloads injected through the unsanitized `content` field in the `AppLollmsMessage.from_dict` deserialization method. The changed scope (CVSS S:C) indicates impact beyond the vulnerable component, enabling session hijacking, account takeover, and potentially wormable attacks. Publicly available exploit code exists (reported v

XSS Parisneo Lollms
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-6107 MEDIUM PATCH This Month

Stored cross-site scripting (XSS) in 1Panel-dev MaxKB up to version 2.6.1 allows authenticated remote attackers to inject malicious scripts via the Name argument in ChatHeadersMiddleware, requiring user interaction to trigger. The vulnerability has a low CVSS score (3.5) due to requiring authentication and user interaction, but XSS can lead to session hijacking or credential theft. Vendor-released patch version 2.8.0 addresses this issue.

XSS Maxkb
NVD VulDB GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-40395 MEDIUM PATCH This Month

Varnish Enterprise before version 6.0.16r12 is vulnerable to a workspace overflow denial of service attack that crashes the daemon through the headerplus.write_req0() VCL function. Unauthenticated remote attackers can craft HTTP requests with excessive header fields to trigger a panic and terminate the Varnish server, particularly impacting deployments using shared VCL through Varnish Controller. CVSS base score of 4.0 reflects low availability impact with high attack complexity, and no public exploit code or confirmed active exploitation has been identified.

Denial Of Service Red Hat
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-40394 MEDIUM PATCH This Month

Denial of service via workspace overflow in Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows unauthenticated remote attackers to trigger daemon panic through HTTP/2 session upgrade with specific amounts of prefetched data. The vulnerability exploits improper buffer allocation during HTTP/1 to HTTP/2 transport upgrade, causing workspace exhaustion on subsequent pipelined fetch operations. EPSS score of 4.0 (low-to-medium risk) reflects attack complexity and limited scope (local availability impact only), though no public exploit code or active exploitation has been confirmed.

Denial Of Service Red Hat
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-40386 MEDIUM PATCH This Month

Integer underflow in libexif version 0.6.25 and earlier during Fuji and Olympus MakerNote decoding allows local attackers to crash applications or leak sensitive memory information. The vulnerability requires local access and specific user interaction (high complexity) but affects all applications linking libexif, creating a supply-chain exposure for image processing tools.

Denial Of Service Integer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-40385 MEDIUM PATCH This Month

Integer overflow in libexif through 0.6.25 Nikon MakerNote handling allows local attackers on 32-bit systems to trigger crashes or read sensitive memory, requiring high attack complexity and no user interaction. This affects only 32-bit architectures due to the integer arithmetic involved; EPSS probability is low given the local-only attack vector and high complexity prerequisite, but patch availability is currently unconfirmed.

Denial Of Service Integer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-40396 MEDIUM PATCH This Month

Varnish Cache 9.0.0 crashes (denial of service) when a remote client exploits timing between timeout_linger and timeout_idle to trigger HTTP/1 request pipelining that causes a workspace overflow in the refactored HTTP/2 architecture. The vulnerability stems from incomplete code path handling during workspace rollback in the recent non-blocking port, allowing prefetched data to exceed workspace_client boundaries and panic the daemon. Vendor-released patch: version 9.0.1. No public exploit code identified at time of analysis, but the attack requires only network access and careful timing, making real-world exploitation feasible for sophisticated attackers.

Denial Of Service Red Hat
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy