Skip to main content
CVE-2018-25297 MEDIUM POC This Month

Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wansview
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25278 MEDIUM POC This Month

PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Picajet Fx
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25274 MEDIUM POC This Month

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Infrarecorder
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25273 MEDIUM POC This Month

CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Crossfont
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25264 MEDIUM POC This Month

TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Transmac
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25295 MEDIUM POC This Month

ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Observerip Scan Tool
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25293 MEDIUM POC This Month

Prime95 29.4b7 contains a buffer overflow vulnerability in the PrimeNet connection dialog that allows local attackers to crash the application by supplying an excessively long string in the optional. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Prime95
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25292 MEDIUM POC This Month

Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Restorator
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25291 MEDIUM POC This Month

Project64 2.3.2 contains a buffer overflow vulnerability in the Plugin Directory settings field that allows local attackers to crash the application by supplying an excessively long string. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Project64
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25290 MEDIUM POC This Month

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Easyboot
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25289 MEDIUM POC This Month

Softdisk 3.0.3 contains a buffer overflow vulnerability in the registration code dialog that allows local attackers to crash the application by supplying an oversized string. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Softdisk
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25288 MEDIUM POC This Month

StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Stylewriter
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25286 MEDIUM POC This Month

Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Easy Photoresq
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25284 MEDIUM POC This Month

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Hd Tune Pro
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25282 MEDIUM POC PATCH This Month

Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Red Hat Suse
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25279 MEDIUM POC This Month

jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Jina Ocr Image To Text
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25277 MEDIUM POC This Month

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Pixgps
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25275 MEDIUM POC This Month

Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Faleemi Plus
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25281 MEDIUM POC This Month

iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload through the Connect to Server dialog. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Icash
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2018-25296 MEDIUM POC This Month

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Central Management Software
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2018-25287 MEDIUM POC This Month

Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Drive Power Manager
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2018-25285 MEDIUM POC This Month

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Fathom
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2018-25280 MEDIUM POC This Month

Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Infiltrator Network Security Scanner
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2018-25276 MEDIUM POC This Month

RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Roboimport
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-7066 MEDIUM POC This Month

Remote OS command injection in simple-openstack-mcp allows unauthenticated attackers to execute arbitrary system commands via the exec_openstack function in server.py. The vulnerability affects all deployments up to commit 767b2f4a8154cca344344b9725537a58399e6036, with confirmed publicly available exploit code (GitHub issue #3). CVSS 7.3 severity reflects network attack vector with no authentication required, enabling direct system compromise. Project maintainer has not responded to vulnerability disclosure at time of analysis.

Command Injection Simple Openstack Mcp
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
1.0%
CVE-2026-7058 MEDIUM POC This Month

Remote command injection in MiroFish versions up to 0.1.2 allows unauthenticated attackers to execute arbitrary system commands through the SimulationIPCClient.send_command function in the inter-process communication module. The vulnerability is actively exploitable via network access with low complexity, requiring no user interaction or authentication. A public proof-of-concept exploit has been disclosed (GitHub issue #488), and EPSS data shows moderate exploitation probability. The vendor (666ghj) has been notified via issue report but has not responded or released a patch, leaving all MiroFish installations vulnerable to remote compromise.

Command Injection Mirofish
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
1.0%
CVE-2026-7062 MEDIUM POC This Month

OS command injection in Intina47 context-sync through version 2.0.0 allows remote unauthenticated attackers to execute arbitrary system commands via the Git integration module (src/git-integration.ts). CVSS 7.3 with network attack vector and no authentication required indicates significant exposure. Publicly available exploit code exists (wing3e/public_exp repository), though no CISA KEV listing suggests exploitation remains limited to proof-of-concept demonstrations rather than widespread campaigns. EPSS data unavailable, but the combination of network exposure, authentication bypass, and public exploit warrants immediate remediation priority for organizations using this synchronization tool.

Command Injection Context Sync
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.8%
CVE-2026-7061 MEDIUM POC This Month

OS command injection in Toowiredd chatgpt-mcp-server up to version 0.1.0 allows remote unauthenticated attackers to execute arbitrary system commands through the Docker service component. The vulnerability exists in src/services/docker.service.ts within the MCP/HTTP interface and has publicly available exploit code. The vendor has been notified but has not yet released a patch.

Docker Command Injection
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.8%
CVE-2026-7064 MEDIUM POC This Month

Remote unauthenticated attackers can inject arbitrary operating system commands through the browser-connector.ts file in AgentDeskAI browser-tools-mcp versions up to 1.2.0, leading to command execution with application privileges. The vulnerability stems from improper input sanitization in file browser processing and has been published with publicly available exploit code; the vendor has been notified but has not yet released a patch.

Command Injection Browser Tools Mcp
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.2%
CVE-2026-7042 MEDIUM POC This Month

Missing authentication in MiroFish REST API allows remote attackers to bypass security controls and access protected endpoints without credentials. The vulnerability affects MiroFish versions up to 0.1.2 in the create_app function within backend/app/__init__.py. A publicly available exploit demonstrates the attack (GitHub issue #487), and the vulnerability is trivially exploitable with CVSS complexity rated Low and no authentication required (CVSS:3.1/AV:N/AC:L/PR:N/UI:N). The vendor has not responded to responsible disclosure attempts, leaving users without an official patch. With CVSS 7.3 (High) and confirmed public POC, this represents an immediate risk to deployments exposing the REST API to untrusted networks.

Authentication Bypass Mirofish
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-7036 MEDIUM POC This Month

Path traversal in Tenda i9 router firmware version 1.0.0.5(2204) allows remote unauthenticated attackers to access arbitrary files, modify system configurations, and potentially disrupt device operation via the R7WebsSecurityHandlerfunction in the HTTP Handler component. Publicly available exploit code exists on GitHub (Litengzheng/vuldb_new), enabling straightforward exploitation with EPSS-assessed risk. The vulnerability permits confidentiality, integrity, and availability impacts with low attack complexity and no required user interaction, making it a realistic target for automated scanning and exploitation.

Tenda Path Traversal
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-7059 MEDIUM POC This Month

Path traversal in MiroFish up to version 0.1.2 allows remote unauthenticated attackers to read arbitrary files via manipulation of the Platform query parameter in the get_simulation_posts function. The vulnerability affects the backend simulation API endpoint and has publicly available exploit code, though exploitation is limited to information disclosure rather than modification or availability impact.

Path Traversal Mirofish
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7065 MEDIUM POC This Month

Server-side request forgery (SSRF) in BuildingAI up to version 26.0.1 allows remote unauthenticated attackers to abuse the Remote Upload API's uploadRemoteFile function by manipulating the url parameter, enabling unauthorized access to internal resources, data exfiltration from cloud metadata services, and potential pivoting to internal network systems. A publicly available exploit exists (GitHub issue #110), but the vendor has not responded to disclosure. CVSS 7.3 with EPSS data unavailable; exploitation requires no authentication and low attack complexity (AV:N/AC:L/PR:N/UI:N), making this a high-priority remediation target despite unknown CISA KEV status.

SSRF Buildingai
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7025 MEDIUM POC This Month

Server-side request forgery in Typecho's Pingback Service (versions up to 1.3.0) allows remote unauthenticated attackers to force the server to make arbitrary HTTP requests to internal or external resources. The vulnerability resides in Service::sendPingHandle() function where attacker-controlled X-Pingback and link parameters bypass validation. Public exploit code exists (documented in researcher blog post), enabling immediate weaponization. CVSS 7.3 reflects network-accessible attack with no authentication required. EPSS data not available, but public POC significantly elevates real-world risk. Vendor non-responsive to early disclosure.

PHP SSRF
NVD VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7060 MEDIUM POC PATCH This Month

SQL injection in Yu Picture's PageRequest handler allows remote unauthenticated attackers to manipulate database queries via the sortField parameter in PictureServiceImpl.java. The vulnerability exists in MyBatis-Plus integration code at commit a053632c41340152bf75b66b3c543d129123d8ec. Publicly available exploit code exists (GitHub issue #4) with EPSS not yet calculated. Vendor patch available via pull request #3 but remains unmerged, leaving deployed instances vulnerable. CVSS 7.3 reflects network-accessible, low-complexity exploitation with no authentication required, enabling partial confidentiality, integrity, and availability compromise.

Java SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7063 MEDIUM POC This Month

SQL injection in code-projects Employee Management System 1.0 allows remote unauthenticated attackers to extract, modify, or delete database contents via the pwd parameter in /370project/process/eprocess.php. CVSS 7.3 (High) with network vector and no prerequisites. Publicly available exploit code exists on GitHub, enabling immediate weaponization. No vendor-released patch identified at time of analysis. EPSS data unavailable; not listed in CISA KEV, suggesting targeted rather than widespread exploitation despite public POC.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7022 MEDIUM This Month

Improper authentication in SmythOS sre up to version 0.0.15 allows remote attackers to bypass authentication via manipulation of HTTP headers X-DEBUG-RUN and X-DEBUG-INJ in the AgentRuntime component, enabling unauthorized access with low confidentiality, integrity, and availability impact. Publicly available exploit code exists and the vendor has not responded to early disclosure notification.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-7026 MEDIUM This Month

Stored or reflected cross-site scripting (XSS) in D-Link DGS-3420 firmware 1.50.018 allows authenticated remote attackers to inject malicious scripts via the System Name parameter on the System Information Settings Page. The vulnerability requires high-level administrative privileges and user interaction (UI:R), limiting exploitation to scenarios where an authenticated admin visits a malicious page or clicks a crafted link. Publicly available exploit code exists; CVSS 4.5 reflects the requirement for admin access and user interaction, though the impact is information disclosure or session hijacking potential through XSS.

XSS D-Link
NVD VulDB
CVSS 4.0
5.4
EPSS
0.0%
CVE-2026-7045 MEDIUM PATCH This Month

SpEL expression injection in baomidou dynamic-datasource 2.5.0 allows authenticated remote attackers to execute arbitrary code via the DsSpelExpressionProcessor component. The vulnerability stems from unsafe evaluation of Spring Expression Language (SpEL) in datasource routing logic, enabling attackers with application access to inject malicious expressions that execute with application privileges. No public exploit code or active exploitation has been identified at time of analysis, though upstream fix is available.

Java Code Injection
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.1%
CVE-2026-42254 MEDIUM PATCH This Month

Hickory DNS recursor versions 0.1 through 0.25.2 allow cross-zone DNS poisoning attacks due to cached DNS responses not being directly associated with the query that triggered them, enabling attackers to inject malicious DNS records across zone boundaries and potentially redirect traffic to attacker-controlled servers without user interaction or authentication.

Information Disclosure Hickory Dns
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy