Stored cross-site scripting in CVAT (Computer Vision Annotation Tool) versions 2.5.0 through 2.63.0 allows an authenticated user with annotation-guide create/edit privileges to inject malicious JavaScript into a task's annotation guide, which executes in any victim's browser that opens it. Executed script runs with the victim's CVAT session privileges, enabling arbitrary API requests on their behalf. No public exploit identified at time of analysis; EPSS is low (0.05%) and SSVC reports no observed exploitation.
Configuration manipulation in F5 BIG-IP and BIG-IQ Certificate Manager allows authenticated attackers with high privileges to execute arbitrary commands with scope change. Attackers holding Certificate Manager role credentials can modify configuration objects to run system commands, escalating from administrative interface access to underlying system control. CVSS 8.7 reflects the scope change (S:C) enabling broader impact than typical privileged command injection. No public exploit identified at time of analysis. F5 has released vendor patches per K000160972.
Arbitrary command execution in F5 BIG-IP and BIG-IQ Certificate Manager allows highly privileged attackers with Certificate Manager role to run OS commands by modifying configuration objects. The vulnerability requires network access and high privileges (PR:H) but enables scope change (S:C) with high confidentiality and integrity impact. Vendor-released patch available per F5 Security Advisory K000160971. EPSS data not provided; no confirmed active exploitation (not in CISA KEV) or public exploit code identified at time of analysis.
Authenticated administrators in F5 BIG-IP Appliance mode can bypass configuration restrictions designed to prevent system-level access. Administrators with the 'Administrator' role can circumvent Appliance mode lockdown controls, potentially modifying underlying system configurations that should be protected in this deployment mode. Vendor patch available per F5 Security Advisory K000160876. CVSS 8.5 reflects high confidentiality/integrity impact despite requiring privileged authentication.
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
Local privilege escalation in Claude Desktop for Windows prior to 1.3834.0 allows a low-privileged user to gain SYSTEM-level file write primitives by abusing the CoworkVMService component. The service fails to validate whether the user-writable VM bundle directory is a real directory or an NTFS directory junction, enabling a classic link-following attack. No public exploit identified at time of analysis, and EPSS is negligible (0.01%), but SSVC rates technical impact as total.
Server-side request forgery (SSRF) in Nautobot's Webhook feature allows authenticated users with add/change permissions on the Webhook data model to configure malicious webhook URLs targeting internal hosts, cloud metadata endpoints, or other restricted network resources. Affects all versions prior to 2.4.33 and 3.x versions prior to 3.1.2. The vulnerability allows bypassing intended network boundaries and accessing services that should not be reachable from the Nautobot server. Vendor-released patches available in v2.4.33 and v3.1.2 introduce URL scheme restrictions, IP network blocklists, and hostname allow-lists to prevent SSRF exploitation. No public exploit identified at time of analysis, but CVSS base score of 8.5 reflects significant impact with scope change allowing access to resources beyond the vulnerable component's security context.
DLL hijacking in Bytello Share (Windows Edition) installer prior to version 5.13.0.4246 allows local attackers to execute arbitrary code with the privileges of the installing user. The installer insecurely loads DLLs from its current directory, enabling attackers who can place a malicious DLL in the same location to achieve code execution when a user runs the installer. EPSS probability is very low (0.01%, 3rd percentile) with no active exploitation identified, suggesting this requires significant local access prerequisites that limit real-world risk despite the high CVSS score.
HTTP response header injection in cPanel, WHM, and WP Squared allows unauthenticated remote attackers to inject arbitrary headers via the unsanitized `status` query parameter of the `/unprotected/nova_error` endpoint. CVSS 8.3 reflects the changed scope (S:C) with low impact across confidentiality, integrity, and availability, consistent with CRLF-style header injection that can pivot into cache poisoning, session fixation, or open redirect chains. No public exploit identified at time of analysis, and EPSS is low at 0.07%, but a vendor patch is already available.
Memory disclosure and denial-of-service in NGINX's SCGI and uWSGI proxy modules allow attackers with man-in-the-middle position between NGINX and upstream servers to read worker process memory or crash the service. Affects both NGINX Open Source and NGINX Plus when scgi_pass or uwsgi_pass directives are configured. The vulnerability requires network positioning between NGINX and its backend servers (AV:N with AT:P - Present attack complexity), making exploitation dependent on network architecture. No public exploit identified at time of analysis. CVSS 8.3 (High) reflects potential for confidential data exposure but limited by MITM prerequisite.
Use of an end-of-life jQuery 1.x library in HCL BigFix SCM Reporting 11.0.5 exposes the management console to client-side attacks, including DOM-based XSS, inherited from publicly known unpatched flaws in the dependency. With no public exploit identified at time of analysis and a very low EPSS score (0.04%), the CVSS 8.3 rating reflects high theoretical impact rather than confirmed in-the-wild abuse, though successful exploitation requires user interaction with a crafted resource.
F5 BIG-IP TMOS shell (tmsh) allows authenticated administrators and resource administrators to execute arbitrary system commands with elevated privileges via an undisclosed command, potentially crossing security boundaries in Appliance mode deployments. The vulnerability requires high-privilege account access and local command-line interaction but poses significant risk to appliance-mode BIG-IP systems where privilege escalation could compromise the entire platform.
Unauthenticated remote denial of service in ninenines cowlib (versions 0.1.0 through 2.16.0) allows a single crafted SPDY frame to exhaust BEAM VM memory via a zlib decompression bomb. The cow_spdy:inflate/2 path passes peer-controlled compressed bytes to zlib:inflate/2 without bounding output size, and because the SPDY ?ZDICT dictionary is public and zlib achieves roughly 1024:1 compression on repeated bytes, kilobytes of input expand to gigabytes of heap, OOM-killing the Erlang node. No public exploit identified at time of analysis, EPSS is low (0.14%), and CISA SSVC marks exploitation as none, but the upstream fix is to remove cow_spdy entirely in 2.16.1.
Account validation bypass in Solana's Anchor framework (anchor-lang 1.0.0 through 1.0.1) allows attackers to substitute arbitrary program IDs where the System program is expected, enabling arbitrary cross-program invocation (CPI) and payment bypass in downstream on-chain programs. The flaw stems from Program<'a, System> resolving to the same Pubkey::default() check as the untyped Program<'a, ()> variant, so anchor never enforces the expected system program id. A working PoC is published in the GHSA advisory, though there is no public exploit identified at time of analysis as a weaponized tool, EPSS is 0.04% (13th percentile), and the issue is not in CISA KEV.
Credential interception in cPanel/WHM and WP Squared DNS Cluster system allows network-positioned attackers to perform man-in-the-middle attacks because SSL/TLS certificate verification is disabled when DNS Cluster nodes communicate. An attacker able to intercept traffic between cluster peers can impersonate a legitimate DNS Cluster server and capture authentication credentials transmitted during the request. No public exploit identified at time of analysis and EPSS exploitation probability is very low (0.03%), but SSVC marks the flaw as automatable with partial technical impact.
Unauthenticated denial of service in ninenines Cowboy 2.0.0 through 2.14.x allows remote attackers to exhaust BEAM VM memory by sending malformed multipart/form-data uploads that never complete a header section. The flaw lives in cowboy_req:read_part/3, which lacked the upper-bound buffer guard already present in read_part_body/4, letting a handful of concurrent slow uploads accumulate request bytes linearly until the Erlang node runs out of memory. EPSS is very low (0.02%) and no public exploit is identified at time of analysis, but the upstream patch and a regression test are already merged in 2.15.0.
PHP Object Injection vulnerability in coreActivity activity logging plugin through version 3.0 allows remote attackers to trigger persistent Denial of Service blocking administrator access to log pages. Unauthenticated attackers inject crafted PHP serialized payloads via User-Agent headers during any logged event (e.g., failed login). When administrators view the Logs page, the plugin deserializes untrusted data and passes it to DeviceDetector::setUserAgent(), causing Fatal TypeError. Vendor-released patch version 3.1 available (released May 6, 2026). EPSS exploitation probability not available; no CISA KEV listing at time of analysis. CVSS 8.1 reflects high complexity attack requiring precise payload crafting despite no authentication requirement.
Account and store takeover in CubeCart 6.6.x through 6.7.1 is possible because the CC_STORE_URL constant is derived from the unvalidated Host header at bootstrap and embedded into password-reset emails. A remote unauthenticated attacker who knows a victim's email address can trigger a host-header poisoning attack that emails the user a reset link pointing at attacker-controlled infrastructure, capturing a valid 3,600-second token on click. SSVC reports a public POC and total technical impact, while EPSS remains low (0.03%) and no public exploit is identified as in-the-wild.
Privilege revocation race condition in Grafana OSS allows a user whose service-account token-minting permission was just revoked to continue minting tokens for several seconds after the revocation event. The flaw, tagged as an authentication bypass affecting multiple supported branches of Grafana OSS (11.x, 12.x, 13.x), can yield high confidentiality and integrity impact by granting persistent API access via newly minted service-account tokens. No public exploit identified at time of analysis, EPSS is very low (0.03%), and SSVC marks exploitation as none - but the vendor has issued patches across all affected branches.
SQL injection in the cPanel/WHM sqloptimizer utility script allows attackers to execute arbitrary SQL queries as the MySQL root user when Slow Query logging is enabled. The flaw affects multiple cPanel branches (11.86 through 11.136), WP Squared, and the CloudLinux 6/CentOS 6 builds, with no public exploit identified at time of analysis. EPSS is low (0.03%) and SSVC marks exploitation as 'none', but technical impact is rated total because the injection runs with full database privileges.
Command injection in Node.js systeminformation library (versions 4.17.0 through 5.31.5) allows local authenticated attackers with NetworkManager configuration rights to execute arbitrary shell commands when networkInterfaces() is called on Linux systems. The vulnerability stems from unsanitized NetworkManager connection profile names being interpolated into three shell command strings executed via execSync(). While the library sanitizes network interface names, it fails to apply equivalent sanitization to connection profile names parsed from nmcli output. The vendor has released patch version 5.31.6. CVSS score of 7.8 (High) reflects local attack vector requiring low privileges, but successful exploitation grants full process privileges-critical when the calling application runs with elevated rights, as is common in monitoring agents, inventory tools, and system management dashboards.
Command injection in uniget (gitlab.com/uniget-org/cli) before v0.27.1 enables arbitrary shell command execution when the CLI processes attacker-controlled tool metadata. The `check` field from JSON metadata is concatenated into a `/bin/bash -c` invocation by `RunVersionCheck()` in tool.go, so common operations like `describe`, `install`, `update`, or `inspect` trigger execution under the invoking user's privileges. Publicly available exploit code exists (vendor PoC in GHSA-qqq4-5773-pmw5); EPSS is low at 0.03% (10th percentile) and the issue is not in CISA KEV.
Local privilege escalation potential exists in the Linux kernel's IIO chemical sensor subsystem, specifically the sps30_i2c driver, where an incorrect sizeof() calculation in sps30_i2c_read_meas() uses sizeof(size_t) instead of sizeof(*meas), creating a buffer size mismatch. Affecting Linux kernel versions from 5.14 onward, the flaw could lead to memory corruption or out-of-bounds access when handling measurement data from Sensirion SPS30 particulate matter sensors over I2C. EPSS is very low at 0.02% and there is no public exploit identified at time of analysis, but a CVSS of 7.8 reflects high local impact on confidentiality, integrity, and availability.
Double-free condition in the Linux kernel's net-shapers subsystem allows local low-privileged attackers to corrupt kernel memory via the generic netlink interface. The flaw occurs because net_shaper_nl_get_doit() and net_shaper_nl_cap_get_doit() incorrectly call nlmsg_free() on a reply skb that was already consumed by genlmsg_reply(), enabling potential privilege escalation. No public exploit identified at time of analysis and EPSS scoring places exploitation probability at only 0.02%.
Local privilege escalation in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 allows an authenticated low-privileged user to elevate to higher privileges through external control of a file name or path during installation routines. The flaw was reported by Zoom and carries CVSS 7.8 with total technical impact, though no public exploit identified at time of analysis and EPSS sits at 0.01%. SSVC indicates exploitation status 'none' and the attack is not automatable, marking this as a patch-on-schedule rather than emergency item.
Local privilege escalation in Zoom Rooms for Windows versions prior to 7.0.0 allows an authenticated user to gain elevated privileges through an untrusted search path weakness in the installer. The flaw (CWE-426) carries a CVSS 7.8 (High) rating with complete confidentiality, integrity, and availability impact, though EPSS exploitation probability is very low (0.01%) and there is no public exploit identified at time of analysis. CISA SSVC indicates no observed exploitation but total technical impact, making this a credible insider-threat or post-compromise escalation vector rather than an internet-facing risk.
Authenticated users can crash MongoDB Server by chaining specific server-side JavaScript operations ($_internalJsEmit or mapreduce map functions) with subsequent JavaScript engine invocations ($where, $function, mapreduce reduce stages), triggering a use-after-free condition. Affects MongoDB Server 7.0 (prior to 7.0.34), 8.0 (prior to 8.0.23), 8.2 (prior to 8.2.9), and 8.3 (prior to 8.3.2). Vendor-released patches available for all affected branches. No public exploit identified at time of analysis; EPSS score of 0.05% (16th percentile) suggests low observed exploitation probability despite 7.7 CVSS score. The CWE-416 use-after-free root cause requires precise sequencing of JavaScript operations, limiting exploitability.
Time-based blind SQL injection in JoomSport WordPress plugin (all versions ≤5.7.7) enables unauthenticated remote attackers to extract sensitive database contents including credentials, user data, and configuration secrets via the unsanitized 'sortf' parameter. CVSS 7.5 (High) with network attack vector, low complexity, and no authentication required. EPSS data not provided; no CISA KEV listing indicates exploitation not yet confirmed in the wild. Wordfence Threat Intel reported this vulnerability with proof-of-concept code references pointing to specific vulnerable functions in class-jsport-getplayers.php and class-jsport-playerlist.php, enabling straightforward exploitation by security researchers and threat actors alike.
Time-based SQL injection in Avada Builder for WordPress allows remote unauthenticated attackers to extract sensitive database information via the 'product_order' parameter. CVSS 7.5 (High) reflects network-accessible attack vector with no authentication required, but exploitation is limited to specific deployments where WooCommerce was previously installed then deactivated. No active exploitation confirmed (not in CISA KEV), but vulnerability disclosed by Wordfence Threat Intelligence with technical details publicly available.
Information disclosure in Hoppscotch (versions 2025.7.0 through pre-2026.4.0) allows unauthenticated remote attackers to retrieve all infrastructure secrets in plaintext by issuing a GET request to /v1/onboarding/config when the ONBOARDING_RECOVERY_TOKEN database value is an empty string. The flaw is an incomplete fix for CVE-2026-28215, which patched the POST counterpart but left the read endpoint exposed; publicly available exploit code exists per SSVC, although no public exploit identified at time of analysis in references, and EPSS is low at 0.04%.
Arbitrary file read on Garmin WDU v1 1.4.6 and v2 5.0 allows remote unauthenticated attackers to retrieve sensitive files from the device filesystem via symlink injection in uploaded graphics packages. The locally-served web server follows symlinks without filesystem restriction, enabling information disclosure. EPSS score of 0.02% (5th percentile) indicates low widespread exploitation probability. No public exploit or CISA KEV listing identified at time of analysis.
Remote denial-of-service attacks against striso-control-firmware commit 54c9722 via buffer overflow in AuxJack function allow unauthenticated network attackers to crash the device. Despite the high CVSS 7.5 severity, impact is limited to availability (no code execution, data theft, or privilege escalation), and the vulnerability affects an unversioned development commit of specialized musical instrument firmware with a narrow user base. No public exploit code or active exploitation indicators identified at time of analysis.
Remote denial-of-service attack against striso-control-firmware commit 54c9722 allows network attackers to crash the device through a buffer overflow in the ThreadReadButtons function, resulting in complete service unavailability. CVSS 7.5 High severity with network attack vector requiring no authentication or user interaction. EPSS and KEV data not available; no public exploit code identified at time of analysis, though technical details disclosed in GitHub issue #5 could facilitate development.
Authentication bypass in Grafana OSS Auth Proxy allows remote attackers to circumvent IPv6 allow-list restrictions because the feature applies a /32 default mask to IPv6 addresses instead of the appropriate /128, dramatically widening the trusted address space and potentially admitting unauthorized clients into authenticated sessions. The flaw is confined to the Auth Proxy authentication path - Okta, SAML, and LDAP integrations are unaffected - and at this time there is no public exploit identified at time of analysis, with EPSS at 0.03% and SSVC marking exploitation as 'none.'
Man-in-the-middle attacks against Claude Desktop's SSH remote development feature are possible in versions 1.2581.0 through 1.4303.x because the client only checks that a hostname exists in ~/.ssh/known_hosts without verifying that the server's presented host key matches the stored key. A network-positioned adversary can substitute an arbitrary host key during an SSH handshake and have the connection silently accepted, allowing interception or modification of remote developer sessions. No public exploit identified at time of analysis, and EPSS (0.02%) plus SSVC (Exploitation: none) indicate no active exploitation despite the high CVSS 4.0 score of 7.4.
Authentication bypass in Garmin WDU v1 1.4.6 and v2 5.0 allows remote unauthenticated attackers to execute arbitrary commands via WebSocket API. The web interface implements client-side-only authentication while the WebSocket backend enforces no authentication, enabling complete bypass by directly accessing remote APIs. With CVSS 7.3 (AV:N/AC:L/PR:N) but only 0.03% EPSS probability, this represents a critical design flaw in deployed devices rather than actively exploited widespread threat. No public exploit identified at time of analysis.
Local code injection in Palo Alto Networks Prisma Browser on macOS lets an authenticated non-admin user abuse an exposed AppleScript/Apple Event handler to send unauthorized commands to the browser, with high impact on confidentiality and integrity. No public exploit identified at time of analysis, and EPSS is very low (0.02%), but SSVC rates the technical impact as total once the local foothold exists. Affects all Prisma Browser releases prior to 146.16.6.165 on macOS.
Arbitrary file upload in qihang-wms (启航电商WMS) allows unauthenticated remote attackers to execute arbitrary code by uploading malicious files through the ShopOrderImportController component. The vulnerability affects commit 75c15a and potentially other versions of this warehouse management system. EPSS score of 0.02% (5th percentile) indicates low observed exploitation probability, and no active exploitation has been confirmed by CISA KEV at time of analysis. Public exploit documentation exists via GitHub/Gist references.
Firmament-Autopilot FMT-Firmware commit de5aec was discovered to contain a buffer overflow via the task_mavobc_entry function at /comm/task_comm.c. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Local privilege escalation in Palo Alto Networks Prisma Browser on macOS allows a locally authenticated non-admin user to access an internal automation bridge that was insufficiently restricted, enabling unauthorized commands to be sent to the browser and bypassing built-in security controls. The flaw is tracked as CVE-2026-0237 with a CVSS 4.0 score of 7.3 and no public exploit identified at time of analysis, though SSVC rates the technical impact as total.
Command injection in U-SPEED AC1200 Gigabit Wi-Fi Router (Model T18-21K) V1.0 allows authenticated administrators to execute arbitrary system commands with elevated privileges through the Network Time Protocol (NTP) configuration interface. The vulnerability stems from insufficient input sanitization in NTP settings fields, enabling full system compromise. CVSS score of 7.2 reflects high impact across confidentiality, integrity, and availability. Public proof-of-concept code exists via GitHub repository (N0tMilk/vulnerability-research), though no active exploitation has been confirmed via CISA KEV at time of analysis. EPSS data not available for risk probability assessment.
Authentication bypass in Palo Alto Networks PAN-OS allows unauthenticated network attackers to circumvent authentication controls when the Cloud Authentication Service (CAS) feature is enabled, with the highest risk when CAS is bound to the management interface. The flaw affects PA-Series and VM-Series firewalls as well as Panorama (virtual and M-Series); Cloud NGFW and Prisma Access are not impacted. No public exploit identified at time of analysis, and EPSS rates real-world exploitation probability low at 0.08%, but the high-value target profile and CWE-347 (Improper Verification of Cryptographic Signature) class - combined with the 'Jwt Attack' tag - warrant prompt patching.
SQL injection in multiple Advantech industrial IoT platforms allows remote authenticated attackers with high privileges to execute arbitrary database commands. Affected products include WebAccess/SCADA, SaaS Composer, IoTSuite Growth/Starter, and IoT Edge across Windows and Linux Docker deployments. The vulnerability enables complete database compromise - attackers can read sensitive industrial control system data, modify configurations, or delete critical operational information. CVSS 7.2 reflects high impact across confidentiality, integrity, and availability, though exploitation requires administrative credentials (PR:H), significantly limiting attack surface compared to unauthenticated SQL injection vulnerabilities.
Authenticated low-privilege users can write arbitrary files to the BIG-IQ system filesystem via path traversal in an undisclosed iControl REST endpoint, enabling system compromise through configuration manipulation or code execution. F5 has released patches for supported versions. While requiring authentication (PR:L), the low complexity (AC:L) and network vector (AV:N) allow remote attackers with minimal access to achieve high integrity and availability impact through file overwrites of critical system or application files.
Heap-based buffer overflow in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS allows unauthenticated remote attackers to trigger a denial-of-service condition across all PAN-OS platforms (except Cloud NGFW and Prisma Access) and potentially achieve arbitrary code execution on PA-Series hardware appliances via specially crafted network traffic. The flaw is rated CVSS 7.2 with high attack complexity; no public exploit identified at time of analysis and EPSS is 0.07%, but the technical impact is rated total by SSVC.
Remote code execution and denial-of-service in Palo Alto Networks PAN-OS software stems from a buffer overflow in the IKEv2 processing path, allowing unauthenticated network attackers to either crash the firewall or run arbitrary code with elevated privileges. The flaw affects multiple PAN-OS branches (11.1.x, 11.2.x, and 12.1.x) while Panorama, Cloud NGFW, and Prisma Access remain unaffected. There is no public exploit identified at time of analysis, EPSS sits at a low 0.06% (19th percentile), and CISA SSVC currently lists exploitation as 'none'.
Authenticated remote code execution in CubeCart v6 prior to 6.7.3 allows an admin with documents-edit permission to embed raw PHP into the Invoice Editor template, which is later written to a predictable files/print.<md5>.php path that the bundled .htaccess explicitly exposes to unauthenticated visitors. SSVC rates technical impact as total and a POC exists, though EPSS remains very low (0.04%) and the issue is not on CISA KEV - no public exploit identified at time of analysis beyond researcher disclosure.
Authorization bypass in SiYuan note-taking platform versions up to and including v3.6.5 allows publish-mode Readers (anonymous visitors) and read-only Editors to invoke eight state-mutating APIs that are missing CheckAdminRole and CheckReadonly middleware. Attackers with only basic CheckAuth (including unauthenticated publish visitors) can rewrite the workspace conf.json, manipulate cloud sync intervals, overwrite graph configuration, poison the SQL block index, and tamper with the admin's recent-documents list. No public exploit identified at time of analysis, but a detailed PoC accompanies the advisory and EPSS sits at 0.04% (12th percentile).
Authenticated SQL injection in CubeCart v6.x prior to 6.6.0 allows administrative users to execute arbitrary SQL commands through unsanitized sorting parameters on Products and Logs endpoints. Per SSVC, a proof-of-concept exists but the vulnerability is not in CISA KEV, and EPSS scoring (0.03%) reflects very low predicted exploitation activity due to the high-privilege prerequisite.
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability.