Skip to main content
CVE-2026-20182 CRITICAL POC KEV THREAT NEWS Emergency

Remote unauthenticated attackers can bypass peering authentication in Cisco Catalyst SD-WAN Controller (vSmart) and SD-WAN Manager (vManage) to obtain administrative privileges and manipulate network configurations across the entire SD-WAN fabric. This critical authentication bypass (CVSS 10.0) allows direct NETCONF access as a high-privileged internal user without any credentials. Cisco released fixes in May 2026 following discovery of this second authentication flaw after a February 2026 disclosure of a related vulnerability. No active exploitation confirmed in CISA KEV at time of analysis, though the maximum CVSS score and authentication bypass nature make this a priority patching target for SD-WAN deployments.

Authentication Bypass Cisco Cisco Catalyst Sd Wan Manager
NVD VulDB GitHub
CVSS 3.1
10.0
EPSS
1.6%
Threat
5.0
CVE-2026-42897 MEDIUM POC KEV PATCH THREAT Exploited Act Now

Cross-site scripting (XSS) in Microsoft Exchange Server enables remote attackers to spoof content and steal credentials without authentication. Affects Exchange Server 2016 CU23, 2019 CU14/CU15, and Subscription Edition. Functional exploit code exists (CVSS temporal E:F) though no active exploitation confirmed at analysis time. CVSS 8.1 (High) driven by network vector, no authentication requirement, and dual confidentiality/integrity impact. Microsoft released patches via MSRC security update guide. Medium-high priority for organizations running affected Exchange versions with webmail or OWA exposed.

XSS Microsoft Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 14 Microsoft Exchange Server 2019 Cumulative Update 15 +1
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.2%
Threat
5.1
CVE-2026-8181 CRITICAL POC Act Now

Authentication bypass in the Burst Statistics WordPress plugin versions 3.4.0 through 3.4.1.1 allows unauthenticated remote attackers to impersonate any administrator whose username they know by supplying an arbitrary Basic Authentication password. The flaw resides in flawed return-value handling within the `is_mainwp_authenticated()` function used to validate application passwords from the Authorization header, enabling privilege escalation per request. No public exploit identified at time of analysis, and EPSS is low (0.26%), but the CVSS 9.8 score and SSVC 'total' technical impact mark it as a high-severity authentication bypass worth prioritizing.

Authentication Bypass Google Privilege Escalation WordPress
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-45369 HIGH POC PATCH GHSA This Week

Command injection in python-utcp allows remote attackers to execute arbitrary shell commands on Unix and Windows systems when user-controlled tool arguments are processed by the CLI communication protocol module. The _substitute_utcp_args method in cli_communication_protocol.py directly embeds unsanitized user input into bash or PowerShell commands without escaping, enabling full remote code execution. Vendor-released patch available in version 1.1.2 with shell-quoting mitigation (shlex.quote on Unix, single-quoted literals on Windows). CVSS 8.3 indicates high complexity and required user interaction, but scope change enables container/sandbox escape scenarios. No public exploit code or CISA KEV listing identified at time of analysis, though detailed proof-of-concept exists in the GitHub security advisory demonstrating data exfiltration via curl.

Python Microsoft Command Injection
NVD GitHub VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-45370 HIGH POC PATCH GHSA This Week

python-utcp CLI subprocess environment passes all process-level secrets to every tool call. When chained with CVE-2026-45369 command injection, remote authenticated attackers with low-privilege LLM tool access can exfiltrate AWS credentials, API keys, database URLs, and other environment variables in a single HTTP request. Patch available in version 1.1.2 (NVD references 1.1.3 as fixed version). GitHub security advisory confirms proof-of-concept demonstrating credential theft via env dump to attacker-controlled endpoint.

Python Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-1322 MEDIUM POC PATCH This Month

OAuth scope enforcement bypass in GitLab CE/EE allows an authenticated user holding a read_api-scoped OAuth token to perform unauthorized write operations - specifically creating issues and adding comments - in private projects. Affected are all GitLab Community and Enterprise Edition installations from version 16.0 up to the patched releases 18.9.7, 18.10.6, and 18.11.3. A publicly available proof-of-concept exists, and while EPSS probability is extremely low (0.01%, 1st percentile) with no CISA KEV listing, the integrity impact is rated High given the ability to inject content into private project issue trackers.

Information Disclosure Gitlab
NVD VulDB GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-6510 CRITICAL Act Now

Authentication bypass and privilege escalation in the InfusedWoo Pro WordPress plugin (versions through 5.1.2) lets unauthenticated remote attackers seize administrator accounts by abusing the iwar_save_recipe() AJAX handler. Because the endpoint lacks nonce verification and capability checks, attackers can plant a malicious automation recipe that chains an HTTP post trigger with an auto-login action, so visiting a crafted URL returns valid authentication cookies for any chosen user. Reported by Wordfence with a CVSS of 9.8; no public exploit identified at time of analysis, and EPSS sits at 0.19% (40th percentile) despite the SSVC assessment of total technical impact and automatable exploitation.

Authentication Bypass Privilege Escalation WordPress Infusedwoo Pro
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-6271 CRITICAL Act Now

Unauthenticated arbitrary file upload in the Career Section WordPress plugin (versions through 1.7) enables remote code execution by abusing the CV upload handler, which lacks file type validation. Any attacker who can reach the upload endpoint can drop executable PHP files and gain code execution on the underlying WordPress host. No public exploit identified at time of analysis, but the CVSS 9.8 rating combined with SSVC 'automatable: yes' indicates this is a strong candidate for opportunistic mass exploitation once tooling appears.

File Upload WordPress RCE Career Section
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2347 CRITICAL PATCH Act Now

Authorization bypass in Akilli Commerce E-Commerce Website before 4.5.001 allows remote unauthenticated attackers to hijack user sessions through user-controlled key manipulation. The vulnerability enables complete system compromise with high impact to confidentiality, integrity, and availability. Turkish national CERT (TR-CERT) published an advisory, indicating regional significance. No public exploit code or CISA KEV listing identified at time of analysis, but the CVSS 9.8 Critical rating and network-accessible, unauthenticated attack vector suggest this is highly exploitable if the platform is internet-facing.

Authentication Bypass E Commerce Website
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-11024 CRITICAL PATCH Act Now

Remote unauthenticated SQL injection in Akilli Commerce Software Technologies E-Commerce Website before version 4.5.001 allows complete database compromise without authentication. The vulnerability permits blind SQL injection attacks with network-level access and low complexity (CVSS:3.1 AV:N/AC:L/PR:N/UI:N), achieving full confidentiality, integrity, and availability impact (9.8 critical severity). TR-CERT (Turkish national CERT) published this advisory, indicating regional significance for Turkish e-commerce deployments. No public exploit identified at time of analysis, with EPSS risk data and CISA KEV status unavailable for initial assessment.

SQLi E Commerce Website
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-45288 CRITICAL PATCH GHSA Act Now

SQL injection in Marten's PostgreSQL full-text search APIs allows remote unauthenticated attackers to execute arbitrary database commands when applications pass user-controlled input to the regConfig parameter. The vulnerability affects all five search method overloads (SearchAsync, PlainTextSearchAsync, PhraseSearchAsync, WebStyleSearchAsync, PrefixSearchAsync) where the regConfig parameter is interpolated directly into SQL without validation. Confirmed exploit payloads demonstrate time-based blind extraction, information disclosure via SELECT statements, and DDL execution including table drops. Vendor-released patch available in Marten 8.37.0 via GitHub PR #4343. No public exploit identified at time of analysis, though the advisory includes working proof-of-concept payloads for all affected methods.

SQLi PostgreSQL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-41615 CRITICAL PATCH Exploit Unlikely Act Now

Microsoft Authenticator on Android and iOS leaks sensitive information to unauthenticated remote attackers through network-based exploitation requiring user interaction. The scope change (S:C) in the CVSS vector indicates the vulnerability can affect resources beyond the vulnerable component, suggesting potential cross-account or session data exposure. Microsoft has released a patch addressing this exposure. EPSS data not available, not listed in CISA KEV, indicating no confirmed widespread exploitation at time of analysis.

Microsoft Information Disclosure
NVD VulDB
CVSS 3.1
9.6
EPSS
0.1%
CVE-2026-8580 CRITICAL PATCH Act Now

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Google Denial Of Service Use After Free Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
9.6
EPSS
0.1%
CVE-2026-8511 CRITICAL PATCH Act Now

Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Google Denial Of Service Use After Free Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
9.6
EPSS
0.1%
CVE-2026-45311 CRITICAL PATCH GHSA Act Now

Remote code execution in DeepSeek-TUI versions 0.3.0 through 0.8.22 allows malicious repository owners to execute arbitrary code on developer workstations without user approval. The vulnerability chains two attack primitives: (1) the run_tests tool auto-executes cargo test with ApprovalRequirement::Auto, compiling and running arbitrary Rust code in test files, build scripts, and proc macros; (2) the AGENTS.md file is automatically loaded into the LLM system prompt and can inject instructions directing the model to invoke run_tests at session start. Publicly available exploit code exists demonstrating full attack chain from repository clone to remote code execution. Fixed in version 0.8.23 released 2025. CVSS 9.6 reflects network attack vector with scope change, though exploitation requires user interaction (opening the malicious repository).

Code Injection RCE
NVD GitHub
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-45374 CRITICAL PATCH GHSA Act Now

Remote code execution in DeepSeek-TUI (Rust CLI tool for AI-assisted development) allows unauthenticated attackers to execute arbitrary shell commands on developer workstations via prompt injection in project files. When a developer opens a malicious repository and creates any task using the task_create tool, spawned sub-agents inherit insecure defaults (allow_shell=true, auto_approve=true) that enable silent shell execution without user approval. The attack leverages project files like AGENTS.md to inject malicious instructions disguised as documentation standards, causing the AI agent to execute attacker-controlled commands. Publicly available exploit code exists (full PoC in advisory). CVSS 9.6 reflects scope change (C) and user interaction requirement (UI:R), indicating high severity conditional on social engineering. No EPSS or KEV data available; real-world risk depends on DeepSeek-TUI adoption in developer workflows.

Code Injection RCE
NVD GitHub
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-44482 CRITICAL PATCH Act Now

Remote code execution in soundcloud-rpc Electron app prior to 0.1.8 allows attackers to execute arbitrary commands on victim machines through maliciously crafted SoundCloud track metadata. When a user plays a SoundCloud track with HTML payload in its title, the application renders the metadata as raw HTML in privileged Electron views with Node.js integration enabled, leading to local command execution. User interaction is required (victim must play the malicious track), but no authentication is needed to upload crafted metadata to SoundCloud. Publicly disclosed via GitHub Security Advisory. EPSS data not available; no CISA KEV listing identified.

Node.js Information Disclosure
NVD GitHub
CVSS 3.1
9.6
EPSS
0.1%
CVE-2026-44789 CRITICAL PATCH NEWS GHSA Act Now

Prototype pollution leading to remote code execution in n8n workflow automation platform allows authenticated users with workflow create/modify permissions to corrupt the global Object prototype via an unvalidated pagination parameter in the HTTP Request node. Affecting n8n versions before 1.123.43, 2.20.7, and 2.22.1, the flaw chains with other techniques to escalate to full instance compromise. No public exploit identified at time of analysis, with EPSS at 0.05% (16th percentile) indicating low observed exploitation interest despite CVSS 4.0 9.4 critical rating.

Information Disclosure Prototype Pollution
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.0%
CVE-2026-44791 CRITICAL PATCH NEWS GHSA Act Now

Remote code execution in n8n workflow automation platform is possible via a prototype pollution patch bypass in the XML node, affecting versions prior to 1.123.43, 2.20.7, and 2.22.1. Authenticated users with workflow creation or modification permissions can bypass the prior fix for GHSA-hqr4-h3xv-9m3r and, by chaining the XML node with other nodes, achieve code execution on the n8n host. No public exploit identified at time of analysis, though EPSS is low (0.05%) suggesting limited near-term mass exploitation despite the high CVSS 4.0 score of 9.4.

Authentication Bypass Prototype Pollution
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.0%
CVE-2026-44790 CRITICAL PATCH NEWS GHSA Act Now

Argument injection in the n8n workflow automation platform's Git node allows authenticated users with workflow edit privileges to inject CLI flags into the Git Push operation, enabling arbitrary file read from the n8n server and potentially full host compromise. The flaw affects n8n versions prior to 1.123.43, 2.20.7, and 2.22.1, and is rated CVSS 9.4 (4.0) with no public exploit identified at time of analysis. EPSS is low at 0.04% (14th percentile), and the bug is classified under CWE-88 (Argument Injection).

Code Injection
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.0%
CVE-2026-44849 CRITICAL PATCH GHSA Act Now

Authorization bypass in Portainer's Docker Swarm proxy allows authenticated non-admin users with endpoint access to circumvent EndpointSecuritySettings restrictions configured by administrators. Affected versions include 2.33.0-2.33.7, 2.39.0-2.39.1, and 2.40.x, with fixes in 2.33.8, 2.39.2, and 2.41.0 respectively. No public exploit identified at time of analysis, but the GHSA-5fxq-qcf3-244w advisory provides detailed payload examples that effectively serve as a proof-of-concept blueprint enabling escape to root-equivalent access on Swarm manager hosts.

Authentication Bypass Docker
NVD GitHub
CVSS 4.0
9.4
EPSS
0.0%
CVE-2026-44848 CRITICAL PATCH GHSA Act Now

{name}/enable`) directly against the Docker daemon, installing malicious plugins that run as root with CAP_SYS_ADMIN and arbitrary host mounts. Vendor-confirmed exploitation requires only low-privilege authenticated access (CVSS:4.0 9.4, AV:N/AC:L/PR:L). Patches released across three supported branches (2.33.8-LTS, 2.39.2-LTS, 2.41.0). No public exploit code identified at time of analysis, but attack technique is straightforward given detailed vendor disclosure.

Authentication Bypass Docker
NVD GitHub
CVSS 4.0
9.4
EPSS
0.0%
CVE-2026-45058 CRITICAL GHSA Act Now

Code execution in Electerm (npm package, versions <= 3.8.8) allows attackers to achieve persistent local-pty code execution by tricking users into importing malicious bookmark JSON files or by compromising configured sync targets (Gist/WebDAV). The flaw stems from unsafe handling of bookmark fields (`exec*`) and global config entries, which are executed when a bookmark is opened or when sync is applied. No public exploit identified at time of analysis, and no vendor-released patch is identified at time of analysis.

Code Injection RCE
NVD GitHub
CVSS 4.0
9.4
EPSS
0.0%
CVE-2026-44592 CRITICAL Act Now

Unauthenticated remote attackers can register rogue workers in Gradient CI 1.1.0 when GRADIENT_DISCOVERABLE is enabled (default configuration), gaining access to all organizational jobs and the ability to inject malicious build artifacts into shared storage. The attacker sends a fresh worker UUID to /proto endpoint, obtaining PeerAuth::Open privileges that bypass organization isolation. Vendor-released patch: version 1.1.1. CVSS 9.4 Critical with network vector and no authentication required. No active exploitation confirmed (not in CISA KEV), but EPSS data unavailable for this 2026 CVE ID.

Authentication Bypass Gradient
NVD GitHub VulDB
CVSS 3.1
9.4
EPSS
0.0%
CVE-2026-41315 CRITICAL Act Now

Remote code execution in mdserver-web Linux panel versions 0.18.0 through 0.18.4 allows unauthenticated remote attackers to execute arbitrary system commands by exploiting unprotected scheduled task management endpoints. Attackers can modify built-in cron jobs via the /modify_crond interface and trigger execution through /start_task without any authentication, achieving complete system compromise. No public exploit code or active exploitation confirmed at time of analysis, though the attack complexity is rated low with network-based access vector.

Command Injection Mdserver Web
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.2%
CVE-2026-8634 CRITICAL PATCH GHSA Act Now

Crabbox versions before 0.12.0 leak local secrets through environment variable forwarding during remote command execution. When users run commands against malicious or compromised repositories, attackers exploit overly permissive environment variable allowlisting in repository-local configuration files to exfiltrate API tokens, cloud credentials, and broker tokens into the remote execution environment. The vendor released v0.12.0 on May 12, 2026 with fixes including `--allow-env` explicit allowlisting and `--env-from-profile` for safer secret forwarding. No public exploit identified at time of analysis, though the attack surface is straightforward for attackers controlling repository configuration.

Code Injection RCE Crabbox
NVD GitHub
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-44990 CRITICAL PATCH GHSA Act Now

The sanitize-html npm package allows remote attackers to bypass HTML sanitization and inject executable JavaScript by wrapping malicious payloads inside disallowed <xmp> tags, achieving stored cross-site scripting (XSS) in applications using default configurations. This affects all versions through 2.17.3, with no vendor-released patch identified at time of analysis. A publicly available proof-of-concept demonstrates the bypass, which leverages the library's special handling of raw-text elements. With a 9.3 CVSS score and network-based attack vector requiring only user interaction, this represents a critical risk for Node.js applications that render sanitized user content in browsers.

XSS Node.js
NVD GitHub
CVSS 3.1
9.3
EPSS
0.1%
CVE-2026-44666 CRITICAL PATCH Act Now

Remote code execution in HRConvert2 self-hosted file conversion server allows unauthenticated attackers to execute arbitrary commands via shell metacharacters in filenames. The sanitizeString() function in convertCore.php fails to filter backticks and tab characters before passing user input to shell_exec(), enabling command injection that executes in the web server context (www-data). According to the vendor, exploitation can achieve complete server takeover through two methods: backtick-based command injection or tab-based file dropping. Fixed in version 3.3.8 released May 2026. EPSS data unavailable; no confirmed active exploitation (not in CISA KEV), but the vendor confirms the vulnerability is exploitable and rates severity as critical.

PHP Command Injection
NVD GitHub
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-45397 MEDIUM POC PATCH GHSA This Month

Open WebUI's GET /api/v1/retrieval/ endpoint discloses RAG pipeline configuration including embedding models, chunking parameters, and RAG templates to unauthenticated attackers with a single HTTP request. The vulnerability affects v0.9.2 and earlier, where this endpoint lacks authentication guards present on all adjacent endpoints, enabling reconnaissance for RAG poisoning attacks and infrastructure fingerprinting without requiring credentials, authentication tokens, or user interaction.

Authentication Bypass Python Microsoft Information Disclosure
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-45353 CRITICAL PATCH GHSA Act Now

Local code execution in electerm 3.0.6 through 3.8.8 allows any same-user process to send a crafted JSON payload to electerm's single-instance IPC socket/pipe, causing the application to open tabs with attacker-controlled exec paths, arguments, environment variables, and post-connect scripts that spawn arbitrary local processes. No public exploit identified at time of analysis, but the GHSA advisory and patch commit confirm the vulnerability is real, scored CVSS 4.0 9.3 (Critical), and fixed in version 3.9.0 by filtering dangerous tab properties on the IPC boundary.

Code Injection RCE
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-27886 CRITICAL PATCH GHSA Act Now

Boolean-oracle information disclosure in Strapi Content API allows remote unauthenticated attackers to extract admin password-reset tokens and achieve full administrative account takeover. Strapi versions 4.0.0 through 5.36.1 fail to sanitize relational query parameters on public content-type endpoints. By crafting `where` filters that traverse into joined `admin_users` table columns (e.g., `where[updatedBy][resetPasswordToken][$startsWith]=a`), attackers perform character-by-character oracle attacks against private admin fields, then use the extracted reset token to hijack administrator accounts. WildWest CyberSecurity reports this critical vulnerability with CVSS 9.3, affecting all Strapi deployments with public content-types containing admin-relation fields (`updatedBy`, `createdBy`, `publishedBy`). Vendor-released patch available in version 5.37.0. No active exploitation or public POC identified at time of analysis.

Oracle Path Traversal
NVD GitHub VulDB
CVSS 4.0
9.2
EPSS
0.1%
CVE-2026-6512 CRITICAL Act Now

Unauthenticated attackers can permanently delete arbitrary WordPress content (posts, pages, WooCommerce products/orders) and manipulate post statuses in InfusedWoo Pro plugin versions up to 5.1.2 due to missing authorization checks. The CVSS 9.1 (Critical) score reflects network-accessible attack with no complexity barriers, though the Availability impact rating (A:N) appears inconsistent with the ability to mass-delete content. EPSS data unavailable; no CISA KEV listing or public exploit confirmed at time of analysis, but the WordPress ecosystem's large attack surface and clear Wordfence advisory make this a priority patching target for WooCommerce sites.

Authentication Bypass WordPress
NVD VulDB
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-43644 MEDIUM POC PATCH This Month

Reflected cross-site scripting in podinfo through 6.11.2 allows remote unauthenticated attackers to execute arbitrary JavaScript in the context of a victim's browser session by crafting HTML pages with auto-submitting forms that deliver script payloads to the /echo or /api/echo endpoints. The vulnerability exists because the echoHandler writes request body content directly to the response without setting explicit Content-Type or X-Content-Type-Options headers, causing Go's content type detection to default to text/html. Publicly available exploit code confirms the vulnerability is exploitable, though CISA KEV status is not confirmed at the time of analysis.

XSS Podinfo
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-42457 CRITICAL PATCH Act Now

Stored Cross-Site Scripting (XSS) in vCluster Platform allows authenticated attackers with namespace creation privileges to inject malicious scripts via the templateRef name field, potentially escalating to Global-Admin access. The vulnerability affects versions prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0. With a CVSS score of 9.0 and changed scope (S:C), this represents a critical privilege escalation path in Kubernetes multi-tenancy environments. No active exploitation confirmed by CISA KEV at time of analysis, but the low attack complexity (AC:L) and clear attack path make this an immediate patching priority for organizations running vCluster Platform.

Kubernetes XSS
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.0%
CVE-2026-44792 HIGH PATCH GHSA This Week

SQL injection in n8n workflow automation platform allows an attacker with write access to a connected git repository to execute arbitrary SQL against the internal PostgreSQL database when an administrator performs a Source Control Pull. The flaw stems from unsafe handling of column names within Data Table JSON files imported during sync. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.04%.

PostgreSQL SQLi
NVD GitHub VulDB
CVSS 4.0
8.9
EPSS
0.0%
CVE-2026-44827 HIGH PATCH GHSA This Week

Remote code execution in HuggingFace Diffusers library (versions < 0.38.0) allows attackers to execute arbitrary Python code when victims load malicious pipelines from Hugging Face Hub repositories. The vulnerability bypasses the trust_remote_code=True safeguard through a type coercion flaw where None values are interpolated as 'None.py' filenames. Attackers can achieve silent code execution by publishing repositories containing a malicious None.py file alongside legitimate-looking configuration, requiring only that victims call DiffusionPipeline.from_pretrained() on the attacker's repository. EPSS data not available; no public exploit identified at time of analysis. Vendor-released patch: version 0.38.0.

Python Code Injection RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8540 HIGH PATCH This Week

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Memory Corruption Google RCE Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8581 HIGH PATCH This Week

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8577 HIGH PATCH This Week

Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

RCE Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8555 HIGH PATCH This Week

Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free Memory Corruption RCE +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8551 HIGH PATCH This Week

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8549 HIGH PATCH This Week

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8544 HIGH PATCH This Week

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8532 HIGH PATCH This Week

Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

RCE Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8522 HIGH PATCH This Week

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8518 HIGH PATCH This Week

Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8527 HIGH PATCH This Week

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

RCE Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8517 HIGH PATCH This Week

Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

RCE Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8529 HIGH PATCH This Week

Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: High)

Heap Overflow Google RCE Buffer Overflow Red Hat +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8526 HIGH PATCH This Week

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow RCE Red Hat +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
Page 1 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy