Remote unauthenticated attackers can bypass peering authentication in Cisco Catalyst SD-WAN Controller (vSmart) and SD-WAN Manager (vManage) to obtain administrative privileges and manipulate network configurations across the entire SD-WAN fabric. This critical authentication bypass (CVSS 10.0) allows direct NETCONF access as a high-privileged internal user without any credentials. Cisco released fixes in May 2026 following discovery of this second authentication flaw after a February 2026 disclosure of a related vulnerability. No active exploitation confirmed in CISA KEV at time of analysis, though the maximum CVSS score and authentication bypass nature make this a priority patching target for SD-WAN deployments.
Authentication bypass in the Burst Statistics WordPress plugin versions 3.4.0 through 3.4.1.1 allows unauthenticated remote attackers to impersonate any administrator whose username they know by supplying an arbitrary Basic Authentication password. The flaw resides in flawed return-value handling within the `is_mainwp_authenticated()` function used to validate application passwords from the Authorization header, enabling privilege escalation per request. No public exploit identified at time of analysis, and EPSS is low (0.26%), but the CVSS 9.8 score and SSVC 'total' technical impact mark it as a high-severity authentication bypass worth prioritizing.
Authentication bypass and privilege escalation in the InfusedWoo Pro WordPress plugin (versions through 5.1.2) lets unauthenticated remote attackers seize administrator accounts by abusing the iwar_save_recipe() AJAX handler. Because the endpoint lacks nonce verification and capability checks, attackers can plant a malicious automation recipe that chains an HTTP post trigger with an auto-login action, so visiting a crafted URL returns valid authentication cookies for any chosen user. Reported by Wordfence with a CVSS of 9.8; no public exploit identified at time of analysis, and EPSS sits at 0.19% (40th percentile) despite the SSVC assessment of total technical impact and automatable exploitation.
Unauthenticated arbitrary file upload in the Career Section WordPress plugin (versions through 1.7) enables remote code execution by abusing the CV upload handler, which lacks file type validation. Any attacker who can reach the upload endpoint can drop executable PHP files and gain code execution on the underlying WordPress host. No public exploit identified at time of analysis, but the CVSS 9.8 rating combined with SSVC 'automatable: yes' indicates this is a strong candidate for opportunistic mass exploitation once tooling appears.
Authorization bypass in Akilli Commerce E-Commerce Website before 4.5.001 allows remote unauthenticated attackers to hijack user sessions through user-controlled key manipulation. The vulnerability enables complete system compromise with high impact to confidentiality, integrity, and availability. Turkish national CERT (TR-CERT) published an advisory, indicating regional significance. No public exploit code or CISA KEV listing identified at time of analysis, but the CVSS 9.8 Critical rating and network-accessible, unauthenticated attack vector suggest this is highly exploitable if the platform is internet-facing.
Remote unauthenticated SQL injection in Akilli Commerce Software Technologies E-Commerce Website before version 4.5.001 allows complete database compromise without authentication. The vulnerability permits blind SQL injection attacks with network-level access and low complexity (CVSS:3.1 AV:N/AC:L/PR:N/UI:N), achieving full confidentiality, integrity, and availability impact (9.8 critical severity). TR-CERT (Turkish national CERT) published this advisory, indicating regional significance for Turkish e-commerce deployments. No public exploit identified at time of analysis, with EPSS risk data and CISA KEV status unavailable for initial assessment.
SQL injection in Marten's PostgreSQL full-text search APIs allows remote unauthenticated attackers to execute arbitrary database commands when applications pass user-controlled input to the regConfig parameter. The vulnerability affects all five search method overloads (SearchAsync, PlainTextSearchAsync, PhraseSearchAsync, WebStyleSearchAsync, PrefixSearchAsync) where the regConfig parameter is interpolated directly into SQL without validation. Confirmed exploit payloads demonstrate time-based blind extraction, information disclosure via SELECT statements, and DDL execution including table drops. Vendor-released patch available in Marten 8.37.0 via GitHub PR #4343. No public exploit identified at time of analysis, though the advisory includes working proof-of-concept payloads for all affected methods.
Microsoft Authenticator on Android and iOS leaks sensitive information to unauthenticated remote attackers through network-based exploitation requiring user interaction. The scope change (S:C) in the CVSS vector indicates the vulnerability can affect resources beyond the vulnerable component, suggesting potential cross-account or session data exposure. Microsoft has released a patch addressing this exposure. EPSS data not available, not listed in CISA KEV, indicating no confirmed widespread exploitation at time of analysis.
Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Remote code execution in DeepSeek-TUI versions 0.3.0 through 0.8.22 allows malicious repository owners to execute arbitrary code on developer workstations without user approval. The vulnerability chains two attack primitives: (1) the run_tests tool auto-executes cargo test with ApprovalRequirement::Auto, compiling and running arbitrary Rust code in test files, build scripts, and proc macros; (2) the AGENTS.md file is automatically loaded into the LLM system prompt and can inject instructions directing the model to invoke run_tests at session start. Publicly available exploit code exists demonstrating full attack chain from repository clone to remote code execution. Fixed in version 0.8.23 released 2025. CVSS 9.6 reflects network attack vector with scope change, though exploitation requires user interaction (opening the malicious repository).
Remote code execution in DeepSeek-TUI (Rust CLI tool for AI-assisted development) allows unauthenticated attackers to execute arbitrary shell commands on developer workstations via prompt injection in project files. When a developer opens a malicious repository and creates any task using the task_create tool, spawned sub-agents inherit insecure defaults (allow_shell=true, auto_approve=true) that enable silent shell execution without user approval. The attack leverages project files like AGENTS.md to inject malicious instructions disguised as documentation standards, causing the AI agent to execute attacker-controlled commands. Publicly available exploit code exists (full PoC in advisory). CVSS 9.6 reflects scope change (C) and user interaction requirement (UI:R), indicating high severity conditional on social engineering. No EPSS or KEV data available; real-world risk depends on DeepSeek-TUI adoption in developer workflows.
Remote code execution in soundcloud-rpc Electron app prior to 0.1.8 allows attackers to execute arbitrary commands on victim machines through maliciously crafted SoundCloud track metadata. When a user plays a SoundCloud track with HTML payload in its title, the application renders the metadata as raw HTML in privileged Electron views with Node.js integration enabled, leading to local command execution. User interaction is required (victim must play the malicious track), but no authentication is needed to upload crafted metadata to SoundCloud. Publicly disclosed via GitHub Security Advisory. EPSS data not available; no CISA KEV listing identified.
Prototype pollution leading to remote code execution in n8n workflow automation platform allows authenticated users with workflow create/modify permissions to corrupt the global Object prototype via an unvalidated pagination parameter in the HTTP Request node. Affecting n8n versions before 1.123.43, 2.20.7, and 2.22.1, the flaw chains with other techniques to escalate to full instance compromise. No public exploit identified at time of analysis, with EPSS at 0.05% (16th percentile) indicating low observed exploitation interest despite CVSS 4.0 9.4 critical rating.
Remote code execution in n8n workflow automation platform is possible via a prototype pollution patch bypass in the XML node, affecting versions prior to 1.123.43, 2.20.7, and 2.22.1. Authenticated users with workflow creation or modification permissions can bypass the prior fix for GHSA-hqr4-h3xv-9m3r and, by chaining the XML node with other nodes, achieve code execution on the n8n host. No public exploit identified at time of analysis, though EPSS is low (0.05%) suggesting limited near-term mass exploitation despite the high CVSS 4.0 score of 9.4.
Argument injection in the n8n workflow automation platform's Git node allows authenticated users with workflow edit privileges to inject CLI flags into the Git Push operation, enabling arbitrary file read from the n8n server and potentially full host compromise. The flaw affects n8n versions prior to 1.123.43, 2.20.7, and 2.22.1, and is rated CVSS 9.4 (4.0) with no public exploit identified at time of analysis. EPSS is low at 0.04% (14th percentile), and the bug is classified under CWE-88 (Argument Injection).
Authorization bypass in Portainer's Docker Swarm proxy allows authenticated non-admin users with endpoint access to circumvent EndpointSecuritySettings restrictions configured by administrators. Affected versions include 2.33.0-2.33.7, 2.39.0-2.39.1, and 2.40.x, with fixes in 2.33.8, 2.39.2, and 2.41.0 respectively. No public exploit identified at time of analysis, but the GHSA-5fxq-qcf3-244w advisory provides detailed payload examples that effectively serve as a proof-of-concept blueprint enabling escape to root-equivalent access on Swarm manager hosts.
{name}/enable`) directly against the Docker daemon, installing malicious plugins that run as root with CAP_SYS_ADMIN and arbitrary host mounts. Vendor-confirmed exploitation requires only low-privilege authenticated access (CVSS:4.0 9.4, AV:N/AC:L/PR:L). Patches released across three supported branches (2.33.8-LTS, 2.39.2-LTS, 2.41.0). No public exploit code identified at time of analysis, but attack technique is straightforward given detailed vendor disclosure.
Code execution in Electerm (npm package, versions <= 3.8.8) allows attackers to achieve persistent local-pty code execution by tricking users into importing malicious bookmark JSON files or by compromising configured sync targets (Gist/WebDAV). The flaw stems from unsafe handling of bookmark fields (`exec*`) and global config entries, which are executed when a bookmark is opened or when sync is applied. No public exploit identified at time of analysis, and no vendor-released patch is identified at time of analysis.
Unauthenticated remote attackers can register rogue workers in Gradient CI 1.1.0 when GRADIENT_DISCOVERABLE is enabled (default configuration), gaining access to all organizational jobs and the ability to inject malicious build artifacts into shared storage. The attacker sends a fresh worker UUID to /proto endpoint, obtaining PeerAuth::Open privileges that bypass organization isolation. Vendor-released patch: version 1.1.1. CVSS 9.4 Critical with network vector and no authentication required. No active exploitation confirmed (not in CISA KEV), but EPSS data unavailable for this 2026 CVE ID.
Remote code execution in mdserver-web Linux panel versions 0.18.0 through 0.18.4 allows unauthenticated remote attackers to execute arbitrary system commands by exploiting unprotected scheduled task management endpoints. Attackers can modify built-in cron jobs via the /modify_crond interface and trigger execution through /start_task without any authentication, achieving complete system compromise. No public exploit code or active exploitation confirmed at time of analysis, though the attack complexity is rated low with network-based access vector.
Crabbox versions before 0.12.0 leak local secrets through environment variable forwarding during remote command execution. When users run commands against malicious or compromised repositories, attackers exploit overly permissive environment variable allowlisting in repository-local configuration files to exfiltrate API tokens, cloud credentials, and broker tokens into the remote execution environment. The vendor released v0.12.0 on May 12, 2026 with fixes including `--allow-env` explicit allowlisting and `--env-from-profile` for safer secret forwarding. No public exploit identified at time of analysis, though the attack surface is straightforward for attackers controlling repository configuration.
The sanitize-html npm package allows remote attackers to bypass HTML sanitization and inject executable JavaScript by wrapping malicious payloads inside disallowed <xmp> tags, achieving stored cross-site scripting (XSS) in applications using default configurations. This affects all versions through 2.17.3, with no vendor-released patch identified at time of analysis. A publicly available proof-of-concept demonstrates the bypass, which leverages the library's special handling of raw-text elements. With a 9.3 CVSS score and network-based attack vector requiring only user interaction, this represents a critical risk for Node.js applications that render sanitized user content in browsers.
Remote code execution in HRConvert2 self-hosted file conversion server allows unauthenticated attackers to execute arbitrary commands via shell metacharacters in filenames. The sanitizeString() function in convertCore.php fails to filter backticks and tab characters before passing user input to shell_exec(), enabling command injection that executes in the web server context (www-data). According to the vendor, exploitation can achieve complete server takeover through two methods: backtick-based command injection or tab-based file dropping. Fixed in version 3.3.8 released May 2026. EPSS data unavailable; no confirmed active exploitation (not in CISA KEV), but the vendor confirms the vulnerability is exploitable and rates severity as critical.
Local code execution in electerm 3.0.6 through 3.8.8 allows any same-user process to send a crafted JSON payload to electerm's single-instance IPC socket/pipe, causing the application to open tabs with attacker-controlled exec paths, arguments, environment variables, and post-connect scripts that spawn arbitrary local processes. No public exploit identified at time of analysis, but the GHSA advisory and patch commit confirm the vulnerability is real, scored CVSS 4.0 9.3 (Critical), and fixed in version 3.9.0 by filtering dangerous tab properties on the IPC boundary.
Boolean-oracle information disclosure in Strapi Content API allows remote unauthenticated attackers to extract admin password-reset tokens and achieve full administrative account takeover. Strapi versions 4.0.0 through 5.36.1 fail to sanitize relational query parameters on public content-type endpoints. By crafting `where` filters that traverse into joined `admin_users` table columns (e.g., `where[updatedBy][resetPasswordToken][$startsWith]=a`), attackers perform character-by-character oracle attacks against private admin fields, then use the extracted reset token to hijack administrator accounts. WildWest CyberSecurity reports this critical vulnerability with CVSS 9.3, affecting all Strapi deployments with public content-types containing admin-relation fields (`updatedBy`, `createdBy`, `publishedBy`). Vendor-released patch available in version 5.37.0. No active exploitation or public POC identified at time of analysis.
Unauthenticated attackers can permanently delete arbitrary WordPress content (posts, pages, WooCommerce products/orders) and manipulate post statuses in InfusedWoo Pro plugin versions up to 5.1.2 due to missing authorization checks. The CVSS 9.1 (Critical) score reflects network-accessible attack with no complexity barriers, though the Availability impact rating (A:N) appears inconsistent with the ability to mass-delete content. EPSS data unavailable; no CISA KEV listing or public exploit confirmed at time of analysis, but the WordPress ecosystem's large attack surface and clear Wordfence advisory make this a priority patching target for WooCommerce sites.
Stored Cross-Site Scripting (XSS) in vCluster Platform allows authenticated attackers with namespace creation privileges to inject malicious scripts via the templateRef name field, potentially escalating to Global-Admin access. The vulnerability affects versions prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0. With a CVSS score of 9.0 and changed scope (S:C), this represents a critical privilege escalation path in Kubernetes multi-tenancy environments. No active exploitation confirmed by CISA KEV at time of analysis, but the low attack complexity (AC:L) and clear attack path make this an immediate patching priority for organizations running vCluster Platform.