Remote denial-of-service in OpenTelemetry eBPF Instrumentation (go.opentelemetry.io/obi) versions v0.1.0 through v0.8.0 allows unauthenticated attackers to crash the telemetry agent by sending malformed MongoDB wire protocol messages. The MongoDB TCP parser contains three uncaught panic conditions (two slice-bounds errors in parseOpMessage/parseSections, and an unchecked BSON type assertion in parseFirstField) that terminate telemetry collection for the affected process or node. Publicly available exploit code exists in the form of self-contained Go test reproductions published in the GHSA advisory.
Denial of service in OpenTelemetry eBPF Instrumentation (OBI) versions prior to 0.9.0 allows remote attackers to crash the telemetry agent by sending a malformed Postgres BIND frame with an empty or unterminated portal name payload to any monitored service. The defect lives in OBI's passive Postgres protocol parser, where missing NUL-terminator validation causes a Go slice-bounds panic, halting telemetry collection on the affected node. Publicly available exploit code exists in the GHSA-pgvv-q3wf-mm9m advisory, though the issue is not listed in CISA KEV and EPSS data was not provided.
Remote denial-of-service in OpenTelemetry eBPF Instrumentation (OBI) versions 0.7.0 through 0.8.x allows unauthenticated attackers to crash the privileged instrumentation process by sending a crafted memcached storage command with an oversized `<bytes>` field. The integer overflow in the memcached text protocol parser produces a negative payload length that triggers a Go runtime panic in LargeBufferReader.Peek, halting telemetry collection until OBI is restarted. Publicly available exploit code exists in the GHSA-43g7-cwr8-q3jh advisory, but there is no public exploit identified beyond the PoC and the vulnerability is not listed in CISA KEV.
Unauthenticated path traversal in HSC MailInspector 5.3.3-7 allows remote attackers to read arbitrary files from the underlying operating system by manipulating the 'text' parameter of the /tap/dw.php endpoint. Public exploit details are disclosed on GitHub (sql3t0/cve-disclosures), though EPSS probability remains low (0.05%) and the issue is not currently listed in CISA KEV. The flaw enables disclosure of sensitive system files such as configuration files, credentials, and mail-related data without prior authentication.
Arbitrary file disclosure in HSC MailInspector v5.3.3-7 allows unauthenticated remote attackers to read sensitive files from the host via a path traversal flaw in the exposed /vendor/phpunit/phpunit.php endpoint. The CVSS 7.5 rating reflects high confidentiality impact with no required privileges or user interaction, though EPSS remains very low at 0.05% (15th percentile) and there is no public exploit identified at time of analysis. The exposure of a PHPUnit development artifact in a production path mirrors a long-standing class of PHP supply-chain misconfigurations.
Heap-based buffer over-write in ImageMagick's IPL decoder (exposed through Magick.NET bindings) can be triggered when the library reads a multi-image stream whose frames have differing dimensions, leading to memory corruption and process crash. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/C:N/I:N/A:H) signals an availability-only impact reachable without authentication, and no public exploit identified at time of analysis. Risk is amplified by how widely ImageMagick is embedded in image-processing pipelines that accept untrusted user uploads.
{1..10000000}` allocates roughly 505 MB and burns ~800 ms even when `max=10`, defeating the intended DoS protection. No public exploit identified at time of analysis and EPSS is very low (0.03%), but a vendor-released patch (5.0.6) and a GitHub Security Advisory (GHSA-jxxr-4gwj-5jf2) are available.
Regular expression denial-of-service (ReDoS) in HAPI FHIR's FHIRPathEngine allows remote unauthenticated attackers to exhaust CPU resources by submitting FHIR resources containing crafted FHIRPath expressions that invoke matches(), matchesFull(), or replaceMatches() with catastrophically backtracking regex patterns. Affected versions are org.hl7.fhir.* Maven artifacts at or below 6.9.6, with publicly available exploit code exists via the GitHub Security Advisory PoC (pattern (a+)+$ against a long string). CVSS 7.5 reflects high availability impact with no confidentiality or integrity loss; no public exploit identified in the wild and no CISA KEV listing.
Local file disclosure in NiceGUI versions <= 3.11.1 allows remote unauthenticated attackers to read arbitrary files accessible to the server process when applications pass user-controlled content to ui.restructured_text(). The flaw stems from Docutils being invoked without disabling file-insertion directives (include, csv-table :file:, raw :file:), enabling exfiltration of secrets, credentials, and source code. No public exploit identified at time of analysis, but the vendor advisory provides full directive-level proof patterns.
An issue in prestashop upsshipping all versions through at least 2.4.0 allows a remote attacker to obtain sensitive information via the /modules/upsshipping/logs/, and /modules/upsshipping/lib/UPSBaseApi.php components
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x02 (Identifier Rejected) but fails to explicitly close the TCP connection. Since the surrounding connection teardown logic is not guaranteed to execute, each such invalid CONNECT attempt leaves the underlying socket open. Repeated attempts cause server-side resource exhaustion due to accumulating file descriptors and memory usage, potentially resulting in denial of service.
Sensitive cookie disclosure in async-http-client (AHC) Java library allows remote attackers to harvest session cookies, CSRF tokens, and API keys by inducing an HTTP redirect across an origin or scheme-downgrade boundary. The Redirect30xInterceptor correctly strips Authorization and Proxy-Authorization headers when crossing security boundaries but fails to strip the Cookie header, leaking it to the redirect target. A proof-of-concept is published in the GHSA advisory; no public exploit identified at time of analysis in the wild and the issue is not in CISA KEV.
Remote code execution in Offline Hospital Management System 5.3.0 stems from an insecure Electron renderer configuration where Node.js integration is enabled while context isolation is disabled, allowing JavaScript in the renderer to invoke Node.js APIs and run arbitrary OS commands. The flaw carries a CVSS 7.3 with network attack vector and no privileges required, though EPSS is low at 0.06% and no public exploit identified at time of analysis beyond a Medium write-up describing the technique.
Local privilege code execution in jarrodwatts/claude-hud through version 0.0.12 on Windows allows authenticated local users to run arbitrary executables by setting the COMSPEC environment variable before the tool's version check, where execFile() launches whatever binary COMSPEC points to with cmd.exe-style arguments. The flaw is tracked as CWE-427 (Uncontrolled Search Path Element) and was reported by VulnCheck; no public exploit identified at time of analysis, but the upstream commit 234d9aa makes the fix mechanics straightforward to reverse-engineer.
Metric injection in the Perl module Net::Statsd::Lite through version 0.10.0 allows remote attackers to inject arbitrary StatsD metrics by smuggling control characters (CRLF) into metric names or values that the library forwards without sanitization. The flaw was disclosed on the oss-security mailing list on 2026-05-18 by maintainer Robert Rothenberg, and no public exploit identified at time of analysis; EPSS is very low (0.03%, 8th percentile), reflecting limited mass-exploitation interest in a niche telemetry library.
Server-Side Request Forgery in the Spring AI Community mcp-security framework (org.springaicommunity:mcp-client-security versions before 0.1.9) allows remote attackers to coerce the MCP client into issuing HTTP requests to attacker-chosen URLs, including internal network targets. The flaw resides in the OAuth2 Dynamic Client Registration (DCR) flow, which fetches metadata and authorization-server URLs without validating them against SSRF protections required by the MCP security specification. No public exploit identified at time of analysis, but a vendor-confirmed patch is available in version 0.1.9.
Symlink-based race condition in Docker Engine's `docker cp` implementation allows a malicious container with at least one volume mount to redirect a bind mount to an arbitrary host filesystem path, enabling host file overwrite or temporary denial of service. The flaw affects Moby/Docker through 28.5.2 and is fixed only in the Moby v2 line (2.0.0-beta.14); no public exploit identified at time of analysis. Exploitation requires an operator-initiated `docker cp` or archive API call against the malicious container, which constrains real-world abuse to environments where untrusted containers receive file copies.
{id}/archive` or `docker cp -`. The daemon resolves the decompression binary (e.g., `unpigz`, `xz`) from the container's filesystem rather than the host's, so a trojanized binary baked into the image runs with daemon privileges. No public exploit identified at time of analysis, and the issue is not in the CISA KEV catalog.
Path traversal in steipete/summarize prior to 0.15.1 lets authenticated callers of the /v1/summarize daemon endpoint write slide_*.png and slides.json files to arbitrary directories by supplying an absolute path or traversal sequences in the slidesDir parameter, and subsequently delete matching files via repeat extraction. The flaw, reported by VulnCheck and patched in v0.15.2, enables file write and limited destructive impact across the filesystem; no public exploit identified at time of analysis.
{session_id}/assign-user endpoint. An attacker who can guess or otherwise learn a target session_id can reassign that session to themselves, read its conversation contents, and lock the legitimate owner out. No public exploit identified at time of analysis, and the issue is fixed in 0.6.51 per the upstream GHSA-q58p-v9r9-7gqj advisory.
Denial of service in MongoDB Server 7.0, 8.0, and 8.2 allows authenticated remote attackers to crash the database by inserting documents that trigger updates to a maliciously created '2dsphere_bucket' or 'queryable_encrypted_range' index on a non-timeseries bucket collection. The flaw stems from a reachable assertion (CWE-617) and is reported by MongoDB itself with a vendor patch available; no public exploit identified at time of analysis.
Denial of service in M-Files Server versions prior to 26.5.16015.0, 26.2 LTS, and 25.8 LTS SR3 allows an authenticated remote attacker to crash the MFserver process, disrupting document management services for all connected users. The flaw is reachable over the network with low privileges and no user interaction, but has no impact on confidentiality or integrity. No public exploit identified at time of analysis, and the issue is not present in CISA KEV.
Authenticated arbitrary file read in WWBN/AVideo's view/update.php exposes any text file readable by the web-server process to admin-level users via path traversal. The $_POST['updateFile'] parameter is concatenated directly into a filesystem path under updatedb/ without sanitization, allowing an authenticated administrator to supply sequences like '../../../../etc/passwd' and have PHP's file() function return the contents line-by-line in the migration-runner HTML response. A proof-of-concept exploit is publicly documented in GitHub Security Advisory GHSA-3mjv-375j-6h92; no patched release has been issued for any version through 29.0 as of analysis time, and no public exploit identified at time of analysis as actively exploited by CISA KEV.
Authentication bypass in Neotoma (npm package for Node.js data exploration) versions 0.6.0 through 0.11.0 allows unauthenticated remote attackers to access production Inspector UI and API endpoints when deployed behind reverse proxies. The vulnerability stems from CWE-288 authentication logic flaw where the REST middleware incorrectly treats reverse-proxied public requests as local development traffic when received over loopback sockets without Bearer tokens, granting unauthorized local-user privileges. Fixed in version 0.11.1 released April 2025, which implements X-Forwarded-For validation and fails closed in production environments. No public exploit code identified at time of analysis, though exploitation is straightforward for attackers who identify affected deployments.
Weak cryptographic algorithm usage in Sulu CMS exposes password reset tokens and API keys to prediction or brute-force attacks, potentially enabling unauthorized account takeover or API access. The flaw resides in the SecurityBundle's User.php and ResettingController.php, affecting all Sulu 2.x releases up to 2.6.22 and all 3.x releases from the first alpha through 3.0.5. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV, but the cryptographic weakness (CWE-327) is structurally exploitable by a motivated attacker with network access to the application.
Insecure file permission assignment in the @steipete/summarize CLI tool exposes configuration files containing API keys and provider credentials to other local users on shared Unix-like systems. All versions prior to 0.15.1 (CPE: cpe:2.3:a:steipete:summarize) are affected via a specific code path - the refresh-free configuration rewrite - that creates replacement config files using the process default umask rather than preserving original file permissions. No public exploit code exists and this is not listed in the CISA KEV catalog; however, the high-confidentiality CVSS signal (C:H) reflects the real sensitivity of what is exposed (API keys, provider credentials) when Summarize is used on multi-user Unix environments.
Improper SSL/TLS certificate validation in Dell Live Optics Windows and Personal Edition collectors allows remote attackers to intercept and modify data transmitted by the collector. The vulnerability requires network positioning (man-in-the-middle) and user interaction, making exploitation moderately complex but enabling complete compromise of data confidentiality and integrity for collector communications. Dell has released patches in version 27.1.10.1 to address the certificate validation flaw.
Mattermost Desktop App can be repeatedly crashed by malicious server administrators through JavaScript URL injection in pop-up windows. Attackers controlling a Mattermost server can force connected desktop clients to become unusable by exploiting improper URL validation, requiring user interaction (connecting to the malicious server). No public exploit code identified at time of analysis, though the attack method is trivial to implement given the disclosed details.
An attacker in a privileged network position may be able to leak sensitive information. A path handling issue was addressed with improved validation. This issue is fixed in PCC Release 5E290.3.
Stored XSS in BigBlueButton's bbb-playback recording component (versions prior to 3.0.19) allowed authenticated meeting participants to inject malicious scripts via public chat that execute silently against any user who later views the session recording in presentation format. The React component rendered chat messages via dangerouslySetInnerHTML without sanitization, meaning UI:N - no victim interaction beyond loading the recording URL was required to trigger execution. No public exploit identified at time of analysis; not listed in CISA KEV.
Incomplete telemetry sanitization in n8n-mcp (all versions before 2.51.3) caused the WorkflowSanitizer to transmit partial URL paths and query strings - including customer IDs, tenant identifiers, signed-request parameters, and short tokens below the 20-character generic-token threshold - to the project's anonymous Supabase-hosted telemetry backend. Any operator with read access to the telemetry_workflows or workflow_mutations Supabase tables could retrieve these fragments from workflow definitions, contrary to the privacy guarantees documented in PRIVACY.md. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog; however, the CVSS confidentiality impact is rated High (C:H), reflecting the potential sensitivity of the leaked parameters.
{option}` or `/gitlab webhook {option}`, resulting in availability impact (A:H) to the Gitlab plugin infrastructure. CVSS 6.5 reflects moderate risk, with EPSS data and active exploitation status not available at time of analysis.
OpenTelemetry eBPF Instrumentation (OBI) versions prior to 0.9.0 forwards raw Redis error replies verbatim into OTLP span status messages, enabling both information disclosure and telemetry injection against any deployment tracing Redis traffic. The `getRedisError` function in `pkg/ebpf/common/redis_detect_transform.go` applies only CRLF trimming before storing error text directly into `request.DBError.Description`, which `span.go` then exports as the span status message for every non-zero-status Redis span. A publicly available proof-of-concept demonstrates that caller-supplied values embedded in Redis error replies - including authentication credentials, tokens, and PII - are automatically propagated into OTLP collectors, dashboards, and log aggregators without requiring any special attacker position beyond the ability to trigger Redis errors. No public exploit identified at time of analysis beyond the included PoC; not in CISA KEV.
CouchDB reduce injection in Budibase's V1 Views API (POST /api/views) allows authenticated Builder-role users to embed arbitrary JavaScript into CouchDB design document reduce functions via the unsanitized `calculation` parameter, resulting in code execution within CouchDB's SpiderMonkey sandbox on every subsequent view query. Affected versions are all releases of @budibase/server prior to 3.38.1, confirmed by GHSA-363w-hvwh-w7m6. No public exploit has been identified at time of analysis, and no CISA KEV listing exists, though the advisory includes detailed reproduction steps that substantially lower the exploitation barrier for users who already hold Builder privileges.
Destructive file operations in the CI4MS Fileeditor module (composer/ci4-cms-erp/ci4ms ≤ v0.31.8.0) allow an authenticated backend user to delete or rename arbitrary framework files - including the front controller, routing config, and authentication filter pipeline - producing a persistent denial of service that requires filesystem-level redeployment to recover. The root cause is an inconsistent application of the existing extension allowlist: while saveFile and createFile correctly gate writes through allowedFileTypes(), the deleteFileOrFolder and renameFile endpoints apply no such check to the source path, meaning any file inside ROOTPATH not named in the narrow $hiddenItems blocklist is reachable. A working curl-based proof-of-concept is publicly available via GitHub advisory GHSA-245j-xjvr-xvm5; no CISA KEV listing is present at time of analysis.
Password disclosure in Mattermost Server versions 11.5.0-11.5.1, 10.11.0-10.11.13, and 11.4.0-11.4.3 allows high-privilege administrators to view newly created user credentials, enabling impersonation attacks. The CVSS score of 6.5 reflects medium severity, requiring high-privilege access (PR:H) but offering network-based exploitation (AV:N) with low complexity (AC:L). While not currently listed in CISA KEV and no public exploit identified at time of analysis, the vendor-confirmed vulnerability (Mattermost Advisory MMSA-2026-00614) presents real risk in environments where privileged accounts are compromised or insider threats exist.
Authenticated Mattermost users can read private channel threads and direct messages they lack access to by exploiting the AI post rewrite endpoint. Versions 11.5.0 and 11.5.1 fail to verify channel membership before processing AI-assisted message rewrites, enabling privilege escalation from low-privileged authenticated users to access confidential communications. CVSS 6.5 reflects network-accessible attack with low complexity requiring only basic authentication. EPSS data not available; no public exploit or KEV listing identified at time of analysis.
{id}/volumes/{volumeName}/browse`. The path sanitizer at `volume_service.go:1448-1467` blocks only `../` traversal and passes shell substitution sequences through unchanged; `strconv.Quote` wraps the path in Go-style double quotes, which POSIX `sh` still interprets as a command-substitutable string, causing the injected command to execute and its output to be reflected in the HTTP 500 error body. No vendor-released patch exists at time of analysis; publicly available exploit code is embedded in the GHSA advisory (GHSA-9mvm-4gwg-v8mp) and no confirmed active exploitation (CISA KEV) has been reported.
Weak password hashing in opensourcepos Open Source Point of Sale through version 3.4.2 exposes a legacy code path in the Employee Login component (app/Models/Employee.php) that retains an older, cryptographically weak hash function. The vendor has disputed the severity of this issue, clarifying that the weak hash function persists solely to support an upgrade migration path - default-seeded passwords use the legacy hash but are migrated to a stronger algorithm upon first login, meaning actively managed accounts on updated installations face reduced practical exposure. No public exploit code has been identified at time of analysis, and the vulnerability's real-world impact is currently in question pending independent verification.
Command injection in Edimax BR-6428NS firmware v1.10 allows authenticated remote attackers to execute arbitrary system commands via the stadrv_ssid parameter in POST requests to /goform/formStaDrvSetup. Public exploit code is available (documented in VulDB and researcher's Notion page), enabling low-complexity attacks against networks where attackers have obtained low-privilege credentials. The vendor received early disclosure but provided no response, leaving no official patch timeline.
Command injection in Edimax BR-6228NC version 1.22 allows authenticated remote attackers to execute arbitrary OS commands by manipulating the 'command' parameter in POST requests to /goform/mp endpoint. Public exploit code exists, increasing exploitation risk despite requiring low-privilege authentication. EPSS data not available, but the presence of working exploit demonstrates confirmed weaponization. Vendor has not responded to disclosure and no patch has been announced.
Stack overflow in the Magick.NET fx expression evaluator affects all Q16 and HDRI NuGet package variants prior to version 14.13.1. The root cause is a missing recursion depth check in the fx operation: a crafted argument can drive the evaluator into uncontrolled recursion, exhausting the call stack and crashing the host process. Impact is limited to availability (denial of service); no confidentiality or integrity exposure is present, and no public exploit or CISA KEV listing exists at time of analysis.
Heap-use-after-free in Magick.NET's MSL (Magick Scripting Language) decoder causes a denial-of-service condition when processing a crafted MSL image file. All Magick.NET NuGet package variants across Q16, Q16-HDRI, and multi-architecture builds prior to version 14.13.1 are affected. No public exploit code and no confirmed active exploitation (CISA KEV) have been identified at time of analysis; the CVSS vector indicates local-only access with availability-only impact, classifying this as a crasher rather than a code execution or data exposure issue.
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format (CPF) parser, specifically in CreateCommonPacketFormatStructure() in source/src/enet_encap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled item_count value that is not consistently validated against the remaining data_length of the CPF slice
Null pointer dereference in OMEC Project AMF (Access and Mobility Management Function) versions up to 2.1.3-dev allows authenticated remote attackers to trigger denial of service via crafted NGAP UERadioCapabilityCheckResponse messages. The vulnerability exists in ngap/dispatcher.go where insufficient null pointer validation permits exploitation through the 5G network interface. Public exploit code exists (GitHub issue #675), and vendor-released patch v2.2.0 is available via PR #666, which also addresses multiple related security issues in NGAP message handling and mobile identity parsing.
Remote denial of service in omec-project AMF versions up to 2.1.3-dev allows authenticated attackers to crash the Access and Mobility Management Function via crafted NGAP messages that trigger null pointer dereference in ngap/handler.go. Public exploit code exists (GitHub issue #674). Affects OMEC 5G core network deployments. Patched in version 2.2.0 via PR #666, which addresses multiple security issues including malformed SUCI handling and missing null checks across NGAP message parsing.
Null pointer dereference in OMEC Project AMF versions up to 2.1.3-dev allows remote authenticated attackers to trigger denial of service via crafted NGAP messages to the RANConfiguration function. The vulnerability (CVE-2026-8781) affects the Access and Mobility Management Function component of the Open Mobile Evolved Core, a critical element in 5G networks. Publicly available exploit code exists (GitHub issue #673), but CVSS 2.1 (Low) reflects limited availability impact and low-privilege authentication requirement. Vendor-released patch: version 2.2.0 (GitHub PR #666).
Memory corruption in omec-project AMF versions up to 2.1.3-dev allows authenticated remote attackers to trigger low-severity availability impact via malformed NGAP messages. The vulnerability resides in ngap/dispatcher.go where insufficient null-pointer validation and input sanitization in the NGAP message handler permits memory corruption. Public exploit code exists (GitHub issue #670) with vendor-released fix in version 2.2.0. Despite CVSS 2.1 base score, exploitation probability is low (CVSS:4.0 E:P indicates POC exists) and impact limited to partial availability degradation - authentication required (PR:L) and no confidentiality or integrity impact (VC:N/VI:N).
Memory corruption in OMEC Project's Access and Mobility Management Function (AMF) allows authenticated remote attackers to crash the 5G core network component by sending crafted NGAP NG Setup Request messages with malformed InformationElement fields. Affects OMEC AMF versions up to 2.1.3-dev. Publicly available exploit code exists (GitHub issue #671), and vendor patch released in version 2.2.0. CVSS 4.3 (Low severity) reflects low availability impact, requiring authentication (PR:L), but real-world risk is moderate for 5G network operators given public POC and critical infrastructure role of AMF in mobile core networks.
HSC MailInspector v5.3.3-7 contains a Cross-Site Scripting (XSS) vulnerability in the /tap/tap.php endpoint due to improper neutralization of user-controlled input using alternate or obfuscated JavaScript syntax. The endpoint reflects unsanitized user input in HTTP responses without adequate output encoding, allowing a remote attacker to execute arbitrary JavaScript code in the context of a victim's browser.