Skip to main content
CVE-2026-41948 CRITICAL POC Act Now

Path traversal in Dify versions 0 through 1.14.1 allows authenticated tenants to escape their authorized tenant path and reach the Plugin Daemon's internal REST API, including debug interfaces, by smuggling unencoded dot sequences through task identifiers or filename parameters. Because Dify Cloud permits unauthenticated free self-registration, the authentication barrier collapses to trivial account creation, and publicly available exploit code exists; the attacker only needs the victim tenant's UUID to pivot. CVSS 4.0 is rated 9.2 with high confidentiality and integrity impact.

Path Traversal Dify
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-41947 CRITICAL POC PATCH Act Now

Cross-tenant authorization bypass in LangGenius Dify versions through 1.14.1 lets any logged-in editor reroute another tenant's LLM trace traffic - including prompts and model responses - to an attacker-controlled observability provider. Because Dify Cloud permits free self-registration, the authentication barrier is effectively trivial; publicly available exploit code exists and a vendor patch is shipped via PR #35793. The flaw is an instance of CWE-639 (insecure direct object reference) in the trace-configuration endpoints, which accepted an app_id without validating tenant ownership.

Authentication Bypass Dify
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-45829 CRITICAL NEWS GHSA Act Now

{tenant}/databases/{db}/collections endpoint. The flaw carries a maximum CVSS 4.0 score of 10.0 and was disclosed publicly by HiddenLayer; no public exploit identified at time of analysis, though detailed research has been published.

RCE Code Injection Python Chromadb
NVD GitHub
CVSS 4.0
10.0
EPSS
0.1%
CVE-2026-42822 CRITICAL PATCH Exploit Likely Act Now

Privilege elevation in Microsoft Azure Local Disconnected Operations allows unauthenticated network-based attackers to gain elevated rights via an improper authentication weakness (CWE-287). The flaw carries a maximum CVSS 10.0 score with scope change, and Microsoft has issued a patched build (Azure Local 2604.2.25645). No public exploit identified at time of analysis, but the trivial attack profile (AV:N/AC:L/PR:N/UI:N) makes this a top-priority fix for affected hybrid-cloud deployments.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-27130 CRITICAL PATCH Act Now

OS command injection in Dokploy self-hosted PaaS (versions <= 0.26.6) allows an authenticated low-privileged user to achieve server-level remote code execution by injecting shell metacharacters into the appName parameter when creating an application or database. The cleanAppName sanitizer only lowercases and strips spaces, leaving characters like ;, $(), backticks, |, and & to be passed directly into execAsync()/execAsyncRemote() shell interpolation when service lifecycle operations run. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV, but the GitHub commit diff publicly demonstrates the vulnerable code path.

Command Injection
NVD GitHub
CVSS 3.1
9.9
EPSS
0.2%
CVE-2026-45625 CRITICAL PATCH GHSA Act Now

Broken access control in Arcane's GitOps backend (versions <= 1.18.1) allows any authenticated low-privilege user to exfiltrate plaintext Git credentials (PATs/SSH keys) stored for source-of-truth repositories. Eight of nine /api/customize/git-repositories endpoints omit the checkAdmin() gate, letting a 'user' role attacker repoint a repository URL to an attacker-controlled host and trigger a /test or /branches call that transmits the decrypted token via HTTP Basic auth. No public exploit identified at time of analysis, but the GHSA advisory documents a complete attack chain and a patched release (1.19.0) is available.

Authentication Bypass Gitlab Privilege Escalation Information Disclosure Denial Of Service
NVD GitHub
CVSS 3.1
9.9
EPSS
0.1%
CVE-2026-7304 CRITICAL GHSA Act Now

SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads() will be deserialized without validation.

Python RCE Deserialization
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-7301 CRITICAL GHSA Act Now

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the internet.

Deserialization Sglang
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-45697 CRITICAL PATCH GHSA Act Now

Pre-authenticated server-side template injection in Verbb Formie (a forms plugin for Craft CMS) allows unauthenticated remote attackers to submit crafted values into Hidden fields configured with a Custom default value, which are then evaluated as Twig during submission handling. Successful exploitation can lead to arbitrary code execution and full compromise of the Craft site depending on template sandbox behavior. No public exploit identified at time of analysis, though the GitHub Security Advisory GHSA-x7m9-mwc2-g6w2 and patch commit are publicly disclosed.

RCE Code Injection
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-8838 CRITICAL PATCH GHSA Act Now

Remote code execution in the amazon-redshift-python-driver (versions prior to 2.1.14) allows a malicious or compromised Redshift server, or a man-in-the-middle attacker positioned on the network path, to execute arbitrary Python code on any client that connects. The root cause is unsafe use of Python's eval() against untrusted server-supplied data inside the vector_in() function. No public exploit identified at time of analysis, but the CVSS 4.0 base score of 9.3 and PR:N/UI:N vector make this a high-priority client-side supply-chain-style risk.

Code Injection Python RCE
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-8836 CRITICAL PATCH Act Now

Stack-based buffer overflow in lwIP through 2.2.1 enables remote unauthenticated attackers to corrupt stack memory in the SNMPv3 USM handler by sending a crafted msgAuthenticationParameters field to snmp_parse_inbound_frame in src/apps/snmp/snmp_msg.c. The flaw stems from a commented-out length assertion that allowed user-controlled TLV value lengths to exceed SNMP_V3_MAX_AUTH_PARAM_LENGTH during decoding. No public exploit identified at time of analysis, but the CVSS 4.0 score of 9.3 reflects network-reachable, no-privilege, no-interaction exploitation against a library widely embedded in IoT and embedded TCP/IP stacks.

Stack Overflow Buffer Overflow Lwip
NVD VulDB GitHub
CVSS 4.0
9.3
EPSS
0.2%
CVE-2026-4320 CRITICAL PATCH Act Now

Authorization bypass in Creartia's ICMS content management system allows remote unauthenticated attackers to gain unauthorized access to protected features and escalate privileges by manipulating HTTP redirect headers during the login process. The vulnerability has a CVSS 9.3 score and vendor patches are available through INCIBE advisory.

Authentication Bypass Privilege Escalation Icms Content Management
NVD VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-7302 CRITICAL GHSA Act Now

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints.

Path Traversal Sglang
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.1%
CVE-2023-24215 CRITICAL Act Now

Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass N A
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-45363 CRITICAL PATCH GHSA Act Now

Authentication bypass in the ruby-jwt gem (versions < 3.2.0) allows remote attackers to forge valid HS256/HS384/HS512 tokens when an application supplies an empty string or nil as the verification key. Because OpenSSL::HMAC.digest happily computes a digest under an empty key and JWT::JWA::Hmac coerces nil to '' without validating, any application whose key lookup degrades to '' (common with Redis misses, ORM string defaults, or `ENV['SECRET'] || ''` patterns) will accept attacker-signed tokens. No public exploit identified at time of analysis, but the vendor advisory (GHSA-c32j-vqhx-rx3x) and the v3.2.0 patch confirm the issue and the trivial forgery primitive.

Redis Authentication Bypass OpenSSL
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy