Local privilege escalation in Google Android (versions 14, 15, 16, and 16-qpr2) stems from an integer overflow (CWE-190) that can be triggered without user interaction to achieve code execution. With CVSS 8.4 and SSVC technical impact rated 'total,' a local attacker on the device can elevate privileges across security boundaries without additional execution rights. No public exploit identified at time of analysis and SSVC reports exploitation status as 'none.'
Remote code execution in Poly Voice products on Linux is possible through a stack-based buffer overflow reachable when administrators enable Interactive Connectivity Establishment (ICE). Unauthenticated network attackers can trigger the flaw without user interaction, and no public exploit has been identified at time of analysis. HP rates the issue at CVSS 4.0 9.2 (Critical), driven by network reachability and full confidentiality, integrity, and availability impact.
Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Arbitrary file write in F5-TTS through 1.1.20 allows unauthenticated remote attackers to create directories and write attacker-controlled JSON anywhere the server process has write access by abusing unsanitized project_name parameters in the finetune Gradio interface. The flaw stems from passing user input directly to os.path.join() - supplying an absolute path bypasses the intended base directory entirely. Publicly available exploit code exists, and an upstream patch has been merged via PR #1294.
WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wpas_keys parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Unauthenticated SQL injection in Pixa Bank 2.0 allows remote attackers to exfiltrate database contents by submitting UNION-based payloads in the 'rib' parameter of the agence-ajax.php endpoint. Publicly available exploit code exists (Packet Storm) and the issue was disclosed by VulnCheck, making opportunistic exploitation likely against any internet-exposed instance. No public exploit identified at time of analysis as actively exploited in the wild (not on CISA KEV), but the trivial attack complexity and existing PoC elevate practical risk.
Path traversal in Banana Slides through 0.4.0 allows unauthenticated remote attackers to read arbitrary image-format files outside the uploads directory via the generate_image() function in the AI service backend. The flaw stems from an incomplete prefix check using os.path.startswith() without a trailing separator, letting sibling directories whose names share the uploads folder prefix bypass containment. Publicly available exploit code exists (GitHub issue #429), and a vendor patch has been released in commit e8bc490.
Stack-based buffer overflow in microtar through 0.1.0 allows remote attackers to corrupt stack memory and potentially achieve code execution when an application using the library parses a malicious TAR archive. The flaw in raw_to_header() uses strcpy() on non-null-terminated 100-byte ustar fields, enabling writes of up to 355 bytes into a 100-byte buffer. Publicly available exploit code exists and the issue was reported by VulnCheck, raising the practical risk despite no current CISA KEV listing.
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
launch-editor allows users to open files with line numbers in editor from Node.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Denial of service in lwext4 1.0.0 allows remote attackers to crash applications by supplying a malformed EXT4 filesystem image that triggers a NULL pointer dereference in ext4_dir_en_get_name_len during directory iteration. The flaw affects the 2016-era lwext4 codebase commonly embedded in IoT, bootloaders, and forensic tools that mount untrusted EXT4 images. Publicly available exploit code exists, though EPSS rates real-world exploitation probability as very low (0.02%, 4th percentile).
Stack-based buffer overflow in D-Link DI-7001 MINI routers (firmware up to 19.09.19A1) allows authenticated remote attackers to corrupt memory via the Time parameter passed to the sprintf function in /httpd_debug.asp. Publicly available exploit code exists on GitHub, and the CVSS 4.0 score of 7.4 reflects high confidentiality, integrity, and availability impact with low privilege requirement and no user interaction. The vulnerability targets an embedded networking appliance commonly deployed at SMB and branch-office perimeters, increasing exposure risk where the management interface is reachable.
Stack-based buffer overflow in D-Link DI-8400 routers through firmware 16.07.26A1 allows authenticated remote attackers to corrupt memory by manipulating the 'str' parameter in /dbsrv.asp, potentially achieving code execution on the device. Publicly available exploit code exists, raising the practical risk despite the requirement for low-level privileges per the CVSS 4.0 vector. The original researcher advisory notes contradictory parameter names, introducing some uncertainty about the exact trigger field.
Stack-based buffer overflow in UTT HiPER 1200GW routers (firmware up to 2.5.3-170306) allows authenticated remote attackers to corrupt memory via the Profile parameter in the /goform/formFireWall endpoint, where unsafe strcpy usage processes the input. Publicly available exploit code exists, increasing the realistic risk of attempted compromise against exposed management interfaces. No CISA KEV listing has been published, so exploitation is not yet confirmed active in the wild.
Stack-based buffer overflow in UTT HiPER 1200GW routers (firmware versions up to 2.5.3-170306) allows remote authenticated attackers to corrupt memory via the strcpy function in the /goform/formTaskEdit endpoint. Publicly available exploit code exists, raising the practical risk despite the requirement for low-level privileges. No KEV listing or EPSS data is provided in the input, so widespread automated exploitation has not been confirmed.
No-Cms 1.0 contains an SQL injection vulnerability in the order_by parameter of the manage_privilege export endpoint that allows authenticated attackers to manipulate database queries. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the eGeqIdEquipe parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the zProIdPro parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
ZeusCart 4.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of victims by crafting malicious requests. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Private key disclosure in Cloud Foundry UAA versions v76.12.0 through v78.12.0 allows unauthenticated remote attackers to retrieve Elliptic Curve (EC) private key material from the public /token_keys endpoint, which is supposed to expose only public verification keys. With the leaked private keys, attackers can forge arbitrary JWTs and impersonate any UAA-authenticated identity across the platform. No public exploit identified at time of analysis, though the CVSS 10.0 score and trivial reproduction step (a single unauthenticated HTTP GET) make weaponization straightforward once the issue is widely known.
Local privilege escalation in Google Android XR stems from a missing permission check in InputMethodManagerService.addInputMethodListener, allowing an app or local context to register input method listeners without the authorization the IME subsystem normally requires. The flaw needs no user interaction and no additional execution privileges, and is addressed in the June 2026 Android XR security bulletin; no public exploit identified at time of analysis.
Secret exfiltration in CloudPirates Open Source Helm Charts (prior to commit fcf9302) allows unauthenticated attackers to steal repository secrets, including Docker Hub credentials and tokens, by submitting a malicious fork pull request that triggers the pull-request.yaml GitHub Actions workflow in a privileged context. No public exploit is identified at time of analysis, but the attack pattern is a well-known pwn-request misconfiguration that requires no maintainer approval, and the CVSS score of 10.0 (Critical) with scope change reflects compromise of CI/CD secrets that extend beyond the workflow boundary.
Credential exposure in CloudPirates Open Source Helm Charts (prior to commit fcf9302) allows attackers to steal a Personal Access Token and SSH signing key by submitting a malicious pull request that the vulnerable GitHub Actions workflow checks out and executes with privileged secrets. The repository's generate-schema.yaml workflow used unsafe pull_request_target patterns combined with checkout of fork-controlled code, enabling code injection into a privileged CI context. No public exploit identified at time of analysis, but the attack pattern is well-documented for this class of GitHub Actions misconfiguration.
Unauthenticated remote code execution in Dassault Systèmes Teamwork Cloud (No Magic Release 2022x-2026x) and Magic Collaboration Studio (CATIA Magic Release 2022x-2026x) arises from unsafe deserialization of attacker-controlled data. The CVSS 9.8 vector indicates a network-reachable attack with no privileges or user interaction, yielding full confidentiality, integrity, and availability impact, though no public exploit identified at time of analysis and EPSS data was not provided.
Arbitrary file read and remote code execution in Vitest versions prior to 4.1.0 allow remote unauthenticated attackers to read files outside the project directory on Windows and execute arbitrary scripts when the Vitest UI or Browser Mode API server is exposed to the network via the --api.host flag or api.host configuration option. The flaw stems from incorrect use of the deprecated isFileServingAllowed check, which can be bypassed using Windows-specific path syntax (\\?\\..\\), and is compounded by API features (saveTestFile + rerun, readFile/writeFile/saveSnapshotFile) that effectively grant script execution to anyone who can reach the API. Publicly available exploit code exists in the GHSA advisory PoC; no public exploit beyond that is identified at time of analysis.
Privilege escalation in the AIWU (AI Copilot Content Generator) WordPress plugin by Sergey, affecting all versions up to and including 1.4.17, allows remote unauthenticated attackers to gain elevated privileges on a target WordPress site. The CVSS 9.8 score with AV:N/PR:N indicates no authentication is required and the attack can be carried out over the network against any site running a vulnerable installation. No public exploit identified at time of analysis, but the Patchstack reference indicates this was identified through their managed audit program for WordPress plugins.
Privilege escalation in the Contest Gallery Pro WordPress plugin (versions up to and including 29.0.1) allows remote unauthenticated attackers to gain elevated privileges within affected WordPress sites due to incorrect privilege assignment (CWE-266). The CVSS 9.8 score combined with network-reachable, no-authentication exploitation makes this a critical-severity issue, though no public exploit identified at time of analysis. The vulnerability was disclosed by Patchstack's audit team and currently has no entry in CISA KEV.
OS command injection in PHP Censor through 2.1.6 allows remote attackers to execute arbitrary shell commands by submitting a crafted commitId value to the webhook endpoint handled by src/Model/Build/GitBuild.php. The unsanitized commitId (and branch name) is interpolated into shell command strings passed to git log and clone operations, and publicly available exploit code exists per VulDB. No CISA KEV listing or EPSS score is provided, so exploitation appears opportunistic rather than confirmed active in the wild.
OS command injection in nextlevelbuilder GoClaw through version 3.11.3 allows remote attackers to execute arbitrary shell commands inside the sandbox container by supplying a crafted file path to the write_file tool. The flaw exists in FsBridge.WriteFile (internal/sandbox/fsbridge.go), which interpolated the destination path into a shell command (`sh -c "cat > <path>"`) executed via docker exec, letting shell metacharacters such as `$(...)` break out of the intended write operation. Publicly available exploit code exists and the upstream patch is still pending merge at the time of analysis, raising real-world risk despite a moderate 7.3 CVSS.
OS command injection in zhayujie chatgpt-on-wechat (also known as CowAgent) versions up to and including 2.0.8 allows remote attackers to execute arbitrary operating system commands by abusing the _get_safety_warning function within the Bash Tool component (agent/tools/bash/bash.py). Publicly available exploit code exists for this issue, increasing the likelihood of opportunistic abuse, though it is not currently listed in CISA KEV. The vendor has released version 2.0.9 (commit 16d9b449c9aa53ccee44144a762a2737d7ba4fc4) addressing the flaw.
Reflected cross-site scripting in Vitest browser mode (@vitest/browser) allows attackers to execute arbitrary JavaScript in the Vitest server origin by luring a developer to a crafted /__vitest_test__/ URL with a malicious otelCarrier query parameter. Because the same page embeds VITEST_API_TOKEN used to authenticate the Vitest WebSocket API, the XSS chains into full Node-side remote code execution by writing to vite.config.ts and triggering a config reload. Publicly available exploit code exists in the vendor's GHSA-2h32-95rg-cppp advisory, though no public exploit identified at time of analysis in CISA KEV.
Path traversal in Rocketgenius Gravity Forms (WordPress plugin) versions up to and including 2.10.0.1 enables remote attackers to perform arbitrary file deletion on the underlying server, as catalogued in the Patchstack advisory referenced by NVD. The CVSS 9.6 score reflects a scope-changing impact reachable over the network with low complexity and no authentication, though successful exploitation requires user interaction. No public exploit has been identified at time of analysis and the issue is not present in CISA KEV.
{workspace_id}/members. The endpoint enforces only the default member-tier gate and forwards the caller-supplied role directly to MemberService.add, which validates the role string but never checks the caller's permission to assign it. No public exploit identified at time of analysis, but a detailed exploit chain is documented in the vendor advisory.
Remote code/prompt injection in NousResearch Hermes Agent through 0.12.0 stems from improper neutralization in the _compress_context function within run_agent.py (CWE-74). Publicly available exploit code exists and the issue is remotely triggerable without authentication per the CVSS vector, though impact is bounded to Low across confidentiality, integrity, and availability. The vendor was contacted but did not respond, leaving downstream users without an official fix at time of analysis.
Remote injection in NousResearch Hermes Agent through version 2026.4.30 allows unauthenticated attackers to manipulate the _serve_plugin_skill/skill_view function in tools/skills_tool.py. Publicly available exploit code exists via a GitHub gist, and the vendor has not responded to disclosure attempts, leaving deployments without an official fix. CVSS 7.3 reflects network-reachable, low-complexity exploitation with partial impact across confidentiality, integrity, and availability.
Uncontrolled resource consumption in NousResearch hermes-agent (all versions through 2026.4.30) allows remote unauthenticated attackers to degrade service availability by sending crafted requests to the Feishu webhook endpoint. The vulnerable function `_handle_webhook_request` in `gateway/platforms/feishu.py` fails to bound resource usage during webhook processing, enabling denial-of-service conditions. A publicly available proof-of-concept exploit exists (hosted on GitHub), the vendor did not respond to responsible disclosure, and no patch has been released - leaving all deployments with active Feishu integration exposed with no official remediation path.
SQL injection in raisulislamg4's PHP-based Student Management System allows remote unauthenticated attackers to manipulate the 'role' parameter in add_user_check.php to inject arbitrary SQL queries. Publicly available exploit code exists per VulDB disclosure, and the project (a rolling-release GitHub repository) has not responded to the reporter's issue, leaving deployments unpatched. CVSS 7.3 with low complexity and no privileges required makes this an attractive low-effort target despite the limited deployment footprint of this open-source educational project.
SQL injection in raisulislamg4's Student Management System (PHP) allows remote unauthenticated attackers to manipulate database queries via the user_id, course_id, teacher_id, student_id, or application_id parameters in delete.php. Publicly available exploit code exists, and the project operates on a rolling release model with no formal versioning, complicating patch tracking. The maintainer has been notified but has not responded, leaving deployments exposed.
SQL injection in raisulislamg4's PHP-based Student Management System allows remote unauthenticated attackers to manipulate the Username parameter in login_check.php to inject arbitrary SQL. Publicly available exploit code exists per the GitHub issue tracker, and the project follows a rolling-release model with no fixed version available. The vendor was notified early but has not responded, leaving deployments unpatched.
SQL injection in code-projects Online Hospital Management System 1.php enables remote unauthenticated attackers to manipulate the Username parameter sent to the login_user function in login_1.php, allowing arbitrary SQL query execution against the backend database. Publicly available exploit code exists (published on GitHub by researcher Mi0uno), increasing the likelihood of opportunistic exploitation, though the CVE is not listed in CISA KEV and EPSS data is not provided. Per CVSS, exploitation requires no authentication or user interaction and impacts confidentiality, integrity, and availability at a low level (CVSS 7.3).
SQL injection in code-projects Hotel and Tourism Reservation System 1.0 allows remote unauthenticated attackers to manipulate the `tour` GET parameter in `tour.php` to inject arbitrary SQL into backend database queries. Publicly available exploit code exists (hosted on GitHub), enabling low-skilled attackers to extract or modify database contents, though no CISA KEV listing or EPSS signal indicates widespread active exploitation at this time.
Authentication bypass in code-projects Hotel and Tourism Reservation System 1.0 allows remote attackers to defeat admin login by manipulating the Password argument processed by the password_verify function in /admin/login.php. The flaw is reachable over the network without prior authentication, and publicly available exploit code exists, increasing the likelihood of opportunistic abuse against exposed deployments.
Server-side request forgery in SourceCodester SEO Meta Tag Extractor 1.0 allows remote unauthenticated attackers to coerce the application into making arbitrary outbound HTTP requests by manipulating the 'url' parameter passed to the get_headers() function in /index.php. Publicly available exploit code exists per VulDB, increasing the likelihood of opportunistic abuse against exposed instances, though no active exploitation has been confirmed via CISA KEV.
Missing authentication in Enderfga claw-orchestrator's embedded HTTP server (src/embedded-server.ts, EmbeddedServer class) exposes all API endpoints to unauthenticated network access in versions 3.5.5 and earlier, because the OPENCLAW_SERVER_TOKEN authentication mechanism was opt-in rather than enforced by default. Any attacker with network access to the server port can interact with the orchestration management API without credentials. A publicly available proof-of-concept exists (referenced in GitHub issue #61); this vulnerability is not confirmed in CISA KEV at time of analysis, though the CVSS 4.0 E:P exploit maturity modifier confirms public PoC availability.
Server-side request forgery in horizon921 mcpilot 0.1.0 allows unauthenticated remote attackers to force the server to issue arbitrary HTTP requests by supplying a malicious value to the `serverBaseUrl` parameter in the MCP API Call Endpoint (`client/src/app/api/mcp/call/route.ts`). The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms the attack requires no authentication and no user interaction, making it trivially reachable from the network. A public exploit exists (E:P), no vendor patch has been released, and the project maintainer has not yet responded to the responsible disclosure.
Improper authorization in a4m4's Student-Management-System allows unauthenticated remote attackers to manipulate the `sid` parameter in `admin/deleteform.php` to delete student records without any credentials. All commits up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0 are affected, and a proof-of-concept exploit has been publicly disclosed via the project's GitHub issue tracker. No patch is available; the maintainer has not responded to the responsible disclosure report, leaving all deployed instances exposed with no official remediation path.
Null pointer dereference in GPAC MP4Box before version 26.02.0 crashes the process when parsing crafted MP4 files, resulting in a Denial of Service. The vulnerable function gf_media_get_color_info in src/media_tools/isom_tools.c fails to validate pointers to AVC (avcc) and HEVC (hvcc) configuration boxes before dereferencing them, causing a segmentation fault when a malformed file omits these structures. No public exploit is confirmed as actively exploited (not in CISA KEV), but publicly available exploit code exists and the attack requires only that a user open a crafted file.
Heap use-after-free in GPAC MP4Box's dasher filter allows local attackers to crash the application by supplying a crafted MPEG-2 file. The flaw exists in dasher_configure_pid within src/filters/dasher.c, where a freed GF_DashStream object can still be referenced via muxed_base pointers held by other stream structures, resulting in a dangling pointer dereference. Impact is limited to Denial of Service (A:H, C:N, I:N); a publicly available proof-of-concept confirms reproducibility, though no confirmed active exploitation (CISA KEV) has been identified at time of analysis.