Missing brute-force protection on the claim endpoint in unitedbyai droidclaw (all versions up to 0.5.3) allows unauthenticated remote attackers to submit unlimited authentication attempts against the device pairing flow, potentially enumerating or compromising pairing credentials. The root cause is CWE-307 - absent rate limiting or lockout logic in server/src/routes/pairing.ts. A publicly available proof-of-concept exploit exists (hosted on GitHub Gist), though high attack complexity and low confidentiality impact constrain the real-world severity. No patch has been released; the vendor has not responded to the responsible disclosure filed via GitHub issue #14.
Injection vulnerability in NousResearch hermes-agent (all versions through 2026.4.30) allows remote unauthenticated attackers to exploit improper neutralization in the _sanitize_env_lines function of hermes_cli/config.py, achieving partial confidentiality, integrity, and availability impact. The flaw is tagged as code injection (CWE-74), meaning attacker-controlled input passed through this sanitization routine may reach a downstream component in an executable or interpreted context. A public proof-of-concept exploit exists (GitHub gist), though the CVSS vector assigns high attack complexity, indicating exploitation is not trivial. No vendor patch exists; the vendor was unresponsive to coordinated disclosure.
Reachable assertion in SGLang 0.5.10.post1's LoRA adapter scheduler allows a remote unauthenticated attacker to trigger a denial of service via a crafted `lora_path` argument to the inference HTTP endpoint. The root cause is a logic flaw in the batch prefill scheduler: chunked LoRA prefill requests already admitted to the prefill queue are invisible to the LoRA admission check, enabling N+1 distinct adapters to be submitted when `max_loras_per_batch=N`, which forces an assertion failure in `lora_manager.py`. A publicly available proof-of-concept exists (no public exploit identified at time of analysis in the KEV sense), and the CVSS 4.0 score of 2.9 reflects high attack complexity and limited availability impact.
Path traversal in AstrBot 4.23.6 allows authenticated remote attackers to manipulate the Name parameter of the /api/skills/delete API endpoint to escape the intended directory boundary, enabling unauthorized deletion or corruption of arbitrary files on the host system. The CVSS vector (C:N/I:L/A:L) confirms no confidentiality exposure but meaningful integrity and availability impact. A public proof-of-concept exploit is available on GitHub; the vendor did not respond to responsible disclosure, and no patch has been released at time of analysis.
Injection vulnerability in NousResearch hermes-agent's `_scan_memory_content` function exposes authenticated low-privileged remote users to partial confidentiality, integrity, and availability compromise across all versions through 2026.4.30. The flaw originates in `tools/memory_tool.py`, where user-controlled input is insufficiently neutralized before being passed to downstream components. No public exploit identified at time of analysis is incorrect - a public proof-of-concept exploit exists (GitHub gist), and the vendor has not responded to responsible disclosure, meaning no patch has been released.
Injection in AstrBot 4.23.6 allows authenticated remote attackers to manipulate input through the `_sanitize_prompt_description` function in `astrbot/core/skills/skill_manager.py`, bypassing sanitization and achieving partial impact on confidentiality, integrity, and availability. A publicly available exploit (POC) exists on GitHub, and the vendor did not respond to responsible disclosure, meaning no official patch has been released. No public exploit identified as confirmed actively exploited (CISA KEV), though the public POC and low-privilege entry point lower the barrier for exploitation.
Improper authorization in GoClaw (nextlevelbuilder/goclaw) up to version 3.11.3 allows a remote low-privileged attacker to bypass authorization controls via the `auth` function in `internal/http/evolution_handlers.go`. The CVSS 4.0 score is 2.1 with limited integrity and availability impact and no confidentiality exposure. A public proof-of-concept exploit has been disclosed via a GitHub issue, though the project has not been confirmed as actively exploited in the wild per CISA KEV.
Improper privilege management in nextlevelbuilder GoClaw up to version 3.11.3 allows authenticated low-privileged users to escalate privileges via the handleSave function of the RoleAdmin Gateway component (internal/http/tts_config.go). The vulnerability is remotely exploitable over the network with no user interaction required, though a low-privilege authenticated session is a prerequisite per the CVSS:4.0 vector (PR:L). A publicly available proof-of-concept exists (published via GitHub issue #1118), but this CVE has not been added to the CISA KEV catalog. The CVSS 4.0 base score of 2.1 (LOW) reflects constrained confidentiality, integrity, and availability impact with no scope change to downstream systems.
Horizontal privilege escalation in Dolibarr ERP CRM through version 23.0.1 permits any authenticated low-privilege user to read other users' leave request records via the Leave Request REST API, with a publicly available proof-of-concept confirming exploitability. The flaw in `checkUserAccessToObject` within `api_holidays.class.php` (CWE-285, Improper Authorization) arises because the access control helper receives only an integer object ID rather than the full object, causing ownership validation to fail silently and return another user's confidential HR data. No active exploitation is confirmed in CISA KEV, but the public POC and low attack complexity make this a realistic insider or multi-tenant threat requiring prompt patching.
Authorization bypass in AstrBotDevs AstrBot 4.24.2 enables remote low-privilege authenticated attackers to manipulate the session_id argument within the astr_main_agent function to access or control sessions belonging to other users. The root cause is CWE-639 (Authorization Bypass Through User-Controlled Key), where the server fails to verify that the requesting user owns the supplied session_id. A publicly available exploit exists via GitHub gist, no vendor patch has been released, and the vendor did not respond to disclosure - elevating practical risk above what the CVSS 6.3 Medium score alone implies.
Incorrect authorization in AstrBot 4.23.6 allows remote low-privileged attackers to bypass filesystem path restrictions via the `_normalize_rw_path` function in `astrbot/core/tools/computer_tools/fs.py`, resulting in unauthorized read, write, or access to files outside the intended scope. The vulnerability stems from improper path normalization logic that fails to enforce access controls correctly, enabling authenticated users to escape sandboxed file boundaries. A public proof-of-concept exploit exists on GitHub, and the vendor was unresponsive to coordinated disclosure, leaving no official patch available at time of analysis.
Unrestricted file upload in Metasoft MetaCRM 6.4.0 allows low-privileged authenticated remote attackers to upload arbitrary files via the softlogo upload endpoint at develop/systparam/softlogo/upload.jsp, potentially enabling server-side code execution or persistent backdoor installation. A publicly available proof-of-concept exploit exists, referenced via a Feishu document, and the vendor did not respond to coordinated disclosure. No KEV listing at time of analysis, but the combination of a public POC, low attack complexity, and an unresponsive vendor elevates practical risk beyond what the 6.3 CVSS score alone suggests.
SQL injection in CodeAstro Ingredients Stock Management System 1.0 exposes authenticated remote attackers a direct path to database manipulation through the unsanitized `txt_search_category` parameter in `/Ingredients-Stock/stock_manager.php`. The CVSS vector (PR:L) confirms that low-privilege authentication is required, partially limiting exposure, but a publicly available proof-of-concept on GitHub significantly lowers the exploitation barrier. No confirmed active exploitation (CISA KEV) has been reported; however, the combination of low complexity, network accessibility, and public exploit code makes this a realistic threat against any internet-facing deployment where attacker credential acquisition is feasible.
SQL injection in code-projects Online Hospital Management System 1.0 exposes backend database contents via the `editid` parameter in `appointmentdetail.php`. A low-privilege authenticated attacker can remotely manipulate SQL queries to read, modify, or corrupt patient and appointment records. A proof-of-concept exploit is publicly available per the GitHub reference, raising the likelihood of opportunistic exploitation against internet-facing deployments of this PHP application.
SQL injection in itsourcecode Fees Management System 1.0 exposes the /manage_course.php endpoint to database manipulation via an unsanitized ID parameter, reachable by any low-privileged authenticated user over the network. The CVSS 6.3 medium score reflects limited impact scope (C:L/I:L/A:L), but the availability of public proof-of-concept exploit code materially elevates operational risk for internet-facing deployments. No public exploit identified at time of analysis maps to CISA KEV; however, the E:P CVSS modifier confirms exploit code is circulating.
SQL injection in itsourcecode Fees Management System 1.0 exposes the /ajax.php endpoint to database manipulation via the Username parameter, allowing authenticated remote attackers with low-privilege credentials to read, modify, or corrupt application data. The CVSS vector (AV:N/AC:L/PR:L) confirms this is network-exploitable at low complexity with a low-privilege account requirement. A publicly available proof-of-concept exploit exists (confirmed by CVSS temporal modifier E:P and a GitHub disclosure), though no active exploitation has been confirmed by CISA KEV at the time of analysis.
Improper authorization in PackageKit up to 1.3.5 allows a low-privileged authenticated remote attacker to bypass access controls via manipulation of the frontend-socket argument in the g_file_test function within pk-transaction.c, resulting in unauthorized confidentiality exposure (C:L). The vulnerability is tagged as an authentication bypass and publicly available exploit code exists, disclosed via GitHub issue #969 against the PackageKit project. No CISA KEV listing is present, but the combination of a publicly known proof-of-concept and low attack complexity (AC:L) elevates practical risk beyond what the base CVSS score of 4.3 alone suggests.
Cross-site scripting in code-projects Hotel and Tourism Reservation System 1.0 allows remote unauthenticated attackers to inject and execute arbitrary JavaScript by manipulating the name, email, people, or number parameters submitted to /ht/tour.php. The POC repository title ('Stored-XSS') strongly suggests this is a persistent (stored) XSS variant, meaning injected payloads survive in the application and execute in the browsers of subsequent users who view the affected reservation data - not merely the attacker's own session. Publicly available exploit code exists; this CVE has not been added to the CISA KEV catalog at time of analysis.
SQL injection in CodeAstro Payroll System 1.0 allows remote authenticated attackers with low-privilege credentials to manipulate database queries via the emp_id parameter in /home_employee.php. Exploitation can result in unauthorized read access to confidential payroll records, limited data manipulation, and potential availability impact against the underlying database. Publicly available exploit code exists (referenced via GitHub), elevating real-world risk beyond the moderate CVSS score of 6.3; no public patch is available at time of analysis.
OS command injection in wezterm-mcp 0.1.0 allows a remotely authenticated attacker with low privileges to execute arbitrary shell commands by supplying a crafted pane_id argument to the switch_pane or write_to_specific_pane MCP tool handlers. The unsanitized parameter is passed directly to a shell invocation in src/wezterm_executor.ts, giving an MCP client - such as an AI assistant or automation pipeline - the ability to break out of intended terminal pane management and run arbitrary commands in the host user's context. Publicly available exploit code exists per a GitHub issue report; no patch has been released as the vendor has not responded to the disclosure.
Path traversal in ishayoyo excel-mcp (all versions through 1.0.2) allows remote low-privileged attackers to read or write arbitrary files on the host system by manipulating the filePath or outputPath arguments passed to the read_file and write_file MCP tool handlers in src/index.ts. The CVSS 4.0 score is 2.1 (Low), but a publicly available proof-of-concept exploit exists via a GitHub issue disclosure, and no vendor patch has been released - the maintainer has not responded to the responsible disclosure report. No public exploit identified as confirmed actively exploited (CISA KEV) at time of analysis.
Path traversal via improper access control in mcp-google-workspace's MCP Gmail Tool (all pre-patch commits through 831790e) allows an authenticated low-privileged MCP client to write files to arbitrary filesystem locations by supplying crafted relative paths containing directory traversal sequences to the saveToDisk function. Publicly available exploit code exists (GitHub issue #19), though the attack requires an active MCP session (CVSS PR:L). No public exploitation has been confirmed by CISA KEV, but the MCP deployment context introduces prompt-injection as a realistic delivery vector - a malicious email or document processed by an AI assistant could trigger the vulnerable tool without direct human interaction beyond the initial session setup.
Server-side request forgery (SSRF) in hekmon8/Jenkins-server-mcp 0.1.0 allows a remote, low-privileged attacker to forge outbound HTTP requests from the server by manipulating the jobPath parameter across the get_build_status, get_build_log, and trigger_build functions in src/index.ts. The flaw stems from absent or insufficient validation of user-supplied job path values before they are used to construct server-side requests to Jenkins. Publicly available exploit code exists (disclosed via GitHub issue #4); no vendor patch has been released and the maintainer has not responded to the disclosure.
Server-side request forgery in indrasishbanerjee aem-mcp-server allows authenticated remote attackers with low privileges to manipulate the assetPath argument of the getAssetMetadata function, causing the server's Axios HTTP client to issue arbitrary outbound requests. All code up to commit b5f833aef9b5dfd17a5991b3b18a8a11edbdc583 is affected; the project uses no versioning scheme, making version-based scoping impossible. Publicly available exploit code exists (GitHub issue #3), though the vulnerability is not listed in CISA KEV and carries a CVSS 4.0 base score of only 2.1 due to limited impact scope and an authentication prerequisite.
Execution After Redirect (EAR) in a4m4's Student-Management-System exposes admin/ endpoints to unauthorized data access via manipulation of the uid parameter, allowing server-side PHP logic to execute and return sensitive output despite issuing an HTTP redirect response. The CVSS vector (PR:N) confirms no authentication is required, and the exploit has been publicly published via a GitHub issue, making this trivially reproducible. No patch exists and the project maintainer has not responded to disclosure, leaving all deployed instances exposed with no vendor remediation timeline.
SQL injection in itsourcecode Content Management System 1.0 allows remote authenticated attackers to manipulate the backend database via the topic_id parameter in /admin/add_sub_topic.php. The CVSS vector (PR:L) confirms exploitation requires low-privilege authentication, limiting opportunistic attack surface but not eliminating risk in multi-tenant or shared-admin environments. Publicly available exploit code exists, elevating practical risk above what the moderate CVSS score of 6.3 alone suggests.
SQL injection in itsourcecode Content Management System 1.0 exposes the admin-facing endpoint /admin/update_ss_img.php to database manipulation via the unsanitized topic_id parameter. Low-privilege authenticated attackers can exploit this remotely with no user interaction required, achieving partial read, write, and availability impact against the underlying database. A public exploit is available (CVSS temporal E:P; GitHub PoC linked in references), elevating practical risk despite the moderate 6.3 base score. No active exploitation confirmed via CISA KEV at time of analysis.
SQL injection in itsourcecode Content Management System 1.0 exposes the database to read, modify, and partial denial-of-service via a crafted comment submission. The vulnerable endpoint /save_comment.php fails to sanitize the Name parameter before incorporating it into SQL queries, allowing an authenticated low-privilege attacker to manipulate database logic directly. A publicly available proof-of-concept exploit exists (GitHub issue linked in VulDB entry), elevating real-world risk despite the absence of a CISA KEV listing.
Stored or reflected cross-site scripting in sendportal's Campaign Handler allows an authenticated low-privilege remote attacker to inject malicious script via the 'content' argument at the /webview/ endpoint, affecting all versions up to and including 3.0.1. A victim user must interact with the crafted content for the payload to execute, resulting in low-integrity impact with no confidentiality or availability consequences. No public exploit identified at time of analysis is incorrect here - publicly available exploit code exists (E:P in CVSS temporal), and the vendor has not responded to the coordinated disclosure, leaving no patch available.
Reflected or stored cross-site scripting (XSS) in raisulislamg4's student_management_system_by_php allows authenticated remote attackers to inject malicious scripts via the Message argument in admission_form_check.php. The vulnerability requires a victim to interact with a crafted link or page, triggering script execution in the context of another user's browser session. A public exploit exists per the GitHub issue report; however, the vendor has not responded to disclosure and no patch has been released.
Insecure Direct Object Reference (IDOR) in code-projects Online Hospital Management System 1.0 allows a high-privileged remote attacker to manipulate the `delid` parameter in `viewdoctortimings.php`, resulting in unauthorized modification or deletion of doctor timing records beyond the attacker's intended access scope. The CVSS 4.0 score of 2.0 reflects the high privilege prerequisite (PR:H), low integrity impact (VI:L), and low availability impact (VA:L) to the vulnerable component. No public exploit identified at time of analysis as active exploitation - however, publicly available exploit code exists, documented in a GitHub proof-of-concept writeup.
CSV injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows high-privileged remote attackers to embed malicious spreadsheet formula payloads via the Address and Company Name fields in the Supplier Creation Interface, which are then written unsanitized to exported CSV files. When downstream staff open the exported file in a spreadsheet application such as Microsoft Excel or LibreOffice Calc, the injected formulas execute in that client application's context, enabling information disclosure, data manipulation, or further client-side exploitation. A publicly available proof-of-concept exists (GitHub), though no active exploitation has been confirmed and this CVE is not listed in the CISA KEV catalog.
Stored or reflected cross-site scripting in SourceCodester Pharmacy Sales and Inventory System 1.0 allows authenticated remote attackers to inject malicious scripts via the generic_name parameter of the create_generic_name function at /ShowForm/create_generic_name/main. Exploitation requires victim user interaction (UI:R) to trigger script execution, limiting impact to low integrity loss with no confidentiality or availability impact (CVSS 3.5). Publicly available exploit code exists per the GitHub issue tracker reference, though this CVE is not listed in the CISA KEV catalog and EPSS data was not provided in source intelligence.
Stored or reflected cross-site scripting in SourceCodester Pharmacy Sales and Inventory System 1.0 allows a low-privileged authenticated remote attacker to inject malicious JavaScript via the `medicine_presentation` argument in the `create_medicine_presentation` function at `/ShowForm/create_medicine_presentation/main`. Exploitation requires a victim user to interact with the affected page, limiting blast radius but still enabling session hijacking, credential theft, or UI redirection against authenticated users. Publicly available exploit code exists per a GitHub issue disclosure; no CISA KEV listing is present.
Stored or reflected cross-site scripting (XSS) in SourceCodester Pharmacy Sales and Inventory System 1.0 allows a remote, low-privileged attacker to inject arbitrary JavaScript via the company_name argument in the create_supplier function at /ShowForm/create_supplier/main. Successful exploitation requires a victim user to interact with the malicious content, limiting blast radius, but the CVSS temporal metric confirms a proof-of-concept exploit is publicly available via GitHub. No active exploitation has been identified in CISA KEV, though the low attack complexity and public POC make this a credible risk for unpatched deployments handling sensitive pharmaceutical inventory data.
Cross-site scripting in SourceCodester Pharmacy Sales and Inventory System 1.0 allows a low-privileged authenticated attacker to inject malicious JavaScript via the `medicine_name` parameter at the `/ShowForm/create_medicine_name/main` endpoint, executing arbitrary scripts in the browsers of other users who view the affected page. The CVSS 4.0 score of 2.0 reflects a narrow impact profile - no confidentiality loss and only low integrity impact - but a publicly available proof-of-concept exploit exists (E:P), lowering the barrier to abuse in multi-user deployments such as shared pharmacy management environments. No active exploitation has been confirmed via CISA KEV.
Use-after-free in Assimp's ASE File Parser - specifically the `aiNode::~aiNode` destructor in `scene.cpp` - allows a local, low-privileged attacker to corrupt heap memory, potentially causing denial of service or achieving arbitrary code execution in applications that load 3D model files. All Assimp versions through 6.0.4 are affected. A public proof-of-concept exploit (poc.zip) has been disclosed via GitHub, reducing the skill barrier for exploitation in environments where untrusted ASE-format files can be submitted for processing. No public exploit identified as confirmed actively exploited (CISA KEV) at time of analysis.
Heap-based buffer overflow in Assimp's Half-Life 1 MDL Loader allows a local authenticated attacker to corrupt memory via a crafted MDL file, potentially achieving limited confidentiality, integrity, and availability impact. Affected versions span all releases up to and including 6.0.4 of the open-source asset import library. No public exploit identified at time of analysis as active exploitation, but a proof-of-concept has been publicly released, and the CVSS temporal vector confirms exploit code existence (E:P).
Heap-based buffer overflow in Assimp's Half-Life 1 MDL Loader (versions up to 6.0.4) allows a locally authenticated attacker with low privileges to corrupt heap memory via a crafted MDL animation file, producing low-severity but confirmed confidentiality, integrity, and availability impact. The vulnerability resides in the read_animations function of HL1MDLLoader.cpp and is reproducible with publicly available exploit code (POC). This is not confirmed in CISA KEV, and the Assimp project has tagged the report as a bug rather than a security defect, which may slow patch prioritization.
Heap-based buffer overflow in Assimp's Half-Life 1 MDL Loader (HL1MDLLoader::read_meshes, versions through 6.0.4) allows local attackers with low privileges to trigger memory corruption when a crafted MDL file is processed, yielding partial confidentiality, integrity, and availability impact on the host process. A publicly available proof-of-concept exploit (poc.zip) has been disclosed, raising the urgency for affected deployments that ingest untrusted HL1 model files. No actively exploited status from CISA KEV has been confirmed; the Assimp project has tagged the report as a bug rather than a formal security advisory, and no patched release version has been identified at time of analysis.
Divide-by-zero in Assimp's FBXExporter (UV Channel Handler) up to version 6.0.4 crashes the application when processing maliciously crafted UV channel data during FBX export, resulting in a local denial-of-service condition. An authenticated local user with low privileges can trigger the crash by supplying crafted input to the FBXExporter::WriteObjects function in FBXExporter.cpp. Publicly available exploit code exists via a POC ZIP hosted on GitHub; no active exploitation is confirmed (not in CISA KEV), and the CVSS 4.0 score of 1.9 reflects the severely constrained real-world impact.
Out-of-bounds read in Assimp's Half-Life 1 MDL Loader affects all versions up to 6.0.4, enabling a local low-privileged attacker to leak memory contents by supplying a crafted MDL file that triggers faulty bounds handling in the `read_sequence_infos` function of `HL1MDLLoader.cpp`. Impact is confined to partial confidentiality loss (C:L) with no integrity or availability consequences per the CVSS vector. A publicly available proof-of-concept exploit exists (POC disclosed via GitHub), though no active exploitation has been confirmed and this vulnerability is not listed in the CISA KEV catalog.
Null pointer dereference in whisper.cpp up to version 1.8.2 allows a local authenticated attacker to crash the application via a crafted input during model loading. The vulnerable code path is the whisper_model_load function within ggml/src/ggml.c, resulting in a limited availability impact (application denial of service) with no confidentiality or integrity consequences. A proof-of-concept exploit is publicly available via a GitHub issue report; however, no vendor patch has been released and the project has not yet responded to the disclosure.
Denial of service conditions in SourceCodester Customer Review App 1.0 can be triggered by a locally authenticated low-privilege user through crafted input to the add_review, save_review, or get_all_reviews functions in review_app.py. Manipulation of the name or comment arguments causes improper resource shutdown or release (CWE-404), resulting in application unavailability. No public exploit identified at time of analysis has crossed into confirmed active exploitation per CISA KEV, but a publicly available proof-of-concept exists on Pastebin (https://pastebin.com/Ud5vaGp6), lowering the bar for reproduction.
Out-of-bounds read in janet-lang/janet up to version 1.41.0 allows a local low-privileged attacker to read memory beyond allocated bounds via the doframe debug introspection function in src/core/debug.c. The root cause is missing bounds validation when using symbolmap entries (specifically jsm.death_pc and jsm.slot_index) as array indices into function environments and stack data. No public exploit identified at time of analysis, but publicly available exploit code exists per the POC reference; real-world impact is limited to low-confidence local reads with no availability or integrity consequence (CVSS:4.0 score 1.9).
Integer overflow in the Janet scripting language's fiber unmarshaling routine (versions up to 1.41.0) allows a local authenticated attacker to cause a denial-of-service condition. The vulnerable function `unmarshal_one_fiber` in `src/core/marsh.c` performs an unchecked addition when computing fiber stack capacity - if `fiber_stacktop` is near INT32_MAX, adding 10 wraps the value, resulting in a dangerously small capacity allocation that crashes the interpreter. No public exploitation in production environments has been confirmed (not listed in CISA KEV), but a public proof-of-concept exploit exists, and the upstream patch has been released as commit d9b1d711.
Buffer overflow in OpenSC's pkcs11-tool component (versions up to and including 0.26.1) exposes users of the key generation functionality to memory corruption when processing maliciously oversized PKCS#11 URI object IDs. An unauthenticated remote attacker can trigger the flaw in the test_kpgen_certwrite function, but exploitation requires passive user interaction and high attack complexity, reflected in the extremely low CVSS 4.0 score of 1.3 with impact limited to the vulnerable component only. Publicly available exploit code exists (E:P confirmed in CVSS vector), but no public exploit identified at time of analysis in CISA KEV, and real-world mass exploitation is significantly constrained by the required user participation and attack complexity.
GnuTLS's PKCS#7 padding validation during decryption is not implemented as a constant-time operation, creating a timing side-channel (CWE-208) that remote unauthenticated attackers can exploit to infer padding byte values on CBC-mode cipher suites. Affected deployments include GnuTLS as packaged across Red Hat Enterprise Linux 6 through 10, Red Hat Hardened Images, and Red Hat OpenShift Container Platform 4. Red Hat has issued patch RHSA-2026:20613; no active exploitation is confirmed in CISA KEV, and no public exploit code has been identified, but the network-reachable, no-auth-required attack surface warrants patching on systems handling sensitive encrypted traffic.
Insecure Direct Object Reference (IDOR) in Kiteworks Secure Data Forms prior to version 9.3.0 enables access to other users' resource metadata through insufficient ownership authorization checks on resource identifiers. The vulnerability is classified CWE-639 and carries a CVSS score of 3.7 (Low), reflecting limited confidentiality impact (metadata only, no content) and high attack complexity. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
Incorrect permission enforcement in OTRS External Interface and ConfigItem List module allows an authenticated customer to query Configuration Item (CI) data beyond their authorized group scope. The flaw is conditional - both the CMDB module and CustomerGroupSupport must be active simultaneously, substantially narrowing the affected population. Rated CVSS 3.5 (Low) with no confirmed active exploitation and no public exploit code identified at time of analysis, this is a scoped information disclosure risk primarily threatening organizations that expose CMDB asset data through the customer portal.