Use-after-free in OpENer's EtherNet/IP stack (versions up to 2.3.0) exposes industrial control system deployments to remote memory corruption via the CIP SendRRData handler. A low-privileged network attacker can manipulate the `CreateMessageRouterRequestStructure` function in `cipmessagerouter.c` to access freed memory, leading to denial of service, memory corruption, or potentially arbitrary code execution. A public proof-of-concept exploit has been disclosed, and the maintainer has not responded to the coordinated disclosure issue (#566), meaning no patch is available at time of analysis.
Improper authorization across multiple administrative endpoints in SourceCodester Online Boat Reservation System 1.0 allows remote authenticated attackers with low-privilege accounts to bypass access controls and interact with admin-only functionality. The vulnerability, classified as broken access control (CWE-285), enables unauthorized reads, writes, and limited availability impact on restricted resources. A publicly available proof-of-concept exploit has been disclosed on Medium, and no public exploit identified at time of analysis meets the CISA KEV threshold - however, the existence of a walkthrough PoC materially lowers the barrier to exploitation.
Integer overflow in the cilium/ebpf Go library (versions up to 0.21.0) allows a local authenticated user to cause an availability impact by supplying crafted BPF Type Format (BTF) data to the LoadCollectionSpec or LoadCollectionSpecFromReader APIs. The flaw resides in the loadRawSpec function where 32-bit header field arithmetic was performed using signed int types, enabling overflow to bypass bounds checks on StringOff, StringLen, TypeOff, and TypeLen fields. No public exploit identified at time of analysis as a KEV listing, though publicly available exploit code exists per VulDB and the CVSS temporal component E:P confirms a proof-of-concept is circulating.
Hash collision weaknesses in SGLang's multimodal Cache Handler (all versions through 0.5.11) allow a local low-privilege attacker to craft multimodal tensor inputs that produce identical cache keys via truncated SHA256 digests, causing incorrect cache lookups or cache invalidation failures that disrupt LLM serving workflows. The CVSS 4.0 score of 1.1 reflects the strictly local attack vector and high exploitation complexity, limiting real-world impact primarily to multi-tenant inference deployments. Publicly available exploit code exists per GitHub issue #25462, though no confirmed active exploitation has been observed and the vulnerability is not listed in the CISA KEV catalog.
HTTP/2 request parsing in Vinyl Cache and Varnish Cache enables backend request desync (HTTP request smuggling), exploitable for cache poisoning, authentication bypass, and information disclosure against affected deployments. Vinyl Cache prior to 9.0.1 and Varnish Cache prior to 9.0.3, plus legacy pre-split Varnish Cache branches spanning versions 6.0.14 through 8.0.1, are confirmed affected across three distinct CPE lineages. Exploitation is gated behind an explicitly non-default configuration - HTTP/2 must be enabled via the +http2 feature parameter - which substantially limits exposure; no public exploit code and no CISA KEV listing have been identified at time of analysis.
Resource exhaustion in Dask up to version 3.0 allows authenticated remote attackers to trigger excessive resource consumption via the `nunique_approx` function in the HyperLogLog (HLL) handler component. The root cause is a HashDoS vulnerability - adversarially crafted string or object-type input values can be engineered to collide within the 32-bit hash space used for approximate distinct counting and shuffle partitioning, causing partition hotspotting and disproportionate CPU/memory load on worker nodes. No public exploit code exists at time of analysis, and the CVSS score of 3.1 (Low) with AC:H and A:L confirms limited real-world availability impact absent a targeted, high-complexity effort.
Incorrect cache storage in Django's UpdateCacheMiddleware exposes responses that should have been excluded from caching due to uppercase or mixed-case Cache-Control directives (e.g., 'Private', 'NO-STORE'). Affected versions 5.2.x before 5.2.15 and 6.0.x before 6.0.6 fail to perform case-insensitive comparison of Cache-Control directive strings, causing the middleware to cache responses it should skip, which remote attackers can then retrieve. No public exploit has been identified at time of analysis, and active exploitation is not confirmed; the low CVSS 4.0 score of 2.3 accurately reflects limited scope, though real-world impact scales with how sensitive the incorrectly cached data is.
Cache-bypass information disclosure in Django's `has_vary_header()` utility allows remote attackers to read cached HTTP responses intended for other users by exploiting improper whitespace handling in `Vary` header comparisons. Affected versions are Django 5.2.x before 5.2.15 and 6.0.x before 6.0.6; earlier unsupported series (5.0.x, 4.1.x, 3.2.x) were not evaluated and may also be affected per the vendor. The CVSS 4.0 score of 2.3 reflects constrained real-world impact requiring both a non-default prerequisite condition and user interaction, with no public exploit or confirmed active exploitation identified at time of analysis.
Cache information disclosure in Django 5.2.x and 6.0.x allows remote unauthenticated attackers to read private authenticated responses served from shared caching layers. The `UpdateCacheMiddleware` component omits `Authorization` from the `Vary` response header when authenticated requests lack an explicit `Cache-Control: public` directive, causing caches to serve authenticated users' responses to subsequent unauthenticated requestors at the same URL. No public exploit has been identified at time of analysis, and the CVSS 4.0 score of 2.3 reflects meaningful - but constrained - real-world impact gated behind specific deployment prerequisites.
Django's SMTP email backend silently downgrades to cleartext transmission when a STARTTLS handshake fails under the `fail_silently=True` configuration, exposing email content to on-path network interception. Affected are Django 6.0.x before 6.0.6 and 5.2.x before 5.2.15; older unsupported series (5.0.x, 4.1.x, 3.2.x) were not evaluated but may also be vulnerable. No public exploit has been identified at time of analysis, and the CVSS 4.0 score of 2.3 reflects the high attack complexity and mandatory on-path network positioning required for exploitation.
Cookie context confusion in Django's signed cookie implementation allows a remote low-privileged attacker to substitute a cookie signed in one application context into a different context where a distinct (name, salt) pair produces the same concatenated string. Affected are Django 6.0 before 6.0.6 and Django 5.2 before 5.2.15; older unsupported series (5.0.x, 4.1.x, 3.2.x) were not evaluated but may also be affected. The real-world impact is limited to low-confidence data exposure (VC:L), with no public exploit identified at time of analysis, and the CVSS 4.0 score of 2.3 reflects a low-severity, contextually constrained flaw.
ReDoS (Regular Expression Denial of Service) in wonderwhy-er DesktopCommanderMCP versions up to 0.2.38 allows authenticated remote attackers to exhaust server CPU by supplying crafted regex patterns with nested quantifiers to the start_search function in src/search-manager.ts. The unpatched code compiled user-controlled regex patterns directly into JavaScript RegExp objects without validating for catastrophic backtracking constructs, enabling partial availability degradation. A public proof-of-concept exploit exists (CVSS E:P), though the vulnerability is not listed in CISA KEV, and the CVSS 4.0 base score of 2.1 reflects its limited, low-availability impact.
Uncontrolled resource consumption in johnhuang316 code-index-mcp versions up to 2.14.0 allows an authenticated remote attacker with low privileges to trigger a denial of service by supplying a catastrophically backtracking regex pattern to the `search_code_advanced` tool's `regex` argument. The `is_safe_regex_pattern` validation function fails to reject pathological patterns, causing the MCP server process to exhaust CPU resources and become unresponsive. A public proof-of-concept exploit exists (CVSS 4.0 E:P); no active exploitation via CISA KEV has been reported, and impact is limited to availability of the vulnerable component only.
Server-Side Request Forgery in wonderwhy-er DesktopCommanderMCP 0.2.37 allows low-privileged remote MCP clients to coerce the server into fetching arbitrary internal URLs via the `url` argument of the `readFileFromUrl` function in `src/tools/filesystem.ts`. The unpatched server performs no origin validation and follows HTTP redirects automatically, enabling attackers to reach RFC 1918 private networks and cloud instance metadata services (AWS/GCP/Azure at 169.254.169.254) from the server's network context. Publicly available exploit code exists (CVSS 4.0 E:P), though no CISA KEV listing is present at time of analysis.
HTML injection in Thinkst Applied Research Canarytokens notification emails for 'Slow Redirect' and 'Cloned Website' token types allows an attacker who triggers those tokens to embed arbitrary HTML and JavaScript into the alert email sent to the operator. If the recipient opens the notification in an HTML-rendering email client, the injected content executes within that client's context, enabling interface manipulation and XSS. This affects self-hosted Docker deployments between tag sha-c42435e and sha-bfda4df; a proof of concept exists (CVSS E:P), though no public exploit confirmed active exploitation and CISA KEV listing is absent.
SHA-1 hash collisions in mlrun's DataFrame Hash Handler allow a local authenticated user to corrupt dataset artifact integrity in ML pipelines up to version 1.12.0-rc3. The `calculate_dataframe_hash` function in `mlrun/utils/helpers.py` uses SHA-1 over raw pandas hash bytes without encoding type or schema information, meaning structurally distinct DataFrames - differing only in column dtype (e.g., bool vs int, int8 vs int64, datetime64[ns] vs int64) - produce identical hashes. Publicly available exploit code exists (disclosed via GitHub issue #9691 and PR #9692 with concrete collision test cases); no active exploitation is confirmed in CISA KEV.