Out-of-bounds memory access in Google Chrome's LiveCaption component prior to version 149.0.7827.53 allows a remote attacker to read beyond allocated buffers by delivering crafted network traffic to a user with the feature in use. EPSS is very low (0.03%, 11th percentile) and there is no public exploit identified at time of analysis, though Google's Chromium tracker rated severity Low while NVD's CVSS scored it 8.8 High - a notable disparity worth weighing when prioritizing.
Navigation restriction bypass in Google Chrome's Lens component prior to version 149.0.7827.53 allows a remote attacker to circumvent browser security boundaries via a crafted HTML page. The flaw requires user interaction (UI:R) to trigger, but no authentication, and Google classifies the Chromium security severity as Low despite the NVD CVSS of 8.8. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Session token disclosure in HAX CMS versions 25.0.0 through 26.0.0 (exclusive) stems from the haxcms_refresh_token cookie being issued without the Secure flag, allowing the browser to send it over plaintext HTTP. A network-positioned attacker can capture the refresh token via passive sniffing and hijack the victim's authenticated session. No public exploit identified at time of analysis, and the vendor has published a fix in version 26.0.0.
Remote code execution in WP Captcha PRO (premium version of the Advanced Google reCAPTCHA WordPress plugin) through version 5.38 allows authenticated Subscriber-level attackers to upload arbitrary files, including PHP webshells, by abusing the licensing module's save_ajax() capability check and the unrestricted archive extraction in sync_cloud_protection(). No public exploit identified at time of analysis, but the CVSS 8.8 rating and trivial Subscriber-level prerequisite - common on sites with open registration - make this a high-priority WordPress ecosystem flaw. Wordfence is the original reporter and primary intelligence source.
Authentication bypass in WP Captcha PRO (and the free Advanced Google reCAPTCHA plugin sharing the same slug) for WordPress versions through 5.38 allows authenticated Subscriber-level users to log in as any account, including Administrator. The flaw chains a missing capability check in the ajax_run_tool() AJAX handler with the create_temporary_link tool that issues passwordless login links for arbitrary users, enabling full account takeover. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
OS command injection in HCL Digital Experience 9.5 allows authenticated remote attackers to execute arbitrary operating system commands through the Digital Asset Management API, inheriting the privileges of the application service account and potentially achieving full host takeover and data compromise. The CVSS 4.0 base score of 8.7 reflects high confidentiality, integrity, and availability impact over a network vector with low attack complexity and only low privileges required, though no public exploit identified at time of analysis. The vulnerability was disclosed by the vendor (HCL) and is tracked in ENISA's EUVD as EUVD-2026-34786.
Unauthenticated arbitrary file read in Lyrion Music Server 9.2.0 allows remote attackers to retrieve sensitive files from the host by manipulating directory traversal sequences in file path parameters handled by the embedded web server. The flaw is network-reachable with no authentication or user interaction required, and publicly available exploit code exists via the Zero Science Lab advisory ZSL-2026-5992. No CISA KEV listing or EPSS score was provided, so widespread opportunistic exploitation has not been confirmed, but the low barrier to abuse makes opportunistic scanning likely.
Arbitrary file upload in HAX CMS (PHP backend) versions 11.0.6 through 24.x allows authenticated remote attackers to upload PHP webshells disguised as images by abusing a regex-only extension check that ignores MIME type and content inspection, leading to remote code execution on the web server. CVSS v4.0 scores this 8.7 (High) with PR:L indicating low-privilege authentication is required, and no public exploit was identified at time of analysis although the underlying CWE-434 pattern is highly automatable.
Stored XSS, IDOR, and credential disclosure in Shopper Framework admin Livewire components (versions < 2.8.0) allow authenticated admin users to tamper with arbitrary records, harvest plaintext customer passwords from the page DOM, and persist JavaScript payloads in product barcode fields that execute against any admin viewing the product. The combined issues enable session hijacking and privileged-action chaining within the Laravel-based e-commerce admin panel; no public exploitation has been reported and no public exploit identified at time of analysis.
Stored cross-site scripting in HAX CMS PHP before 26.0.0 lets authenticated low-privilege users upload HTML files with uppercase extensions (.HTML, .Html, .HTM) that bypass the case-sensitive .htaccess Content-Disposition: attachment rule, causing browsers to render the file inline and execute embedded JavaScript in the HAXcms origin. The flaw defeats the mitigation shipped for CVE-2026-22704 and carries a CVSS 8.7 score driven by scope change (S:C) into the victim browser context. No public exploit identified at time of analysis, though the GitHub Security Advisory describes the bypass technique in enough detail to reproduce.
Privilege escalation in Arista CloudVision Exchange (CVX) allows an authenticated attacker with network reach to the Redis service to obtain full root access across every server in the CVX cluster. The flaw stems from CVX's reliance on Redis for inter-node coordination combined with the fact that Redis traffic - including authentication - is transmitted in plaintext, meaning anyone who can sniff a single session can replay credentials to compromise the entire cluster. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Privilege escalation in the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL (GlobalDatabasePlugin) allows an authenticated low-privilege RDS user to gain the privileges of another user — including rds_superuser — by planting a malicious function on an untrusted search path that executes when the targeted user connects through the wrapper. The flaw is rated CVSS 4.0 8.6 (High) and requires user interaction (the victim must initiate a connection via the wrapper), with no public exploit identified at time of analysis. A vendor patch is available in release 2026-05-26.
Privilege escalation in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL (versions prior to 4.0.1) allows a remote authenticated low-privilege RDS user to gain the privileges of another database user - including rds_superuser - by planting a crafted function that executes when the higher-privileged user connects to the cluster through the affected wrapper. No public exploit identified at time of analysis, and the vendor (Amazon) released a fix in version 4.0.1 on 2026-05-13 that fully qualifies function calls in PostgreSQL topology detection queries to close the search-path attack surface.
Stored-to-reflected cross-site scripting in Open XDMoD prior to 11.0.3 allows an authenticated attacker to inject JavaScript into their own user profile and then abuse the built-in password reset workflow to deliver the payload to a victim, executing in the victim's browser and enabling credential theft or full account takeover. The flaw is patched in Open XDMoD 11.0.3 (released 2026-05-12) and there is no public exploit identified at time of analysis; the vendor states no evidence of in-the-wild exploitation.
Remote code execution in the Markdown Preview Enhanced extension (versions before 0.8.28) allows attackers to run arbitrary JavaScript when a victim previews or exports a crafted markdown document containing a WaveDrom diagram. The flaw stems from the renderer evaluating untrusted markdown content with eval() across every render path - live preview, presentation mode, and HTML export - and can also be triggered via raw HTML <script type="WaveDrom"> injection. No public exploit identified at time of analysis; EPSS data was not provided, but the high CVSS 4.0 score (8.6) and trivial trigger via a shared markdown file make this a meaningful risk for developer workstations.
Arbitrary code execution in Markdown Preview Enhanced (shd101wyy) before 0.8.28 lets a crafted markdown document run attacker-controlled JavaScript when rendered or exported, because Bitfield fenced code blocks were evaluated through interpretJS() / vm.runInNewContext() instead of being parsed as data. CVSS 4.0 scores this 8.6 with network vector and active user interaction; no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Remote code execution in Markdown Preview Enhanced before 0.8.28 on Windows allows attackers to inject OS commands through crafted markdown documents that abuse the diagram filename attribute, imported file paths, or the latex_engine code-chunk attribute, all of which were passed through a shell without validation. Exploitation requires the victim to preview the malicious document (UI:A), and no public exploit identified at time of analysis, though VulnCheck-published advisory details and a tagged fix release make weaponization straightforward.
Cryptographic weaknesses in the linqi application (versions ≤1.4.8.5) allow local attackers with low-level privileges to decrypt sensitive obfuscated configuration data, including database connection strings stored in appsettings.json. The flaw combines hardcoded cryptographic keys (CWE-321) with a weak, limited-ASCII-charset algorithm for dynamically generating AES/CBC Initialization Vectors, enabling known-plaintext attacks. No public exploit identified at time of analysis, and the CVE is not present in CISA KEV, but the CVSS 4.0 score of 8.5 reflects high confidentiality and integrity impact.
Privilege escalation via eval-based command injection in Teltonika Networks RUTOS (7.22-7.23.2) and TSWOS (1.09-1.09.1) allows an authenticated lower-privileged operator to execute arbitrary commands as root through the rpc-profile component. The flaw stems from unsafe evaluation of user-controllable input in a Lua/UCI RPC handler and is constrained to local/management-plane access, with no public exploit identified at time of analysis. The CVSS 4.0 score of 8.4 reflects total host compromise once a low-tier admin account is obtained on the device.
Stored cross-site scripting in NocoDB through 2026.05.0 allows a base editor to plant a `javascript:` URL in a form view's `redirect_url`, which executes same-origin in any authenticated viewer's browser when they submit the shared form. The payload can exfiltrate the session token from `localStorage["nocodb-gui-v2"]` and call NocoDB APIs as the victim. No public exploit identified at time of analysis, EPSS 0.07% (21st percentile), but a vendor patch is available in release 2026.05.1.
Arbitrary JavaScript execution in the Markdown Preview Enhanced VS Code extension (0.8.x, bundling crossnote 0.9.28) is triggered when a victim opens or previews a crafted Markdown document containing a malicious wavedrom fenced code block. The WaveDrom rendering pipeline passes block contents directly to window.eval() inside the VS Code webview, letting an attacker abuse the extension's message-passing channel to write arbitrary files to the victim's local filesystem. Vendor patches were released on 2026-06-05; no public exploit was identified at time of analysis and the CVE is not listed in CISA KEV.
Sandbox escape in Google Chrome's GPU process prior to version 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers an integer overflow. The flaw, tagged as a buffer overflow with information disclosure potential, requires user interaction and a chained renderer compromise, and no public exploit has been identified at time of analysis despite Chromium rating the underlying severity as Low.
Server-side request forgery in the shared GraphQL service of Altium Enterprise Server (prior to 8.1.1) and Altium 365 allows authenticated users to coerce the server into issuing arbitrary outbound HTTP GET requests and receiving the response body. The flaw enables reconnaissance of internal services and cloud metadata endpoints not reachable from the public network. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Authenticated path traversal in Altium Enterprise Server (before 8.1.1) and Altium 365 lets a low-privileged user read arbitrary files - including service configuration and credential material - via a crafted path parameter to the Projects Service download endpoint. No public exploit is identified at time of analysis, but the flaw is chainable with CVE-2026-11424 to reach the cloud-side endpoint, and on multi-tenant Altium 365 deployments the leaked credentials could be shared across services, sharply amplifying blast radius.
Cross-workspace Insecure Direct Object Reference in praisonai-platform before 0.1.4 allows any authenticated workspace member to read, modify, or delete AI agents belonging to entirely different workspaces by supplying a foreign agent UUID to the CRUD endpoints. The membership authorization gate checks only whether the caller belongs to the workspace in the URL path - it never verifies that the target agent actually resides in that workspace - so an attacker with any valid JWT can pivot across tenant boundaries. In multi-tenant deployments where agents store LLM API keys in runtime_config (BYOK), this also becomes a credential theft vector. No public exploit is identified at time of analysis, though GHSA-7p8g-6c6g-h9w7 publishes a complete step-by-step exploit chain.
Information disclosure in Arista EOS on platforms with hardware IPsec support can occur when physical interface flaps or specific agent restarts cause IPsec tunnels to re-establish while reusing existing Security Associations, leading to sequence number mismatches between endpoints. The CVSS 4.0 base score of 8.2 reflects high confidentiality impact reachable over the network, though attack requirements (AT:P) indicate specific preconditions must be met. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Authentication bypass of MFA in Termix versions prior to 2.3.2 allows an attacker who already holds a victim's account password to disable TOTP or regenerate backup codes via the POST /users/totp/disable and POST /users/totp/backup-codes endpoints, completely neutralizing the second factor. The flaw stems from these MFA-critical endpoints accepting the account password as the sole authentication factor, meaning credential stuffing, phishing, or a leaked password hash (referenced as GHSA-xxxx) is sufficient to defeat 2FA. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Cross-tenant SSH session hijacking in Termix versions prior to 2.3.2 allows any authenticated user to fully control another user's connected SSH host via predictable session identifiers. Sixteen file-manager endpoints fail to verify ownership of the `sessionId` parameter, enabling read, write, delete, download, and execute operations on victim hosts. No public exploit identified at time of analysis, but the multi-tenant deployment model and low attack complexity make this a high-priority issue for shared installations.
Machine-in-the-middle interception of HTTPS traffic in Termix Desktop (Electron) starting at version 1.7.0 allows attackers positioned on the network path to steal login credentials and JWT/session tokens because the Electron client disables TLS certificate validation entirely. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the CVSS 8.0 rating with scope-change and the absence of any vendor-released patch make this a meaningful concern for any user running Termix Desktop on untrusted networks.
Privilege escalation in Google Chrome's Cast component (versions prior to 149.0.7827.53) allows an adjacent network attacker to elevate privileges by delivering a crafted HTML page that exploits insufficient input validation. Exploitation requires the victim to interact with the malicious content, and no public exploit has been identified at time of analysis despite a CVSS score of 8.0. Google has classified the Chromium security severity as Low, suggesting the practical impact is more constrained than the numeric score implies.
OS command injection in HAX CMS (haxtheweb/haxcms-php) prior to version 26.0.0 allows authenticated remote attackers to execute arbitrary commands as the web server user via Git operations in the PHP backend. The Git.php library passes unsanitized input into proc_open() across 16 of 17 shell-invoking functions, with only commit() correctly using escapeshellarg(). No public exploit identified at time of analysis, though the vendor advisory describes a clear chain to full RCE when combined with configuration manipulation.
Arbitrary code execution in ansible-core's ansible-galaxy role install command allows malicious role authors to execute code on a victim's machine when the victim installs the role. The flaw stems from improper neutralization of argument delimiters (CWE-88) in the src field of meta/requirements.yml, allowing injection of arbitrary git configuration flags. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Out-of-bounds heap write in X.Org X server and Xwayland DRI2 buffer handling allows a local authenticated client to corrupt server memory by requesting multiple DRI2BufferBackLeft attachments alongside one DRI2BufferFrontLeft. Successful exploitation crashes the display server or, when the X server runs setuid root (a still-common legacy deployment), enables local privilege escalation to root. No public exploit is identified at time of analysis and the issue is not listed in CISA KEV.
Local privilege escalation in the X.Org X server and Xwayland arises from a use-after-free in SyncChangeCounter() that a local authenticated attacker can trigger by orchestrating two client connections - one creating multiple SyncCounters, the other destroying them while they are being changed. On systems where the X server still runs as root (common on legacy Linux setups), successful exploitation yields root code execution; at minimum it crashes the display server. No public exploit identified at time of analysis, but the bug is confirmed by Red Hat and a fix has landed upstream in xserver.
Local privilege escalation in the X.Org X server and Xwayland arises from a use-after-free in FreeCounter() when SyncCounter objects are destroyed across multiple client connections. Authenticated local attackers on affected Red Hat Enterprise Linux 6 through 10 systems can crash the server or escalate to root when the X server runs with elevated privileges. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Local privilege escalation in X.Org X server and Xwayland stems from an incomplete fix for CVE-2025-26597, where CheckKeyTypes() fails to clamp non-canonical key types to XkbMaxShiftLevel, enabling stack-based buffer overflows. Authenticated local users on Red Hat Enterprise Linux 6 through 10 can crash the display server or, when X runs as root, escalate to root privileges. No public exploit identified at time of analysis, though the upstream commit reveals the vulnerable code path and the prior CVE-2025-26597 has known exploitation history.
Stack-based buffer overflow in X.Org X server and Xwayland's _XkbSetMapChecks() function allows local authenticated attackers to crash the server or potentially escalate privileges to root when the X server runs with elevated privileges. The flaw resides in CheckKeyTypes() writing to a fixed mapWidths[256] stack buffer at a client-controlled offset, affecting Red Hat Enterprise Linux versions 6 through 10. No public exploit identified at time of analysis, but an upstream fix has been merged into the xserver repository.
Local privilege escalation in the X.Org X server and Xwayland stems from a stack-based buffer overflow during font alias resolution, where a 256-byte server-side stack buffer is overrun by libXfont2 alias target names of up to 1023 bytes. An authenticated local attacker who can influence font alias files can crash the server or, when the X server runs as root, escalate to root privileges. No public exploit is identified at time of analysis and CVSS is 7.8 (Local/Low complexity/Low privileges).
Local privilege escalation in X.Org X server and Xwayland enables authenticated local users to trigger a use-after-free in miSyncDestroyFence() by racing two client connections against a shared fence object. Successful exploitation can crash the display server or escalate privileges to root when the X server runs as root, which remains common on legacy and embedded Linux deployments. No public exploit identified at time of analysis, but an upstream fix has been committed by the X.Org maintainers.
Server-Side Request Forgery in Sync-in Server versions 2.2.1 and earlier allows authenticated low-privileged users to bypass the private-IP blocklist by supplying URLs that resolve to IPv4-mapped IPv6 addresses (::ffff:127.0.0.1, ::ffff:10.x.x.x). The URL download feature's regExpPrivateIP regex fails to recognize the dual-stack representation, letting the server fetch internal resources it should refuse. No public exploit identified at time of analysis beyond the reporter's PoC; the issue is not listed in CISA KEV.
Navigation restriction bypass in Google Chrome on Android prior to 149.0.7827.53 allows a local attacker to circumvent Reader Mode input validation by supplying a malicious file. No public exploit identified at time of analysis, and EPSS scores exploitation probability at just 0.02% (4th percentile), but Google has released a fix in the stable channel. Chromium internally rates this as Low severity despite the elevated NVD CVSS of 7.7.
Sensitive credential disclosure in Sidero Labs Omni (versions 1.3.0–1.6.5 and 1.7.0–1.7.2) allows authenticated users with the low-privileged Reader role to read the ImportedClusterSecrets resource and exfiltrate the full CA private key bundle (Kubernetes, etcd, Talos, and service-account keys) of imported Talos clusters whose secrets have not been rotated. With those keys, attackers can mint cluster-admin certificates and seize complete control of the downstream cluster outside Omni's control plane. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Privilege escalation in Google Chrome's ImageCapture component before 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escape sandbox boundaries via a crafted HTML page. The flaw was reported by Google's internal security team and is rated medium-low by Chromium itself despite the 7.5 CVSS score, and no public exploit identified at time of analysis. SSVC indicates no known exploitation but total technical impact if successfully chained.
Privilege escalation in Google Chrome prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escape sandbox-style restrictions via the Extensions subsystem using a crafted HTML page. The flaw requires user interaction and high attack complexity, and is rated Low severity by the Chromium team despite the 7.5 CVSS score; no public exploit identified at time of analysis.
Cross-origin data disclosure in Google Chrome versions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to leak data across origin boundaries by serving a crafted HTML page through the Plugins component. No public exploit has been identified at time of analysis, and Chromium rates the underlying issue as Low severity despite the NVD CVSS of 7.5. The flaw stems from insufficient validation of untrusted input (CWE-20) within Chrome's plugin handling path.
File truncation bypass in wasmtime-wasi allows guest WebAssembly modules to truncate (destroy contents of) host files that should be read-only, by invoking the wasip2 `descriptor.open-at` or wasip1 `path_open` interfaces with only the `OpenFlags::TRUNCATE` flag set. The bug affects embeddings that combine `DirPerms::MUTATE` with `FilePerms::READ` (read-only file permissions plus directory mutation), defeating the host's enforced `FilePerms::WRITE` access control. No public exploit identified at time of analysis; CVSS 7.5 reflects the integrity-only impact (C:N/I:H/A:N).
Cross-origin data leakage in Google Chrome's Autofill component prior to version 149.0.7827.53 enables remote attackers to exfiltrate sensitive data from other origins by enticing a victim to visit a crafted HTML page. Despite a CVSS score of 7.5 reflecting high confidentiality impact, the EPSS score of 0.03% and Chromium's own 'Low' severity rating indicate limited real-world risk, and no public exploit identified at time of analysis.
Cross-origin data leakage in Google Chrome's Storage Access API affects desktop versions prior to 149.0.7827.53, enabling a remote attacker who has already compromised the renderer process to exfiltrate sensitive cross-origin information via a specially crafted HTML page. Google rates the underlying Chromium severity as Low, though NVD assigns CVSS 7.5 due to the unauthenticated network vector, and no public exploit identified at time of analysis.
Denial of service in OpenDaylight Controller v12.0.5 allows remote unauthenticated attackers to crash or render the SDN controller unavailable by sending crafted input to the Externalizable.readExternal() deserialization component. No public exploit identified at time of analysis, but SSVC flags the flaw as automatable with partial technical impact, and the network attack vector with low complexity makes opportunistic abuse plausible despite a very low EPSS score (0.02%).
Denial of service in Tenda FH451 V1.0.0.9 routers allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a stack overflow in the page parameter handler of the fromDhcpListClient function. EPSS exploitation probability is very low (0.01%, 3rd percentile) and no public exploit identified at time of analysis, though proof-of-concept artifacts appear to be hosted in a public GitHub research repository. The flaw is not listed in CISA KEV.