Improper input type validation in Boost Serialization versions up to 1.91 allows remote attackers to send maliciously crafted serialized data that triggers limited compromise of confidentiality, integrity, and availability. Publicly available exploit code exists (published as a GitHub gist by researcher TrebledJ), and the maintainer has indefinitely postponed a fix after the 90-day disclosure deadline expired, leaving downstream C++ applications using Boost Serialization unpatched. No active exploitation has been confirmed via CISA KEV.
Type confusion in USCiLab Cereal C++ serialization library through version 1.3.2 allows remote attackers to trigger memory corruption via the Shared Pointer Handler component when deserializing untrusted input. Publicly available exploit code exists (published as a GitHub gist), and the issue was disclosed by VulDB after early vendor contact. CVSS 7.3 reflects network-reachable, low-complexity exploitation with low impact across confidentiality, integrity, and availability - consistent with a memory-safety flaw in a header-only library embedded in downstream applications.
Command injection in GL.iNet GL-MT3000 router firmware (versions up to 4.4.5) allows a low-privileged remote attacker to execute arbitrary OS commands by manipulating the 'device' argument passed to the iwinfo_backend function in iwinfo.so. A public proof-of-concept exploit is available on GitHub, raising the realistic likelihood of opportunistic abuse. The vendor has confirmed the issue and released firmware 4.7 with a global injection interception protection in the SDK.
Path traversal in jishenghua jshERP up to version 3.6 allows authenticated remote attackers to manipulate the `fileName` argument at the `addAccountHeadAndDetail` endpoint, producing limited but confirmed integrity and availability impacts (I:L/A:L). The vulnerability is in `AccountHeadService.java` within the Java ERP application, and a proof-of-concept exploit has been publicly disclosed via the project's GitHub issue tracker. The vendor had not responded to the responsible disclosure at time of reporting, and no patch is available.
Improper access control in zilliztech deep-searcher up to version 0.0.2 allows authenticated remote attackers to bypass collection-level authorization in the vector database layer. The CollectionRouter.invoke function in collection_router.py lists and queries all vector database collections without filtering by the caller's authorized scope, meaning a low-privileged user can retrieve data from collections they should not have access to. No public exploit identified via CISA KEV, but publicly available exploit code (POC) exists per the GitHub issue tracker and the CVSS 4.0 E:P modifier confirms this.
Authorization bypass in NousResearch hermes-agent up to 0.12.0 allows remote low-privileged authenticated attackers to access or manipulate sessions belonging to other users by supplying an arbitrary session title to the resume endpoint's `resolve_session_by_title` function without ownership verification. A public proof-of-concept exploit has been disclosed via GitHub Gist, and the vendor did not respond to pre-disclosure contact, meaning no patch is currently available. With CVSS 6.3 and a temporal exploit-partial modifier, this presents elevated practical risk in multi-tenant or shared-instance deployments where session isolation is a security boundary.
SQL injection in Tiobon Employee Self-Service System versions up to 7.2 allows authenticated remote attackers to manipulate the Keyword parameter in /Blog/BlogSearch.aspx, executing arbitrary SQL against the underlying database with low impact across confidentiality, integrity, and availability. Publicly available exploit code exists and has been disclosed via VulDB, while the vendor failed to respond to responsible disclosure, leaving no vendor-released patch at time of analysis. This is not confirmed as actively exploited (not in CISA KEV), but the low-complexity, network-reachable nature combined with a public proof-of-concept represents a credible opportunistic risk for organizations running this HR application.
Stored or reflected cross-site scripting in SourceCodester Hospitals Patient Records Management System 1.0 allows a remote, authenticated administrator to inject malicious client-side scripts via the unvalidated `room` argument at the `/admin/?page=room_types` endpoint. The CVSS score of 2.4 (Low) accurately reflects the constrained conditions: exploitation requires admin-level credentials (PR:H) and victim interaction (UI:R), limiting blast radius to the admin panel. A publicly available proof-of-concept exploit exists via a GitHub issue, but no active exploitation has been confirmed by CISA KEV.
Information disclosure in SecureAge CatchPulse (versions up to 10.9.1) is triggered through an improperly secured IOCTL handler within the saappctl.sys kernel-mode driver, allowing a low-privileged local user to extract sensitive data from the driver's memory space. A public proof-of-concept exploit exists per VulDB reporting, increasing the likelihood of opportunistic local use - particularly as a reconnaissance step within a broader privilege escalation chain. No vendor patch has been issued and the vendor did not respond to coordinated disclosure, leaving all installations of affected versions unmitigated.
Command injection in FoundationAgents MetaGPT through version 0.8.2 allows a remote, low-privileged attacker to execute arbitrary OS commands by manipulating the mermaid.path configuration argument passed to the check_cmd_exists function in metagpt/utils/common.py. A publicly available proof-of-concept (documented on Notion) demonstrates exploitation; however, this is not listed in CISA KEV and the CVSS vector assigns high attack complexity (AC:H), tempering real-world exploitability. The vendor project has not responded to the responsible disclosure filed via GitHub issue #2037, and no patched release is available at time of analysis.
Race condition in songquanpeng one-api's redemption code feature allows authenticated users to redeem a single-use code multiple times by sending concurrent requests before the transaction completes. The root cause is confirmed by PR diff: the codebase uses deprecated GORM v1 syntax (`tx.Set("gorm:query_option", "FOR UPDATE")`) that does not reliably apply a database row lock in GORM v2, leaving the transaction window unprotected. All versions up to 0.6.11-preview.7 are affected; a fix exists as an unmerged pull request, and publicly available exploit code is referenced in GitHub issue #2397 - no public exploit has been identified at time of analysis.
Information disclosure in JeecgBoot up to 3.9.2 allows authenticated remote attackers to extract password salt values by manipulating the `salt` argument in the `queryPageList` function of the User List Endpoint (`SysUserController.java`). While the CVSS score is low (3.1) due to high attack complexity and a low-privilege authentication requirement, a publicly available proof-of-concept (GitHub issue #9648) exists and no vendor patch has been released - only one planned for a future version. Exposure of salt values is particularly sensitive as it can facilitate offline password hash cracking if hashes are separately obtained.