Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.4.2604.3 and 10.2.2510.14) allows remote attackers to create or truncate files on the host via an unauthenticated PostgreSQL sidecar service endpoint. The CVSS 9.8 vector (AV:N/AC:L/PR:N/UI:N) reflects trivial network exploitation, and no public exploit identified at time of analysis, though the missing-auth root cause and Splunk's high-value position in enterprise SOCs makes prompt patching warranted.
Unauthenticated arbitrary file upload in the Schema & Structured Data for WP & AMP WordPress plugin before version 1.60 allows remote attackers to upload any file type accepted by WordPress's media library through frontend AJAX handlers intended for images and videos only. The plugin fails to perform user capability checks and does not validate uploaded file content against the endpoint's declared media type. Publicly available exploit code exists via WPScan, increasing the urgency for immediate patching despite no confirmed in-the-wild exploitation.
Stored cross-site scripting in the Anti-Spam by CleanTalk Spam Protection WordPress plugin before 6.79 allows unauthenticated remote attackers to inject arbitrary JavaScript into approved comments via a custom shortcode in the email-encoding feature, with execution occurring when any visitor or administrator views the affected post. Publicly available exploit code exists per WPScan, increasing exposure for the plugin's large WordPress installation base, though it requires user interaction (UI:R) to trigger the payload. The high CVSS score of 8.8 reflects the potential for administrator account compromise leading to full site takeover.
Denial of service in the image-size Node.js library through version 2.0.2 allows remote unauthenticated attackers to permanently hang the Node.js event loop by supplying a crafted JXL or HEIF image containing a box with a zero-valued size field. Publicly available exploit code exists and an upstream fix has been merged, making this a credible availability threat for any service that accepts user-supplied images and runs them through image-size. No active exploitation has been reported in CISA KEV at time of analysis.
Denial of service in the image-size Node.js library (versions up to and including 2.0.2) allows remote unauthenticated attackers to permanently stall the Node.js event loop by submitting a malformed ICNS image. The flaw stems from an infinite loop in the ICNS parser when an entry length field is zero, and publicly available exploit code exists per VulnCheck and an independent write-up; no public exploit identified at time of analysis indicates active exploitation, but the POC makes weaponization trivial.
Unauthenticated SQL injection in the XStore WordPress theme before 9.7.3 allows remote attackers to inject arbitrary SQL queries through an AJAX action that fails to sanitise and escape a user-supplied parameter. Publicly available exploit code exists per WPScan, and the changed scope (S:C) with high confidentiality impact indicates an attacker can extract sensitive data across security boundaries - including WordPress user records, password hashes, and configuration secrets - without any credentials or user interaction.
Unauthenticated time-based SQL injection in the Newsletters plugin for WordPress (versions up to and including 4.13) allows remote attackers to extract sensitive database contents via the 'wpmlsubscriber_id' parameter. The flaw stems from insufficient input escaping and lack of prepared statements, and no public exploit identified at time of analysis. The CVSS 7.5 score reflects confidentiality-only impact with no required authentication or user interaction.
OS command injection in the NodejsFunction local bundling pipeline of aws-cdk-lib prior to 2.245.0 (2.246.0 on Windows) allows an actor controlling bundling property values (externalModules, define, loader, inject, or esbuildArgs) to execute arbitrary commands on the host running the CDK toolchain via shell metacharacter injection. The flaw, reported by Amazon and tracked under GHSA-999r-qq7v-r334, affects developer and CI/CD machines synthesizing CDK applications. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Privilege escalation in Fission prior to version 1.24.0 allows a tenant holding environments.fission.io create/update RBAC to define Environment custom resources with privileged, allowPrivilegeEscalation, or dangerous Linux capabilities on the bare Runtime.Container or Builder.Container fields, which bypass the existing PodSpec safety validator and get scheduled under the executor's high-privilege service account. Successful abuse enables container-sandbox escape, host filesystem and network access, and node- or cluster-level compromise. No public exploit identified at time of analysis, but the upstream fix is published in v1.24.0.
Privilege escalation in Fission (Kubernetes-native serverless framework) prior to version 1.24.0 allows a tenant with Function CRUD permissions to supply an arbitrary Function.spec.podspec that the Container Executor merges into the executor-built podspec, resulting in a Deployment whose pods can break the container sandbox and reach node or cluster level. No public exploit identified at time of analysis, but the upstream fix (PR #3391) explicitly enumerates host namespaces, privileged contexts, hostPath mounts, service account overrides, and dangerous Linux capabilities as the abused fields. CVSS 9.9 with scope change (S:C) reflects that a low-privilege tenant can pivot beyond its own RBAC boundary.
Privilege escalation in Fission (Kubernetes-native serverless framework) prior to version 1.24.0 allows a tenant with Environment CRD write access to escape the container sandbox and reach node- or cluster-level privileges by setting unfiltered fields in spec.runtime.podSpec or spec.builder.podSpec. Because the fission-executor and fission-builder service accounts schedule pods on the tenant's behalf, attacker-controlled values for hostNetwork, hostPID, hostIPC, container privileged, and serviceAccountName are merged into pod specs without validation. No public exploit identified at time of analysis, but the patch's hardening scope (also closing GHSA-wmgg-3p4h-48x7 and GHSA-v455-mv2v-5g92) shows the issue is broader than a single field.
Privilege escalation in Fission prior to 1.24.0 allows an authenticated user with permission to create or modify Environment custom resources to abuse unvalidated podSpec passthrough fields (Environment.spec.runtime.podSpec and spec.builder.podSpec), causing MergePodSpec to propagate dangerous fields - notably AutomountServiceAccountToken - into the generated builder/runtime pods. Because the fission-builder ServiceAccount token then becomes accessible from a user-supplied container, an attacker can pivot from a Fission tenant into broader Kubernetes cluster privileges (CVSS 9.9, Scope:Changed). No public exploit identified at time of analysis.
Remote code execution in Roxy-WI versions 8.2.6.4 and prior allows authenticated low-privilege users (role ≤ 3) to inject arbitrary HAProxy directives via unvalidated JSON option fields in the HAProxy section-save API endpoints, achieving command execution as the haproxy user on every managed load balancer. No public exploit has been identified at time of analysis, but the attack is straightforward given the documented injection path through the section.j2, global.j2, and defaults.j2 Ansible templates, and no vendor-released patch is available.
Remote code execution in Roxy-WI versions 8.2.6.4 and prior allows authenticated users to write attacker-controlled content to arbitrary absolute paths on managed load balancers via the WAF rule save endpoint. By dropping a malicious cron file (e.g., /etc/cron.d/nginx_cfg_evil), an attacker achieves root-level code execution on every load balancer in the caller's group. No public exploit identified at time of analysis, and no vendor-released patch is currently available, making this a high-priority issue for any exposed deployment.
Privilege escalation and cross-tenant compromise in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user - including the default guest role 4 - to install or reconfigure exporters, WAF, and GeoIP databases on every managed server regardless of tenant ownership. Because the affected installer endpoints lack role and group decorators, low-privilege users can pivot through stored SSH credentials with sudo to achieve root-level command execution on HAProxy/Nginx/Apache hosts belonging to other tenants. No public exploit identified at time of analysis, but the issue is unpatched and rated CVSS 9.9.
Remote code execution in Splunk Enterprise, Splunk Cloud Platform, and the Splunk Secure Gateway app allows a low-privileged authenticated user (without 'admin' or 'power' roles) to execute arbitrary Python on the server by abusing unsafe jsonpickle deserialization of App Key Value Store (KV Store) data. CVSS is 8.8 (network, low complexity, low privileges) and the issue is currently rated as no public exploit identified at time of analysis. The flaw is reported by Cisco and disclosed via Splunk advisory SVD-2026-0601.
Unauthenticated privilege escalation in the Doctreat Core WordPress plugin (versions ≤ 1.6.8) allows remote attackers to register accounts directly as administrators by abusing insufficient role validation in the doctreat_process_registration() function. With a CVSS of 9.8 and trivial exploitability (AV:N/AC:L/PR:N/UI:N), full site takeover is possible without credentials, though no public exploit has been identified at time of analysis and the CVE is not currently listed in CISA KEV.
Arbitrary file write in kubev2v assisted-migration-agent allows an unauthenticated attacker on the same LAN to achieve code execution on the appliance by uploading a crafted gzipped tarball that bypasses path traversal checks via chained symlinks. The flaw resides in the VDDK tarball extraction routine (extractTarGz in internal/services/vddk.go) and has a high CVSS of 9.6 due to scope change and full CIA impact, though no public exploit has been identified at time of analysis.
{id}/image-url` endpoint to obtain presigned S3 download URLs for OVA images belonging to other users/organizations. The leaked OVA contains long-lived agent JWTs and source configuration, enabling cross-tenant takeover of victim sources. No public exploit identified at time of analysis, but the upstream fix in PR #1218 confirms the access-control gap.
Cross-tenant data tampering in kubev2v migration-planner allows an authenticated agent token holder to overwrite inventory and status data belonging to other tenants. The agent-API middleware accepts any valid JWT without verifying the token's source_id claim matches the source ID in the UpdateSourceInventory and UpdateAgentStatus request paths, enabling complete tenant isolation collapse. No public exploit identified at time of analysis, but the upstream fix in PR #1213 (kubev2v/migration-planner) confirms the issue is real and trivially exploitable given a low-privileged agent token.
High-severity information disclosure flaw in QNAP QTS NAS operating system versions 5.2.0 through 5.2.7.3256 build 20250913 allows remote unauthenticated attackers to obtain sensitive data over the network with low attack complexity, per CVSS v4.0 vector AV:N/AC:L/PR:N/UI:N rating 9.2. The vendor has released a fix, and notably QuTS hero is explicitly unaffected. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Metric injection in the Perl module Metrics::Any::Adapter::DogStatsd before 0.04 allows remote attackers to inject arbitrary StatsD/DogStatsD metrics by smuggling newline characters through unsanitized metric names and tags. Because the StatsD protocol treats newlines as packet delimiters for multiple metrics, attacker-controlled values forwarded into the adapter can forge additional metrics or tag payloads on the wire, with no public exploit identified at time of analysis and an EPSS score of 0.03% indicating low near-term exploitation probability.
Cross-tenant data tampering in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user to silently overwrite HTTP, TCP, Ping, and DNS monitoring checks belonging to other tenants by sending a crafted PUT /smon/check request with another tenant's smon_id. The flaw stems from missing user_group authorization on the UPDATE SQL path (CWE-639, IDOR), while the DELETE path is correctly filtered - confirming the maintainers knew the right pattern but failed to apply it on update. No public exploit identified at time of analysis, and no vendor-released patch is available, raising operational risk for multi-tenant deployments.
Mass data deletion in Red Hat's kubev2v migration-planner SaaS platform allows attackers to wipe all customer sources, agents, and assessments via an unprotected DELETE /api/v1/sources endpoint. The endpoint lacks both authorization checks and tenant filtering, so a single request destroys data across the entire multi-tenant deployment. No public exploit identified at time of analysis, but the upstream fix (PR #1227) removes the endpoint entirely, confirming the issue is real and trivially reachable.
Authentication bypass in dhax/go-base Go REST API boilerplate (versions prior to commit cc82b974, merged May 17, 2026) allows remote unauthenticated attackers to forge JWT tokens for arbitrary users including administrators. The signing secret is hardcoded to the literal string 'random' in both the dev.env template and as a Viper default in cmd/serve.go, and publicly available exploit code exists in the advisory. No CISA KEV listing or EPSS data is provided, but the secret is trivially derivable from the public GitHub repository.
Denial of service in Erlang/OTP erts (inet_drv SCTP handler) lets unauthenticated remote attackers crash the BEAM VM by sending a single crafted SCTP ERROR chunk to a listening SCTP port. The flaw is a stack-based buffer overflow (CWE-121) in sctp_parse_error_chunk, with the publicly disclosed advisory from the Erlang Ecosystem Foundation (EEF) and an upstream commit confirming the fix; no public exploit identified at time of analysis, and the overflow only permits writing 16-bit values interleaved with a fixed tag, limiting impact to DoS plus minor memory disclosure.
Server-side template injection in Apache OFBiz before 24.09.07 allows authenticated users holding Content or DataResource editing privileges to inject template code that is rendered by the framework, resulting in remote code execution on the application server. The flaw is rated CVSS 8.8 with publicly available exploit code exists via the oss-security disclosure thread, though EPSS sits at 0.09% (26th percentile), indicating broad opportunistic exploitation has not yet been observed. Apache has shipped a fix in 24.09.07 and recommends immediate upgrade.
Authenticated remote code execution in Jenkins 2.567 and earlier (LTS 2.555.2 and earlier) allows attackers with permission to submit config.xml to trigger deserialization of arbitrary core or plugin types that subsequently handle HTTP requests, enabling user impersonation, Script Console abuse, and arbitrary file reads from the controller. The flaw is tracked as a CWE-502 unsafe deserialization issue with a CVSS 3.1 score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). No public exploit identified at time of analysis, but the vendor (Jenkins project) has issued a coordinated advisory and patched releases.
Session hijacking in Pi-hole FTL versions prior to 6.6.1 stems from a race condition in the CivetWeb-based HTTP session management subsystem introduced during the v6.0 rewrite. Remote attackers can leverage concurrent requests to compromise web admin session state, potentially gaining high-impact access (C:H/I:H/A:H per CVSS 8.8) to the DNS sinkhole and network filtering controls. No public exploit identified at time of analysis, but vendor has published an upstream fix in v6.6.1.
Privilege escalation from REE to TEE in Espressif ESP-IDF 5.5.4 and 6.0 lets a low-privileged user-application caller abuse esp_tee secure-service wrappers (AES, SHA, ECC, HMAC, SPI, MMU, WDT, attestation, OTA, secure storage) due to insufficient buffer-range validation in esp_secure_services.c and esp_secure_services_iram.c. EPSS is 0.02% and there is no public exploit identified at time of analysis, but technical impact is total because the flaw lets REE code reach TEE-protected hardware peripherals and security services.
Privilege escalation in Apache OFBiz versions prior to 24.09.07 allows a low-privileged authenticated user to elevate their permissions to a higher-privileged role, leading to full compromise of confidentiality, integrity, and availability of the ERP system. The flaw is rooted in improper authorization (CWE-285) and is exploitable remotely over the network with low complexity once valid low-tier credentials are held. No public exploit identified at time of analysis, and EPSS scoring (0.02%) plus CISA SSVC (Exploitation: none) suggest no observed exploitation activity yet.
Authenticated command injection in Roxy-WI versions 8.2.6.4 and prior allows low-privileged users (role <= 3, 'user') to execute arbitrary OS commands by abusing the configver URL-path parameter on POST /config/versions/<service>/<server_ip>/<configver>/save, which flows unsanitized into an os.system() call wrapping dos2unix. No public exploit identified at time of analysis, but the GHSA advisory is published and no vendor patch exists, leaving exposed instances at immediate risk of full compromise of the management interface host.
Unauthorized data access and action execution in QNAP QuMagie versions prior to 2.9.0 allows remote attackers to bypass authorization checks and interact with resources they should not be permitted to reach. The flaw is classified as a missing authorization issue (CWE-862) and carries a CVSS 4.0 score of 8.7 due to its network-reachable, low-complexity nature with no privileges or user interaction required. No public exploit identified at time of analysis, but QNAP NAS appliances are historically high-value targets for opportunistic attackers.
Stack-based buffer overflow in QNAP File Station 5 versions 5.5.0 through 5.5.6.5208 allows authenticated remote attackers to corrupt memory and crash processes on affected NAS deployments. CVSS 4.0 score of 8.7 reflects high impact across confidentiality, integrity, and availability, though exploitation requires valid user credentials (PR:L). No public exploit identified at time of analysis, and the CVE is not currently listed in CISA KEV.
Pairing soundness flaw in OpenVM's openvm-pairing guest library prior to version 1.6.0 allows attackers to produce zero-knowledge proofs that pass a pairing check despite being mathematically invalid, because the try_honest_pairing_check function fails to verify that the scaling factor s lies in a proper subfield of Fp12 as required by Theorem 3 of eprint 2024/640. The vulnerability carries an 8.7 CVSS 4.0 score with high integrity impact and no confidentiality or availability impact, and no public exploit identified at time of analysis. The vendor patched it in OpenVM v1.6.0 as part of a coordinated security release addressing four advisories.
SQL injection in Ghidra's BSim binary-similarity component (versions before 12.1) allows authenticated remote attackers to inject arbitrary SQL via filter types that concatenate user-supplied values directly into PostgreSQL queries. Successful exploitation lets an attacker read, modify, or delete contents of the backing BSim PostgreSQL database used to store function signatures. No public exploit identified at time of analysis, though a vendor security advisory has been published by NSA on GitHub.
Denial of service in kafka-python versions prior to 2.3.2 allows a malicious or man-in-the-middle Kafka broker to freeze the client's event loop during SCRAM authentication by returning an excessive PBKDF2 iteration count. Because ScramClient.process_server_first_message() forwards the broker-supplied value directly to hashlib.pbkdf2_hmac() without bounds checking, producers, consumers, admin clients, and group heartbeats all stall, leading to consumer-group eviction and reconnect loops. No public exploit identified at time of analysis, though VulnCheck has published a vendor-style advisory and an upstream patch has been merged.
Remote denial-of-service in multiple Dahua video surveillance product lines (IPC, SD, NVR, XVR, EVS, VTO, VTH, ASI, TPC) allows unauthenticated network attackers to send a specially crafted packet that triggers an unhandled exception (CWE-617), forcing the device into an unexpected reboot. The CVSS 4.0 score of 8.7 reflects high availability impact with no required privileges or user interaction, and no public exploit identified at time of analysis.
Authentication bypass in NSA Ghidra versions prior to 12.1 allows any holder of a valid CA-signed certificate to impersonate arbitrary users by submitting their public certificate alongside a null signature to PKIAuthenticationModule.authenticate(). Successful exploitation yields privilege escalation, tampering of repository access controls, exfiltration of shared reverse-engineering databases, and persistent compromise of the Ghidra server. No public exploit identified at time of analysis, but a vendor patch and detailed advisory from VulnCheck are available.
Unauthenticated remote denial-of-service in Kanidm identity management server versions prior to 1.9.3 allows any network attacker to crash the entire kanidmd daemon by sending a single GET request to any /scim/v1/* endpoint with a deeply nested parenthesised ?filter= query string. The recursive-descent PEG parser exhausts the worker thread's 2 MiB stack, triggering Rust's std::process::abort(). No public exploit identified at time of analysis, but technical details and root cause are fully disclosed in the upstream advisory.
Denial of service in the kafka-python client library (versions prior to 2.3.2) allows a malicious Kafka broker or man-in-the-middle attacker to exhaust client memory or wedge connections by sending a crafted 4-byte frame length header. The protocol parser's receive_bytes() function performs no bounds check on the declared frame size, leading to multi-gigabyte allocations or uncaught ValueError exceptions that stop consumer heartbeats. No public exploit identified at time of analysis; reported by VulnCheck with an upstream patch already merged.
SQL injection in Ghidra's PostgreSQL collaboration backend (versions 11.0 through pre-12.1) allows authenticated users to escalate to PostgreSQL superuser by injecting crafted username strings into ALTER ROLE statements issued by the changePassword() method. Exploitation requires only low-privileged authenticated access to the Ghidra server, and no public exploit has been identified at time of analysis despite a working proof-of-concept being implied by the detailed vendor advisory from VulnCheck and NSA.
Authenticated command injection in QNAP QTS and QuTS hero NAS operating systems allows attackers with administrator credentials to execute arbitrary OS commands on the appliance. The flaw spans multiple QTS and QuTS hero release trains (5.2.x, 5.3.x, and 6.0.x) and has been patched by QNAP across all affected branches. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV, but the post-authentication code execution primitive is highly valuable for attackers who have already harvested admin credentials.
Authenticated command injection in QNAP QTS and QuTS hero allows a remote attacker holding administrator credentials to execute arbitrary OS commands on the NAS appliance. The CVSS 4.0 base score of 8.6 reflects high impact across confidentiality, integrity, and availability, though exploitation requires high privileges (PR:H). No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV; QNAP has released fixed builds across affected QTS and QuTS hero branches.
Authenticated command injection in QNAP QTS and QuTS hero NAS operating systems allows a remote attacker who has already obtained administrator credentials to execute arbitrary OS commands on the appliance. Reported by QNAP itself and tracked as EUVD-2025-210099, the issue affects multiple branches across QTS 5.2.x and QuTS hero 5.2.x, 5.3.x, and 6.0.x and is fixed in builds dated 2026-02-06 through 2026-05-20. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Remote code execution in NSA Ghidra before version 12.1 allows attackers to execute arbitrary commands when a user opens a malicious shared-project file containing a ghidra:// URL, triggering unsafe Java deserialization in the client-side Shared-Project RMI connection code. Exploitation leverages a Jython 2.7.4 gadget chain and requires only user interaction (opening the crafted project), with no authentication needed. No public exploit identified at time of analysis, though VulnCheck has published an advisory describing the flaw.
Server-Side Request Forgery in the Fedify ActivityPub library (versions 0.11.2 through 2.2.3, with branch-specific cutoffs) allows remote attackers to coerce outbound fetches to non-public IPv4 destinations because the `isValidPublicIPv4Address()` allow-list misses several reserved, multicast, benchmarking, and CGNAT ranges. This is an incomplete-fix bypass of the SSRF mitigation originally tracked as GHSA-p9cg-vqcc-grcx, and at time of analysis there is no public exploit identified, though the underlying logic and patch diff are publicly disclosed in the GHSA-xw9q-2mv6-9fr8 advisory. Federated servers built on Fedify are exposed whenever they fetch attacker-controlled ActivityPub documents or media.
Authorization bypass in QNAP File Station 5 (versions 5.5.0 through 5.5.6.5243) allows a remote attacker with a valid low-privileged user account to circumvent intended access restrictions and reach files or operations they should not be able to access. The flaw was reported by QNAP itself with a CVSS 4.0 score of 8.6 reflecting high confidentiality and integrity impact, and there is no public exploit identified at time of analysis. Note that the vendor description text references 'File Station 6,' but the CPE, affected version list, and fix data all point to File Station 5, which appears to be a typo in the advisory.
Insecure direct object reference in BuddyPress 14.4.0's messages REST API lets any authenticated WordPress user read, reply to, or delete another user's private message threads by supplying a target user_id parameter. The flaw originates in get_item_permissions_check, which trusts the attacker-supplied identifier instead of the authenticated session, and the same broken check is reused by update and delete handlers. No public exploit identified at time of analysis, but the simplicity of the request manipulation and CVSS 4.0 base of 8.6 mark this as a high-priority issue for any community site running BuddyPress.
Privilege escalation in Fission (Kubernetes-native serverless framework) prior to version 1.25.0 allows a tenant with permission to create Function or Environment CRDs to obtain CAP_SYS_TIME inside function/runtime containers by bypassing an incomplete capability denylist in the ValidatePodSpecSafety admission webhook. The denylist only blocked six Linux capabilities (SYS_ADMIN, NET_ADMIN, SYS_PTRACE, SYS_MODULE, DAC_READ_SEARCH, DAC_OVERRIDE) and omitted CAP_SYS_TIME and others, letting tenant-controlled code modify the container's system clock. No public exploit identified at time of analysis, but the upstream patch and CRD diff are publicly visible in fission/fission PR #3465.