Cross-namespace access control bypass in Fission (Kubernetes-native serverless framework) prior to 1.24.0 allows an authenticated tenant with permission to create Function objects in their own namespace to reference an Environment in a different namespace, because the admission webhook in pkg/webhook/function.go validated namespace equality only for secrets and configmaps, not for spec.environment.namespace. An attacker can pivot across Kubernetes namespace boundaries and pull in environment configuration belonging to other tenants (CVSS 8.5, scope-changed, high confidentiality impact). No public exploit identified at time of analysis, though the upstream fix and full patch diff are publicly available on GitHub.
OS command injection in the VPN module of TP-Link Archer AX12 v1, AX17 v1, AX18 v1, and AX1300 v1.6 routers allows an authenticated attacker on an adjacent network to execute arbitrary commands by uploading a malicious VPN client configuration file. The flaw stems from improper sanitization of special characters during configuration import (CWE-78) and carries a CVSS 4.0 base score of 8.5. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV, but TP-Link has released firmware fixes for all affected models.
Local privilege escalation in Lenovo's LanSchool Classic client application allows authenticated users on affected endpoints to execute arbitrary code with elevated privileges via an uncontrolled search path (CWE-427). The flaw carries a CVSS 4.0 score of 8.5 with high impact across confidentiality, integrity, and availability, and no public exploit identified at time of analysis. Because LanSchool Classic is widely deployed in K-12 and education environments, exploitation could let a student or low-privileged user gain SYSTEM-level control of managed classroom devices.
Local privilege escalation in Lenovo Accessories and Display Manager for Enterprise on Windows allows an authenticated low-privileged user to execute arbitrary code with elevated privileges, per a Lenovo-disclosed internal finding (LEN-213623). The CVSS 4.0 base score of 8.5 reflects high impact to confidentiality, integrity, and availability of the vulnerable system, though no public exploit identified at time of analysis. The CWE-306 (Missing Authentication for Critical Function) classification combined with the 'Authentication Bypass' tag suggests a privileged operation in the product is reachable without proper access checks.
Privilege escalation in Roxy-WI versions 8.2.6.4 and prior allows any authenticated user - including the lowest-privilege 'guest' role 4 - to start, stop, or restart the roxy-wi-smon-agent systemd unit on arbitrary managed servers, with the action executing as root via Roxy-WI's passwordless sudo SSH credentials. The flaw stems from missing role and group-ownership checks on the agent_action endpoint, and no public exploit has been identified at time of analysis though the vulnerability is trivially reachable once an account exists.
Command injection in Ghidra versions before 12.1 on Windows allows attackers to execute arbitrary OS commands under the Ghidra user's privileges when a victim clicks a maliciously crafted URL embedded in a program comment annotation. The flaw stems from improper escaping of cmd.exe metacharacters in URL annotation handling, and exploitation requires user interaction (UI:A). No public exploit identified at time of analysis, though VulnCheck published a dedicated advisory alongside the NSA's GitHub security advisory.
PHP Object Injection in Concrete CMS versions below 9.5.2 allows arbitrary PHP object instantiation through unsafe unserialize() calls in the Permission, Cache, and Search components. The flaw is triggered when a malicious serialized payload has already been written to the database, meaning the unauthenticated trigger depends on a prior write primitive existing in the deployment. No public exploit identified at time of analysis, and CVSS 4.0 base scores it 8.4 with high confidentiality, integrity, and availability impact.
Local privilege escalation in Slate Digital Connect 1.37.0 for macOS allows unprivileged users on the host to gain root-level capabilities by abusing a TOCTOU race in the privileged helper's XPC client validation. The com.slatedigital.connect.privileged.helper.tool2 service identifies callers by PID and then queries code-signing information, but PID reuse lets an attacker substitute a trusted process between check and use. No public exploit identified at time of analysis, and EPSS is very low (0.02%), but the technical pattern is well-known on macOS and a SEC Consult advisory describes the flaw in detail.
Arbitrary file write in NSA's Ghidra reverse-engineering framework before version 12.0.4 allows attackers to escape the theme directory via Zip Slip path traversal sequences in malicious theme ZIP archives, leading to code execution or credential compromise. The flaw requires user interaction (importing the booby-trapped theme) and is exploited locally against the user running Ghidra. No public exploit identified at time of analysis, though the technique (Zip Slip) is well-documented and trivially reproducible.
Arbitrary file write in NSA Ghidra versions prior to 12.0.2 allows local attackers to achieve code execution by tricking a user into installing a malicious extension archive. The extension installer fails to sanitize ZIP entry names, enabling classic Zip Slip path traversal that writes files outside the intended extension directory. No public exploit identified at time of analysis, though the technique is well-documented and trivially reproducible.
Local privilege escalation in Slate Digital Connect 1.37.0 for macOS allows unprivileged users to execute commands as root by connecting to the privileged XPC helper service with a self-signed certificate whose subject OU matches the expected value. The flaw stems from improper certificate validation (CWE-296) in the helper's client authorization logic, which fails to verify the certificate chains to a trusted code-signing authority. No public exploit is identified in CISA KEV at time of analysis, and EPSS reflects very low (0.01%) near-term exploitation probability, but a detailed vendor-lab advisory is publicly available.
Local privilege escalation to System Management Mode (SMM) in Lenovo ThinkPad BIOS firmware allows a high-privileged local user to execute arbitrary code at one of the most privileged execution rings on x86 hardware. The flaw, an out-of-bounds write (CWE-787) discovered by Lenovo during an internal security assessment, affects a wide range of current-generation ThinkPad models including X1 Carbon 13th Gen, X13 Gen 6, T14s Gen 6, P14s/P16v Gen 3, L13/L14/L16 Gen 6, and E16 Gen 3. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary privileged memory read/write in Lenovo ThinkPad embedded controller (EC) firmware allows a local administrator on affected ThinkPad models (X13 Gen 6, X1 Carbon 13th Gen, P16v Gen 3, L16 Gen 1/2, T14s Gen 6, P14s Gen 6, L13 Gen 6, L14 Gen 6) to access or modify protected memory regions. Discovered during Lenovo's internal security assessment, the issue is rated CVSS 4.0 8.4 (High) and there is no public exploit identified at time of analysis, with no CISA KEV listing. Despite the high score, exploitation requires high privileges and local access, narrowing realistic abuse to attackers who already have admin on the host or to supply-chain/insider scenarios.
Cross-workspace authorization bypass in Plane (makeplane) prior to version 1.3.1 allows any authenticated user of one workspace to read, copy, delete, and overwrite file assets belonging to other workspaces on the same instance. The flaw stems from missing membership checks on V2 asset endpoints and is fixed in v1.3.1; no public exploit identified at time of analysis.
Authentication bypass in Roxy-WI versions 8.2.6.4 and prior allows remote unauthenticated attackers to reach protected API functionality by including the 'api' substring in the URL, with the /api/gpt endpoint specifically exposed without authentication. The flaw carries a CVSS 8.3 with scope change and affects a web management interface for HAProxy, Nginx, Apache, and Keepalived, and no public exploit has been identified at time of analysis. No vendor-released patch exists at time of publication, making this a high-priority issue for any internet-exposed installation.
Metric injection in the Perl module Metrics::Any::Adapter::Statsd before version 0.04 allows remote attackers to inject arbitrary StatsD metrics by supplying metric names or values containing newlines, colons, or pipes that the send method passes unvalidated into UDP packets. Because the StatsD protocol multiplexes multiple metrics per packet using newline delimiters, an attacker who controls any string flowing into a recorded metric can forge additional metrics, poisoning monitoring data and downstream alerting. EPSS is very low (0.03%), no public exploit is identified at time of analysis, and there is no CISA KEV listing.
Off-path DNS response spoofing in NLnet Labs ldns 1.2.0 through 1.9.0 allows remote attackers to inject forged answers into applications that use the library as a UDP stub resolver, including the bundled drill tool. The library fails to validate the response source address/port, the query transaction ID, and the question section against the original query, making cache and answer poisoning feasible without on-path positioning. No public exploit identified at time of analysis, but the CVSS 4.0 score of 8.2 reflects high integrity impact on any downstream application that trusted ldns to validate DNS answers.
Remote code execution risk in Spring Data MongoDB arises from a SpEL expression injection flaw (CWE-917) triggered during parameter binding for repository methods annotated with @Query that use a capture-all placeholder. With CVSS 8.1 (AV:N/AC:H/PR:N/UI:N) and no public exploit identified at time of analysis, unauthenticated attackers who can influence query parameters reaching such a method could execute arbitrary SpEL expressions on the server.
Insecure deserialization in Spring for Apache Pulsar's JsonPulsarHeaderMapper allows remote attackers to bypass trusted-package controls and potentially trigger arbitrary Java object instantiation through Pulsar message headers. The flaw stems from a prefix-based package match plus an unsafe empty-allow-list default, affecting versions 1.1.0-1.1.17, 1.2.0-1.2.17, and 2.0.0-2.0.5. No public exploit identified at time of analysis, but the CVSS 8.1 rating and CWE-502 classification place this firmly in the high-impact Java deserialization category that has historically yielded remote code execution.
Unsafe deserialization in Spring for Apache Kafka (versions 2.8.0-4.0.5 across multiple branches) allows a malicious Kafka producer to send crafted message headers that cause downstream consumers to instantiate arbitrary JDK types via Jackson. The flaw stems from a prefix-based trusted-packages check in JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper, which silently extends trust to every subpackage. No public exploit identified at time of analysis, but the bug class (CWE-502 with Jackson default typing) has a long history of leading to remote code execution in Spring/Java ecosystems.
Path traversal in Roxy-WI versions 8.2.6.4 and prior allows authenticated remote attackers to read arbitrary configuration files via the config_file_name and configver parameters. The vendor's attempted fix in commit d4d10006 is ineffective due to a logic error - it uses Python tuple-membership instead of substring containment - leaving all realistic '../' payloads unblocked, with no public exploit identified at time of analysis.
Improper credential validation in the CommvaultSecurityIQ integration for Palo Alto Networks Cortex XSOAR and Cortex XSIAM allows remote attackers to read and modify protected resources without authentication. The CVSS 4.0 base score of 8.1 reflects high impact to confidentiality, integrity, and availability across a network-reachable attack surface, though no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Server-Side Expression Language (SpEL) injection in Spring Data REST allows authenticated remote attackers to execute arbitrary expressions by sending JSON Patch requests targeting Map-typed entity properties. Affected versions span 3.7.0 through 5.0.5, and successful exploitation yields high confidentiality and integrity impact (CVSS 8.1). No public exploit identified at time of analysis, but the low attack complexity and network reachability make this a credible threat to any exposed REST repository accepting application/json-patch+json.
Authentication bypass via X.509 certificate impersonation in Spring Security affects versions 5.7.0-5.7.24, 5.8.0-5.8.26, 6.3.0-6.3.17, 6.4.0-6.4.17, and 6.5.0-6.5.10, where the SubjectDnX509PrincipalExtractor mishandles malformed Common Name (CN) values and resolves the principal to the wrong identity. An attacker holding a carefully crafted client certificate can authenticate as a different legitimate user, gaining their privileges. No public exploit identified at time of analysis, and the EPSS score of 0.02% (4th percentile) reflects no observed exploitation activity.
Cross-Site Scripting in Litestar Python web framework versions prior to 2.22.0 allows remote attackers to execute arbitrary JavaScript in victim browsers by poisoning the csrftoken cookie, whose contents are rendered into HTML templates without escaping when the documented csrf_input helper is used. Publicly available exploit code exists via the GitHub Security Advisory GHSA-542p-wvx7-72m4, which includes two working proof-of-concept applications. The flaw only manifests in applications that combine a template engine (Jinja, Mako, MiniJinja) with CSRF protection and the recommended hidden CSRF input field pattern.
Path traversal bypass in Roxy-WI versions 8.2.6.4 and earlier allows authenticated remote attackers to escape input sanitization in the EscapedString Pydantic validator and inject shell metacharacters alongside '..' sequences. The flaw stems from a flawed if/elif/elif/else control flow that strips metacharacters without re-enforcing the '..' block, and the result is never shlex-quoted before reaching downstream command contexts. No public exploit identified at time of analysis, and no vendor-released patch identified at time of analysis.
Arbitrary code execution in GIMP via malicious HDR (High Dynamic Range) image files allows attackers to run code in the context of the user opening the file. The flaw is a heap-based buffer overflow (CWE-122) in the HDR parser, requiring the victim to open a crafted file or visit a malicious page that delivers one. No public exploit identified at time of analysis, but the vulnerability was reported through ZDI (ZDI-CAN-28618) indicating verified researcher analysis.
Page-cache corruption in FreeBSD's kTLS-RX subsystem (CVE-2026-45257 / FreeBSD-SA-26:26.kTLS) enables an unprivileged local user to overwrite arbitrary bytes in the backing physical page of any world-readable file, including SUID-root binaries, by exploiting in-place AES-GCM decryption running directly over sendfile(2)-produced EXTPG mbufs via the kernel direct map (DMAP). The write bypasses the VFS layer entirely, defeating file permissions, mount options, and chflags schg immutable flags - making this the FreeBSD functional equivalent of Linux CVE-2022-0847 (Dirty Pipe). A public exploit (bumsrakete.c) is included in the oss-security disclosure and achieves reliable root LPE in approximately 1.5 seconds on default FreeBSD 13.0 through 15.0 on amd64, arm64, and riscv; no public KEV listing has been identified at time of analysis.
Path traversal in Fission Kubernetes serverless framework prior to version 1.25.0 allows authenticated tenants to write files outside the intended extraction directory by submitting a crafted package archive. The fetcher sidecar (fission-fetcher) processes attacker-controlled Package.Spec.Source.URL or Deployment.URL archives via Unarchive in pkg/utils/zip.go, where filepath.Join was used without verifying the resolved path stayed under the destination, enabling cross-tenant file overwrite, tampering with mounted secret/config volumes, or overwriting the fetcher binary itself. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Service account token disclosure in OpenTelemetry Operator's TargetAllocator (versions prior to 0.152.0) allows a tenant with ServiceMonitor write permissions in a watched namespace to exfiltrate the OpenTelemetry Collector pod's mounted Kubernetes service account JWT or any other file on the Collector's filesystem. By setting the bearerTokenFile field on a ServiceMonitor to an arbitrary path (such as /var/run/secrets/kubernetes.io/serviceaccount/token) and pointing the scrape target to an attacker-controlled endpoint, the Collector reads the file and ships its contents as an Authorization: Bearer header on every scrape interval. No public exploit is identified at the time of analysis, though the technique mirrors a well-known Prometheus Operator primitive (ArbitraryFSAccessThroughSMs).
Cross-namespace access control bypass in Fission prior to 1.24.0 allows an authenticated tenant to reference Package objects belonging to other Kubernetes namespaces because the admission webhook validated namespaces for Secret and ConfigMap references but omitted the equivalent check for PackageRef.Namespace. A low-privileged user with rights to create Function objects in their own namespace can therefore reach Package contents in arbitrary namespaces, producing a scope-changing confidentiality breach (CVSS 7.7, S:C, C:H). No public exploit identified at time of analysis; not listed in CISA KEV.
Cross-namespace information disclosure in Fission prior to 1.24.0 allows a low-privilege developer with namespace-scoped permissions to create a KubernetesWatchTrigger (KWT) that establishes a persistent watch channel against Kubernetes resources in any other namespace, breaking the platform's tenancy boundary. The flaw stems from missing namespace-equality enforcement in the kubewatcher controller, which honored an attacker-supplied Spec.Namespace value and even treated an empty value as cluster-wide visibility. No public exploit identified at time of analysis, but the upstream fix (PR #3379, merged into v1.24.0) and detailed advisory GHSA-gc3j-79f2-7vvw confirm the defect class.
Cross-namespace package reference flaw in Fission prior to version 1.24.0 allows an authenticated tenant to point a Package CRD at an Environment in another namespace, because the buildermgr controller never verified that Package.spec.environment.namespace matched Package.metadata.namespace. With CVSS 7.7 and a scope-changed confidentiality impact, a low-privileged user in one namespace can cause the controller to read and build against environment resources belonging to other tenants. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Server-side request forgery in Splunk Enterprise (below 10.2.4, 10.0.7, 9.4.12, 9.3.13) and Splunk Cloud Platform lets a low-privileged authenticated user coerce the Dashboard Studio PDF export feature into issuing HTTP requests to arbitrary internal destinations. The flaw stems from a flawed prefix-match on trusted domains plus uncritical redirect-following by the PDF export service. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Stored cross-site scripting in Xibo CMS prior to 4.4.2 allows authenticated users with elevated DataSet privileges to chain a Stored XSS with an iframe sandbox escape via the Data Connector functionality, executing script in another user's browser context. Scope-changed impact (S:C) with high confidentiality loss means a low-privileged-but-trusted operator can compromise an admin session viewing the affected dataset content. No public exploit identified at time of analysis and the issue is not on the CISA KEV list.
Root command injection in dracut's legacy DHCP path allows adjacent-network attackers to execute arbitrary commands inside the initramfs by sending crafted DHCP options (e.g., malicious hostname) that are written unescaped into temporary shell scripts. The flaw affects Red Hat Enterprise Linux 6 through 10, Red Hat Hardened Images, and OpenShift Container Platform 4, granting full system compromise during early boot. No public exploit identified at time of analysis, and EPSS is low (0.16%, 36th percentile), but SSVC rates technical impact as total.
Remote denial-of-service in Espressif ESP-IDF's esp_http_server WebSocket handshake allows unauthenticated attackers to crash IoT devices by sending a malformed Sec-WebSocket-Protocol header. The flaw (CWE-476 NULL-pointer dereference) is triggered pre-authentication during subprotocol negotiation and affects ESP-IDF 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0; no public exploit identified at time of analysis, though upstream commits disclose the exact vulnerable code path.
Arbitrary code execution in Dulwich (pure-Python Git implementation) versions 0.23.2 through 1.2.4 allows a malicious upstream repository to drop executable files into a victim's .git/hooks/ directory during a recursive clone or submodule update. When the victim subsequently runs any git or dulwich command that invokes the planted hook, the attacker's code executes with the victim's privileges. No public exploit identified at time of analysis, though the technique mirrors the well-documented upstream Git flaws CVE-2024-32002 and CVE-2024-32004.
Remote unauthenticated denial-of-service in TDengine versions 3.4.0.0 through 3.4.1.5 allows attackers to crash the taosd server process by sending a single crafted RPC packet, with no credentials or prior session state required. The flaw is a CWE-191 integer underflow (vendor tags also reference Integer Overflow) in RPC packet handling, fixed in version 3.4.1.6. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Denial of service in Russh (Rust SSH client/server library) versions 0.34.0 through 0.60.x allows remote SSH peers to trigger excessive memory allocation by sending oversized, high-fanout, or malformed length-prefixed SSH strings, name-lists, and byte fields before field-specific bounds checks are applied. The flaw affects both client and server message handlers and impacts availability only (CVSS 7.5, C:N/I:N/A:H). No public exploit identified at time of analysis.
Denial of service in CometD Java server (versions 5.0.0-5.0.22, 6.0.0-6.0.18, 7.0.0-7.0.18, 8.0.0-8.0.8) allows a single remote unauthenticated client to exhaust server memory by repeatedly sending /meta/connect messages with a fixed ack value while the acknowledgement extension is enabled, causing the unacknowledged message queue to grow without bound and triggering an OutOfMemoryError. The CVSS 7.5 score reflects high availability impact with no confidentiality or integrity impact, and no public exploit identified at time of analysis, though the GitHub Security Advisory GHSA-cqgj-h8vf-4w59 provides clear protocol-level reproduction details.
Out-of-bounds heap write in ImageMagick's ICON decoder allows remote attackers to crash the application by supplying a maliciously crafted ICON file processed by versions prior to 6.9.13-50 and 7.1.2-25. The flaw stems from an incorrect loop condition during ICON parsing, leading to memory corruption and denial of service. No public exploit identified at time of analysis, but ImageMagick's broad deployment as an image-processing backend in web applications makes drive-by exposure plausible.
Denial of service in ImageMagick prior to 6.9.13-50 and 7.1.2-25 allows remote attackers to trigger an out-of-memory condition by submitting crafted images that bypass memory request validation in the AcquireAlignedMemory routine. The CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) vector reflects unauthenticated network exploitability with high availability impact but no confidentiality or integrity loss. No public exploit identified at time of analysis, and the issue is not present on the CISA KEV list.
Denial-of-service in Spring Data Commons (versions 2.7.0-4.0.5) allows remote unauthenticated attackers to exhaust JVM heap memory by repeatedly submitting unique property-name strings that are permanently retained in an internal property-lookup cache. The flaw maps to CWE-770 (Allocation of Resources Without Limits or Throttling) and carries a CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) reflecting purely availability impact. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Denial of service in Spring Data Commons 3.4.x, 3.5.x, and 4.0.x allows remote unauthenticated attackers to exhaust server resources by supplying crafted property path strings that the MappingContext resolves inefficiently. The flaw is reachable wherever applications expose property path parsing to untrusted input, and with CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) it is trivially triggerable, though no public exploit identified at time of analysis and the issue is not on the CISA KEV list.
Denial of service in Spring Security's SAML 2.0 service provider module allows remote unauthenticated attackers to exhaust application memory by submitting a maliciously compressed SAML payload over the REDIRECT binding. The flaw stems from an unbounded inflater that decompresses attacker-controlled data without size limits, enabling a classic decompression-bomb attack against any Spring application using SAML Login or Logout. No public exploit identified at time of analysis, but the network-reachable, no-authentication CVSS profile (7.5 High) makes this a near-term patching priority for SAML-enabled deployments.
Denial-of-service in Nimiq core-rs-albatross (Rust implementation of the Albatross Proof-of-Stake consensus) prior to version 1.4.0 allows a malicious DHT node to suppress all valid DHT GET responses for a query by being the first to reply with an unverifiable record. Because the DhtResults accumulator is only created after the first record passes verification, a single bad first response causes subsequent valid records to be discarded as 'DHT inconsistent state', breaking peer/validator discovery. No public exploit identified at time of analysis, but the patch and full root cause are public in PR #3707.
Authorization bypass in Spring Data REST's JSON Patch handler allows remote unauthenticated attackers to modify protected entity fields by routing writes through intermediate path segments of a multi-segment JSON Pointer. The flaw affects Spring Data REST 3.7.x through 5.0.5 and carries a CVSS 7.5 (high) integrity-only impact; no public exploit has been identified at time of analysis and it is not listed in CISA KEV.
Stored Cross-Site Scripting in Store Locator WordPress plugin before 1.6.6 allows administrator-level users to inject persistent malicious scripts into the plugin's admin settings page, with execution triggered when any privileged user visits the page. Critically, this bypass works even when WordPress's `unfiltered_html` capability is restricted - a control commonly enforced in multisite networks - meaning a subsite admin could target visiting super admins. A publicly available exploit exists via WPScan, though no active exploitation has been confirmed by CISA KEV. CVSS rates this 3.5 (Low), but multisite deployments face materially higher practical risk.
Authentication bypass in Erlang/OTP's TLS distribution module (inet_tls_dist) lets any attacker holding a TLS certificate signed by a CA in the node's trust store gain full Erlang distribution access, including remote code execution via rpc:call/4 and code:load_binary/3. The flaw stems from check_ip/1 inspecting the local socket address (inet:sockname/1) instead of the peer's address (inet:peername/1), so the LAN-allowlist subnet comparison always matches. No public exploit identified at time of analysis, but the one-line root cause is fully disclosed in the upstream fix commit.