Heap buffer overflow in LibreOffice's DXF import engine allows a crafted CAD file to corrupt process memory when a polyline with more than 65,535 points is parsed. The root cause is an integer truncation defect: the point count read from the DXF file is narrowed to a 16-bit value when sizing the heap allocation, but the original, un-truncated count drives the subsequent write loop - any polyline exceeding 65,535 points overflows the undersized buffer. A proof-of-concept exists (CVSS 4.0 E:P), exploitation requires passive user interaction (opening a malicious DXF file), and no active exploitation has been confirmed in CISA KEV at time of analysis.
Insufficient OAuth token invalidation in Ansible Lightspeed (part of Red Hat Ansible Automation Platform 2.x) allows a remote attacker who has exfiltrated a valid access token to maintain persistent authenticated sessions even after the legitimate user has logged out. The backend fails to revoke the token server-side on logout, leaving it exploitable until natural expiration. Successful exploitation enables unauthorized read access to sensitive Ansible resources - including inventories, playbooks, and configuration data - with no public exploit or CISA KEV listing identified at time of analysis.
Denial of service in the markdown-it npm library (≤ 14.1.1) stems from a quadratic O(n²) CPU complexity bug in the smartquotes processing rule, exploitable only when `typographer: true` is explicitly enabled. An unauthenticated remote attacker can submit approximately 160KB of consecutive quotation marks to a server-side markdown rendering endpoint and consume over 21 seconds of CPU per request; flooding the endpoint with concurrent payloads can fully exhaust server CPU and prevent legitimate users from being served. No confirmed active exploitation (not in CISA KEV), but a detailed proof-of-concept with timing measurements is publicly documented in the upstream GitHub Security Advisory GHSA-6v5v-wf23-fmfq, and a vendor-released patch is available in version 14.2.0.
Dynamic component mounting in @angular/core permits client-side XSS by failing to reject script elements as valid host targets for `createComponent`. Angular applications that pass user-supplied selectors or host element references to the `createComponent` API without prior sanitization are vulnerable to namespace bypass, allowing an attacker to mount Angular components onto `<script>` or `<svg:script>` elements and execute arbitrary JavaScript in the victim's browser. No active exploitation has been confirmed (not in CISA KEV) and no public proof-of-concept has been identified at time of analysis, but vendor-released patches are available across multiple supported major versions.
Unbounded input in ua-parser-js v2.0.1–2.0.9's Client Hints API enables remote denial-of-service via catastrophic regex backtracking. Any server-side Node.js application calling `UAParser(headers).withClientHints()` is vulnerable to CPU exhaustion when an attacker supplies an oversized `Sec-CH-UA-Model` header — a single ~32,000-character request consumes over 400ms of CPU with polynomial growth. A functional proof-of-concept exploit is publicly available in the GitHub Security Advisory (GHSA-9h5v-pfqq-x599); no active exploitation in CISA KEV has been confirmed at time of analysis.
Starlette's HTTPEndpoint dispatcher allows remote unauthenticated attackers to invoke arbitrary internal Python instance methods as HTTP handlers by sending non-standard HTTP method names that resolve to endpoint attributes via getattr, effectively circumventing authorization logic guarding intended public handlers. Applications built on Starlette - including FastAPI - are affected when HTTPEndpoint subclasses are registered via Route(...) without an explicit methods= argument and those subclasses expose internal methods whose lowercased names match non-standard HTTP token shapes. No public exploit or active exploitation has been identified at time of analysis; a vendor-released patch is available in starlette 1.1.0.
Cross-site scripting execution is possible in Angular applications (@angular/compiler and @angular/core) through a dual-bypass of the framework's template sanitization engine using XML namespace prefixes. The Angular template preparser used a simple string comparison for 'script' that failed to match namespaced representations such as ':svg:script', allowing those elements to survive template compilation unstripped. Concurrently, the security context schema mappings for namespaced SVG and MathML attributes were incomplete, allowing malicious attribute bindings to evade both compile-time and runtime sanitizers. No public exploit has been identified at time of analysis, and exploitation requires the specific non-default deployment condition of runtime JIT template compilation with user-controlled input.
DOM sanitization bypass in @angular/compiler allows client-side XSS in Angular applications that use two-way property binding syntax on security-sensitive native DOM properties. The Angular template compiler's sanitizer-resolution phase omitted a case for the TwoWayProperty IR operation, meaning compiled templates with [(innerHTML)], [(src)], [(href)], [(srcdoc)], [(data)], or [(sandbox)] bindings emit the runtime ɵɵtwoWayProperty() instruction without the required sanitizer function argument, while identical one-way [property] bindings are correctly protected. No active exploitation has been confirmed (not in CISA KEV), and no public exploit code has been identified at time of analysis, though the patch diff in PR #69107 fully characterizes the missing code path.
Memory amplification in protobufjs 8.2.0-8.4.2 enables remote unauthenticated attackers to exhaust heap memory in Node.js services by submitting crafted protobuf binary payloads densely packed with field numbers absent from the application's schema. The library's unknown-field retention feature - introduced in 8.2.0 - stores these wire elements in `message.$unknowns` with no decode-time cap or discard mechanism, allowing payloads to consume memory far exceeding their wire size. No public exploit code is identified at time of analysis, and this vulnerability is not listed in CISA KEV; however, the attack requires no privileges and is accessible over the network against any service that decodes untrusted protobuf binary input.
Quadratic CPU exhaustion in js-yaml (npm) versions 4.1.1 and earlier allows unauthenticated remote attackers to block a Node.js event loop for multiple seconds using a crafted YAML payload under 100 KB, resulting in denial of service. The flaw lies in the merge-key parser's failure to deduplicate repeated alias references before invoking per-key processing, producing O(K×M) work from O(K+M) input. A detailed proof-of-concept with reproducible timing benchmarks is publicly available via GitHub Security Advisory GHSA-h67p-54hq-rp68; no active exploitation is confirmed in CISA KEV at time of analysis.
Unbounded memory allocation in @opentelemetry/core affects the W3CBaggagePropagator.extract() method, which fails to enforce W3C Baggage specification size limits (8,192 bytes, 180 entries) on the inbound parsing path - only the outbound inject() path was protected. Unauthenticated remote attackers can exploit this to cause partial availability degradation by sending oversized baggage headers, with elevated risk in non-HTTP transport contexts (messaging systems, custom TextMapGetter implementations) where Node.js's native 16 KB header cap does not apply. No public exploit code or CISA KEV listing exists; the CVSS 5.3 Medium score reflects the real-world constraint imposed by Node.js defaults on the dominant HTTP deployment pattern.
Schema-name shadowing in protobufjs (npm packages protobufjs and protobufjs-cli) enables denial of service when an attacker can supply or influence protobuf schemas containing field or service method names that collide with JavaScript runtime-significant identifiers used by the protobufjs runtime. Affected names - specifically a field named `hasOwnProperty`, a field or oneof named `$type` via JSON/reflection descriptors, and service methods whose generated helper resolves to `rpcCall` - cause the runtime to read schema-controlled data in place of expected internal helpers, producing deterministic exceptions or uncontrolled recursion (CWE-674) across decode, verification, serialization, and RPC invocation paths. No public exploit has been identified and no active exploitation is confirmed; the misleading 'RCE' tag in the intelligence metadata is directly contradicted by the vendor advisory, which explicitly states the issue is not known to allow code execution.
{scheme}://{host}{path}` without validating the path prefix, and RFC 3986 §3.2.1 re-parsing then interprets the `@` symbol as a userinfo delimiter, shifting hostname authority to the attacker-supplied value. Exploitation is constrained to middleware or 404/exception handlers that act on `request.url` before routing, since the malformed path matches no registered route; no active exploitation is confirmed (not in CISA KEV) and no public exploit code beyond the advisory PoC has been identified.
Parameter smuggling in python-multipart below 0.0.30 allows unauthenticated network attackers to present a different field name or filename to an upstream WAF, proxy, or gateway than the value actually delivered to the backend application. The root cause is that parse_options_header delegates to Python's email.message.Message, which silently applies RFC 2231/5987 extended parameter decoding - a behavior explicitly forbidden for multipart/form-data by RFC 7578 §4.2 - causing the extended value to override the plain parameter and bypass inspection logic. Concrete downstream consequences include circumventing filename-based upload controls and, where applications construct filesystem paths from the parsed filename without sanitization, achieving path traversal via decoded percent sequences such as ..%2F or injecting null bytes (%00) to confuse validators. No public exploit has been identified and the vulnerability is not in CISA KEV; CVSS 3.7 with AC:H reflects that exploitation requires a specific upstream inspector in the deployment topology.
Use-after-free in Zephyr RTOS's native TCP2 stack allows a concurrent connection teardown - triggered by ordinary TCP traffic from an adjacent-network peer - to invalidate a cached iterator pointer in net_tcp_foreach(), crashing the system or causing the iterator callback to operate on attacker-influenced reallocated memory. All Zephyr releases from the TCP2 stack introduction in 2020 through v4.4.0 (inclusive) are affected. No public exploit has been identified at time of analysis and no CISA KEV listing exists; the primary real-world risk is denial of service against embedded or IoT devices with TCP networking and shell access exposed on an adjacent network segment.
Unauthenticated integrity-impacting input validation failure in the Contest Gallery WordPress plugin affects all versions up to and including 28.1.7, allowing network-accessible attackers with no privileges to perform unauthorized write-class operations against the plugin. The CVSS vector confirms the unauthenticated, low-complexity attack path (AV:N/AC:L/PR:N/UI:N) with low integrity impact and unchanged scope. No public exploit code and no CISA KEV listing have been identified at time of analysis, placing this in a monitor-and-patch posture rather than emergency response.
Broken authentication in the Simple Cloudflare Turnstile WordPress plugin (versions ≤ 1.38.0) allows unauthenticated remote attackers to bypass Cloudflare Turnstile CAPTCHA verification on any protected form without completing the bot-detection challenge. Classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel) and reported by Patchstack, the flaw enables automated or scripted form submissions that the plugin was designed to block - including login, registration, contact, and WooCommerce checkout forms. No public exploit code has been identified at time of analysis, though the network-accessible, zero-complexity nature of the bypass makes it trivially replicable by any attacker familiar with WordPress form mechanics.
Unauthenticated Broken Access Control in the Essential Addons for Elementor WordPress plugin (all versions prior to 6.6.0) allows remote unauthenticated attackers to perform restricted actions without proper authorization. The root cause is a missing authorization check (CWE-862), permitting requests that should be gated behind authentication or capability checks to succeed. No public exploit code or active exploitation has been identified at time of analysis; however, the unauthenticated network-accessible nature (PR:N, AV:N) lowers the barrier to abuse significantly.
Out-of-bounds read vulnerabilities in GStreamer's pcapparse element expose Red Hat Enterprise Linux 6 through 10 users to potential application crashes or limited memory disclosure when processing malformed PCAP files. The flaws reside in IPv4/TCP header parsing logic, where specially crafted PCAP records trigger reads beyond buffer boundaries across multiple code paths. Real-world exposure is materially constrained by pcapparse's restriction to debugging pipelines, the requirement for local user interaction, and high attack complexity; no public exploit or active exploitation has been identified at time of analysis.
Symfony HtmlSanitizer's UrlSanitizer::parse() method fails to block percent-encoded Unicode BiDi formatting marks (U+202A-U+202E, U+2066-U+2069) and Unicode whitespace characters, allowing both character classes to survive sanitization and be re-emitted unchanged in the output URL. Applications running symfony/html-sanitizer versions 6.1.0 through the patched releases where a downstream consumer - such as a phishing-detection filter, audit dashboard, or federated content pipeline - decodes the href before display or comparison are susceptible to visual-spoofing attacks that defeat the sanitizer's own domain allow-list defenses. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV, but the bypass technique is fully documented in the advisory and the fix commit's test cases make reproduction straightforward.
Stored XSS in the Symfony HtmlSanitizer component (symfony/html-sanitizer) allows injection of javascript: scheme URLs through HTML attributes not covered by the library's URL sanitization allow-list. The UrlAttributeSanitizer hardcodes a fixed set of URL-bearing attributes to sanitize, omitting data (on object), codebase and archive (on applet), and longdesc (on iframe/img); a related gap allows javascript: URLs embedded in meta http-equiv=refresh content values to pass through unchanged. Only non-default configurations that explicitly opt in to those element-attribute combinations via allowElement() or allowAttribute() are affected - default Symfony configurations are confirmed safe. No public exploit code has been identified at time of analysis, though the vendor advisory includes functional proof-of-concept payloads; the issue was reported by Scott Arciszewski of Trail of Bits.
Unrestricted file upload in Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) allows any authenticated user, regardless of role or permission level, to bypass server-side file type controls at the /safe/contract/uploadcustomdocuments endpoint by spoofing the HTTP Content-Type header with a value containing allowed substrings such as 'pdf', 'jpeg', 'tiff', or 'png'. Because validation relies entirely on a client-supplied header rather than inspecting actual file content or magic bytes, arbitrary file content can be written to the server. No public exploit code has been identified at time of analysis, and this CVE does not appear in the CISA KEV catalog.
IP restriction bypass in Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) allows an attacker holding valid branch user credentials to authenticate from any unauthorized network location by spoofing the expected branch IP address via a manipulated X-Forwarded-For HTTP header. The system - designed to control physical vault room and safe deposit locker access - enforces branch-location login restrictions based entirely on this attacker-controllable header when it is present, nullifying a key network-based access control boundary. No public exploit code or CISA KEV listing exists at time of analysis; exploitation is constrained to actors with valid branch credentials.
Symfony's UrlGenerator encodes only alternating dot-segments in chained `../` or `./` sequences due to a `strtr()` advancement bug, producing URLs that RFC 3986-conformant reverse proxies, API gateways, and HTTP clients collapse to unintended paths. Routes exposing parameters with permissive requirements (`.+`, `.*`) that permit slashes are the exploitable surface when attacker-controlled values contain multiple consecutive dot-segments. No active exploitation is confirmed (not in CISA KEV, no EPSS score assigned), but vendor-confirmed patches are available across all maintained Symfony branches, and the vulnerability shares the same route round-trip integrity class as the previously disclosed CVE-2026-45065.
Cross-Site Request Forgery in WP Migrate Lite (WordPress plugin by WP Engine, versions ≤ 2.7.8) enables unauthenticated remote attackers to force authenticated administrators to invoke unauthorized plugin actions by deceiving them into visiting a malicious page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:C/A:L) confirms low-complexity network exploitation with changed scope, meaning triggered actions can produce availability impact beyond the plugin itself - consistent with migration or database operations affecting the broader WordPress installation. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Path traversal in the WordPress Download Monitor plugin (versions <= 5.1.9, by WP Chill) allows a network-accessible attacker with Author-level WordPress credentials to download arbitrary files from the server, achieving high confidentiality impact. The vulnerability (CWE-22) stems from improper sanitization of file paths within the plugin's download functionality, enabling directory traversal outside the intended file scope. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and no EPSS data was provided to quantify exploitation probability.
Server-Side Request Forgery (SSRF) in the PopAd WordPress plugin by Vynnus allows an authenticated administrator to cause the server to make forged outbound HTTP requests to arbitrary destinations, including internal network resources. All versions through 1.0.4 are affected per CPE data (cpe:2.3:a:vynnus:popad). The scope change (S:C) in the CVSS vector confirms that successful exploitation can reach systems beyond the WordPress host itself, enabling lateral pivoting into internal infrastructure. No public exploit identified at time of analysis.
webpack-dev-server's WebSocket upgrade handler, when a proxy entry is configured with a broad path context (/) and ws: true, incorrectly forwards the dev server's own HMR WebSocket upgrade requests to the configured proxy backend. This unintentionally delivers browser cookies and the Origin header to the proxy target, bypasses the dev server's built-in Host/Origin validation, and corrupts the HMR channel by routing both HMR and proxy traffic over the same socket. No public exploit identified at time of analysis, though the affected configuration pattern is common in development setups; a vendor-released patch is available in version 5.2.5.
{team}/join), exploiting the fact that text/plain Content-Type does not trigger a CORS preflight check. In CTF deployments this allows score inflation by forcing victims to solve Juice Shop challenges credited to the attacker's team; any sensitive data entered by the victim is also captured in the attacker's Juice Shop instance. No public exploit identified at time of analysis, and a vendor-released patch is available in version 10.0.1.
OliveTin's ValidateArgumentType RPC endpoint exposes action binding IDs and argument configurations to unauthenticated network requesters in all versions prior to 3000.13.0, functioning as an enumeration oracle. The bypass is particularly counterintuitive because it manifests specifically when AuthRequireGuestsToLogin is enabled - the hardened security posture - meaning operators who consciously locked down their instance are the ones exposed. The confidentiality impact is limited to internal action metadata (no credentials, no command execution), and no public exploit has been identified at time of analysis.
Memory exhaustion in python-multipart's parse_form() function allows a remote attacker to force unbounded body buffering by supplying a negative Content-Length header, degrading server availability under concurrent load. Affected deployments are narrowly scoped: only bespoke WSGI or http.server handlers that pass raw, unvalidated client-supplied Content-Length values directly into parse_form(). Mainstream consumers such as Starlette, FastAPI, and Werkzeug are not affected. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog, consistent with the low CVSS base score of 3.7.
Parser differential in python-multipart's QuerystringParser enables HTTP parameter pollution against applications protected by WHATWG-compliant upstream components (WAFs, API gateways). Versions prior to 0.0.30 tokenize semicolons as field separators in application/x-www-form-urlencoded bodies - diverging from WHATWG, modern browsers, and Python's urllib.parse - allowing an attacker to craft a request body whose fields are parsed differently by an upstream body inspector than by the backend, smuggling form parameters the intermediary never validated. No public exploit code and no CISA KEV listing have been identified at time of analysis, but the attack primitive is well-understood and mirrors the class of issue fixed in CPython as CVE-2021-23336.
Arbitrary source map file read in @babel/core allows an attacker who controls Babel's input source code to exfiltrate any source map file (.map) accessible to the process running Babel, provided the attacker can also read the compilation output and knows the target file path. This affects all @babel/core versions up to and including 7.29.0 and the 8.0.0 alpha/rc series prior to 8.0.0-rc.6. No public exploit is identified at time of analysis, and exploitation is constrained by three simultaneous conditions, but the vulnerability is significant in environments that compile untrusted or externally submitted code - such as online transpilers, CI/CD pipelines accepting external PRs, or multi-tenant build services.
Incomplete CSRF protection in React Router v7 Framework Mode leaves PUT, PATCH, and DELETE document requests unguarded while POST requests are correctly validated. Applications running react-router 7.12.0-7.15.0 or @remix-run/server-runtime 2.17.3-2.17.4 in Framework Mode are the exclusive attack surface - Declarative and Data Mode deployments are unaffected. Real-world exploitability is substantially constrained by modern browser defaults (SameSite=Lax cookies, CORS preflight), meaning successful exploitation requires a browser or cookie configuration that bypasses these ambient controls; no public exploit code exists and this vulnerability is not in CISA KEV.
TLS SNI hostname validation in aiohttp is silently bypassed when a keep-alive connection is reused from the connection pool, allowing per-request `server_hostname` overrides to be ignored on subsequent requests to the same host. Applications relying on dynamic per-request SNI to enforce tenant isolation, proxy routing, or custom certificate validation are at risk of connecting under the wrong TLS identity without any error raised. No public exploit code has been identified and the vulnerability is not listed in CISA KEV; a vendor-released patch is available in aiohttp 3.14.1.
Improper access controls in Huly Platform's RPC interface allow an authenticated remote attacker with low privileges to invoke the `getMailboxSecret` function in `server/account/src/operations.ts` and retrieve mailbox secrets they are not authorized to access. Versions up to and including 0.7.0 of hcengineering's Huly Platform are confirmed affected. A public proof-of-concept exploit has been disclosed (reflected in the CVSS 4.0 E:P modifier); no vendor patch exists as the vendor did not respond to responsible disclosure, leaving all users of affected versions exposed with no official remediation path.
Improper authorization in Huly Platform up to version 0.7.0 allows authenticated low-privilege users to remotely invoke the `getAccountInfo` function in `server/account/src/operations.ts` and retrieve account information beyond their authorized scope. The vulnerability is classified under CWE-266 (Incorrect Privilege Assignment), with impact confined to limited confidentiality disclosure - no integrity or availability impact is present. A public proof-of-concept exploit exists (CVSS 4.0 E:P); no vendor patch is available as the vendor did not respond to coordinated disclosure.
Memory corruption in Duktape's bytecode API (duk_api_bytecode.c) allows local low-privilege attackers to corrupt process memory by supplying a crafted count_instr argument during bytecode processing. All Duktape versions up to 2.99.99 are affected. A public proof-of-concept exploit exists, though the CVSS 4.0 score of 1.9 reflects constrained real-world impact - local access and low privileges are required, and confidentiality, integrity, and availability impact is rated low. No patch is available; the vendor did not respond to coordinated disclosure.
Resource leak in aiohttp's response write_eof method allows unauthenticated remote attackers to cause temporary file descriptor exhaustion by repeatedly disconnecting mid-response. All aiohttp versions up to and including 3.14.0 fail to invoke Payload.close() when a write is interrupted by a client disconnection, exception, or asyncio task cancellation, leaving file handles and similar OS-level resources open until Python's garbage collector intervenes. No public exploit code exists and no active exploitation has been confirmed; however, the attack requires no authentication, no special configuration, and is straightforward to automate against any endpoint serving file-backed responses. The advisory's 'Information Disclosure' tag appears inconsistent with the actual impact, which is purely availability (transient resource starvation).
Cookie scope escalation in aiohttp's CookieJar persistence layer causes host-only cookies to lose their host-restricted status after a save/load cycle, allowing them to be transmitted to subdomains that the original server never authorized to receive them. Applications using pip/aiohttp <= 3.14.0 that invoke CookieJar.save() and CookieJar.load() for session persistence are affected. No public exploit code has been identified at time of analysis, but the impact is information disclosure: sensitive cookies - including session tokens or authentication credentials - may be sent to unintended subdomain endpoints, violating the HTTP cookie scoping model.