Skip to main content
CVE-2026-55518 CRITICAL PATCH GHSA Act Now

Authorization bypass in Avo (Ruby on Rails admin framework) versions <= 3.32.0 and 4.0.0.beta.1 through 4.0.0.beta.50 allows authenticated low-privileged users to attach arbitrary related records to parent resources via a direct POST to the associations endpoint, bypassing the `attach_<association>?` policy enforced only on the form-rendering GET. Publicly available exploit code exists (Python PoC in the GHSA advisory), and in deployments where associations encode teams, tenants, roles, or memberships, exploitation yields privilege escalation and cross-tenant data exposure.

Python CSRF Information Disclosure Privilege Escalation Authentication Bypass
NVD GitHub
CVSS 3.1
9.6
CVE-2026-55743 CRITICAL PATCH Act Now

Remote code execution in OpenHuman desktop agent through 0.54.0 allows attackers to escape the Supervised SecurityPolicy sandbox and run arbitrary OS commands as the desktop user via indirect prompt injection. Two allowlist bypasses in src/openhuman/security/policy.rs - missing coverage of find's -execdir/-okdir flags and pre-validation stripping of inline KEY=value env assignments (e.g. GIT_EXTERNAL_DIFF, GIT_SSH_COMMAND) - let an attacker turn an allowlisted command into arbitrary execution. No public exploit identified at time of analysis, but the vendor has shipped a fix in commit 60050aa (first stable release 0.56.0).

Command Injection RCE Openhuman
NVD GitHub
CVSS 3.1
9.6
EPSS
0.7%
CVE-2026-47103 CRITICAL PATCH GHSA Act Now

Remote code execution in python-statemachine 3.0.0 through 3.1.x allows attackers to run arbitrary Python in the host process by supplying a crafted SCXML document whose `<data expr="...">` attributes are passed unsandboxed to eval() inside SCXMLProcessor. Reported by VulnCheck with publicly available exploit code and a vendor advisory (GHSA-v4jc-pm6r-3vj8); no public exploit identified at time of analysis as actively in the wild, and the flaw is not listed in CISA KEV.

Python Code Injection RCE Python Statemachine
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.8%
CVE-2026-53805 CRITICAL PATCH Act Now

Unauthenticated remote code execution in NVIDIA Spatial Intelligence Lab's GEN3C inference API server allows network attackers to execute arbitrary Python code by sending crafted pickle payloads to the /request-inference and /seed-model endpoints. The endpoints feed raw HTTP bodies directly into pickle.loads() with no authentication or validation, so a standard __reduce__ gadget yields code execution as the inference process. No public exploit identified at time of analysis, but the upstream patch and a VulnCheck advisory document the precise vulnerable code path.

Nvidia Deserialization Python RCE Gen3C
NVD GitHub
CVSS 4.0
9.3
EPSS
0.7%
CVE-2026-53874 CRITICAL PATCH Act Now

Arbitrary code execution in picklescan versions prior to 1.0.1 allows attackers to bypass the scanner's malicious pickle detection by obfuscating eval calls nested under callable objects via getattr, causing the very tool intended to detect malicious pickles to miss them. Publicly available exploit code exists via the GHSA advisory PoC, though no public exploit identified at time of analysis as actively used in attacks; the CVSS 4.0 score of 9.3 reflects unauthenticated network-reachable impact on confidentiality, integrity, and availability.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.5%
CVE-2026-48797 CRITICAL PATCH GHSA Act Now

Authentication bypass in Backpropagate 1.1.0 and 1.1.1 lets any client that can reach the Reflex web UI's bound port take full control of the training control plane, despite the operator passing --auth user:pass. The CLI advertised and confirmed authentication as active, but the Reflex backend never read the BACKPROPAGATE_UI_AUTH variable and registered no middleware, so dataset upload, training control, GGUF export, and HuggingFace Hub push were exposed unauthenticated. No public exploit identified at time of analysis, but the gap is trivially reachable and CVSS 4.0 is 9.3.

Python Information Disclosure
NVD GitHub
CVSS 4.0
9.3
EPSS
0.4%
CVE-2026-54388 CRITICAL PATCH Act Now

HTTP request smuggling in Tinyproxy through 1.11.3 allows remote unauthenticated attackers to desynchronize the proxy and its backend by sending requests with multiple Content-Length headers having differing values. Because Tinyproxy forwards all duplicate Content-Length headers while parsing only the first value, downstream servers may interpret request boundaries differently, enabling cache poisoning, access control bypass, and request hijacking. No public exploit identified at time of analysis, but the underlying primitive is well documented and the upstream commit 364cdb6 clearly demonstrates the parsing flaw.

Authentication Bypass Request Smuggling Tinyproxy
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.4%
CVE-2026-54387 CRITICAL PATCH Act Now

HTTP request smuggling in Tinyproxy through 1.11.3 lets remote unauthenticated attackers desynchronize the proxy and backend by sending requests carrying both Content-Length and Transfer-Encoding: chunked headers. Tinyproxy forwards both headers verbatim while parsing the body using Content-Length, producing a classic CL.TE desync that enables cache poisoning, access control bypass, and request hijacking against the backend. No public exploit identified at time of analysis, though VulnCheck has published an advisory and the upstream issue/PR describe the bug in detail.

Authentication Bypass Request Smuggling Tinyproxy
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.4%
CVE-2026-48768 CRITICAL Act Now

Unauthenticated cross-tenant file upload in Typebot.io chatbot builder versions 3.16.1 and earlier allows anonymous visitors of any published bot containing a file-input block to write attacker-controlled HTML, SVG, or JavaScript into arbitrary subpaths of the shared public S3 bucket. The flaw stems from an unauthenticated presigned-URL endpoint that trusts a raw fileName parameter and does not bind Content-Type, enabling stored XSS on the storage origin and content hosting under other tenants' result paths. No public exploit identified at time of analysis, but the CVSS 9.3 (scope-changed) reflects significant cross-tenant impact.

Path Traversal XSS Typebot Io
NVD GitHub VulDB
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-55450 CRITICAL PATCH GHSA Act Now

{flow_id} endpoint, causing disk exhaustion (DoS) and leaking the absolute filesystem path of the cache directory in the JSON response. No public exploit identified at time of analysis beyond the reporter's PoC, and the issue is not on CISA KEV, but exploitation is trivial - a single unauthenticated curl request - and the fix landed in 1.9.1 via PR #12831.

Python Information Disclosure
NVD GitHub VulDB
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-53873 CRITICAL PATCH GHSA Act Now

Arbitrary code execution bypass in picklescan before 1.0.4 allows attackers to smuggle malicious pickle files past the scanner by invoking the module-level profile.run() function, which is missing from the blocklist that only covers Profile.run and Profile.runctx. The scanner reports zero issues while pickle.loads() triggers exec() of attacker-controlled Python. No public exploit identified at time of analysis beyond the proof-of-concept in the GHSA advisory, and the issue is not listed in CISA KEV.

Python RCE Picklescan
NVD GitHub
CVSS 4.0
9.3
EPSS
0.5%
CVE-2025-71325 CRITICAL PATCH Act Now

Detection bypass in picklescan versions prior to 0.0.27 allows attackers to smuggle malicious Python pickle files past the scanner by exploiting an off-by-one parsing error in STACK_GLOBAL opcode handling. The flaw, reported by VulnCheck and tracked under GHSA-9gvj-pp9x-gcfr, lets crafted pickles trigger an unexpected exception in _list_globals so dangerous imports such as os.system go unflagged; a working PoC is published in the advisory and a vendor patch is available, though no public exploitation against deployments has been observed.

Authentication Bypass Picklescan
NVD GitHub
CVSS 4.0
9.3
EPSS
0.5%
CVE-2025-71323 CRITICAL PATCH Act Now

Remote code execution in picklescan before 0.0.33 enables attackers to bypass the tool's malicious-pickle detection by smuggling the unblocked ctypes module into a pickle payload. A working POC demonstrates loading kernel32.dll via ctypes.WinDLL and invoking WinExec to launch arbitrary commands during pickle deserialization scans or downstream loads. Publicly available exploit code exists in the GHSA-4675-36f9-wf6r advisory, and the flaw undermines the very security guarantee picklescan is deployed to provide for ML model pipelines.

RCE Picklescan
NVD GitHub
CVSS 4.0
9.3
EPSS
0.8%
CVE-2025-71321 CRITICAL PATCH Act Now

Arbitrary file write in picklescan before 0.0.33 lets attackers bypass the tool's dangerous-call blocklist by abusing distutils.file_util.write_file inside crafted pickle payloads. Because picklescan is used as a safety gate before loading ML model pickles, a bypass means malicious models pass scanning and can overwrite files on disk to achieve denial of service or remote code execution. Publicly available exploit code exists in the GHSA advisory, though there is no public exploit identified at time of analysis indicating active exploitation.

Denial Of Service Deserialization RCE Picklescan
NVD GitHub
CVSS 4.0
9.3
EPSS
0.6%
CVE-2025-71320 CRITICAL PATCH Act Now

Arbitrary code execution in picklescan before 0.0.33 allows remote attackers to bypass the scanner's malicious-pickle detection by using pydoc.locate and operator.methodcaller, which were missing from the deny-list. Any downstream tool that trusts a 'clean' picklescan verdict and then deserializes the pickle (e.g., ML model loaders) will execute attacker-supplied code. Publicly available exploit code exists (GHSA PoC), and CVSS 4.0 is rated 9.3 Critical, though no public exploit identified at time of analysis in CISA KEV.

RCE Picklescan
NVD GitHub
CVSS 4.0
9.3
EPSS
0.6%
CVE-2026-54812 CRITICAL Act Now

Blind SQL injection in the StylemixThemes Motors WordPress plugin (versions up to and including 1.4.109) allows remote unauthenticated attackers to inject crafted SQL fragments into backend queries, leading to confidentiality compromise of the WordPress database and limited availability impact. The CVSS 3.1 base score of 9.3 reflects a scope change (S:C), meaning the impact extends beyond the plugin to the underlying database engine shared with the WordPress core. No public exploit identified at time of analysis, but the SQLi class and unauthenticated network vector make this a high-priority issue for sites running the Motors car dealership/classified listings plugin.

SQLi Motors
NVD
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-54809 CRITICAL Act Now

Blind SQL injection in the VillaTheme GIFT4U WordPress plugin (versions through 1.0.10) allows remote unauthenticated attackers to inject arbitrary SQL into backend queries via unsanitized user input. The CVSS 9.3 score reflects a scope-changed impact with high confidentiality loss and partial availability impact, though no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

SQLi Gift4U
NVD
CVSS 3.1
9.3
EPSS
0.2%
CVE-2026-54808 CRITICAL Act Now

Blind SQL injection in the WP Travel Gutenberg Blocks WordPress plugin (versions up to and including 3.9.4) allows remote unauthenticated attackers to inject arbitrary SQL into backend queries, exfiltrating data from the WordPress database via inference-based techniques. The CVSS 9.3 score reflects a scope-changed impact (S:C) where database compromise affects components beyond the plugin itself, though no public exploit identified at time of analysis. The vulnerability was reported by Patchstack and impacts WordPress sites running this travel-booking block plugin in default configurations.

SQLi Wp Travel Gutenberg Blocks
NVD
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-54815 CRITICAL Act Now

Blind SQL injection in the Cargo RD 'Cargo Shipping Location for WooCommerce' WordPress plugin (versions up to and including 5.6) allows remote unauthenticated attackers to inject arbitrary SQL via unsanitized input passed to backend database queries. The flaw carries a CVSS 3.1 base score of 9.3 (Critical) due to its network-reachable, no-privilege, no-interaction profile and scope-changed confidentiality impact, and no public exploit identified at time of analysis.

WordPress SQLi Cargo Shipping Location For Woocommerce
NVD
CVSS 3.1
9.3
EPSS
0.2%
CVE-2026-54819 CRITICAL Act Now

Blind SQL injection in Webilia's Listdom WordPress plugin (versions up to and including 5.4.0) allows remote unauthenticated attackers to inject SQL fragments into back-end queries and extract data inferentially. The flaw carries a 9.3 CVSS score with a scope change (S:C), indicating the injection can affect resources beyond the vulnerable component. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

SQLi Listdom
NVD
CVSS 3.1
9.3
EPSS
0.2%
CVE-2025-59554 CRITICAL Act Now

Unauthenticated SQL injection in the Advanced Ads - Tracking WordPress plugin versions prior to 3.0.7 allows remote attackers to inject arbitrary SQL into backend database queries without authentication. The CVSS 9.3 score with scope change (S:C) indicates the impact extends beyond the plugin to the underlying WordPress database, enabling data exfiltration and partial availability disruption. No public exploit identified at time of analysis, but the unauthenticated network-accessible nature makes this attractive for opportunistic scanning of WordPress installations.

SQLi Advanced Ads Tracking
NVD VulDB
CVSS 3.1
9.3
EPSS
0.4%
CVE-2026-54811 CRITICAL Act Now

Unauthenticated SQL injection in the WP eMember WordPress plugin versions prior to 10.9.4 allows remote attackers to inject arbitrary SQL through unsanitized input handled by the plugin. The flaw was disclosed via Patchstack and carries a CVSS 3.1 score of 9.3 with a scope change, indicating impact beyond the vulnerable component; no public exploit identified at time of analysis.

SQLi Wp Emember
NVD VulDB
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-54187 CRITICAL Act Now

Unauthenticated SQL injection in the JetEngine WordPress plugin versions 3.8.10.1 and earlier allows remote attackers to inject arbitrary SQL into backend database queries without credentials or user interaction. The CVSS 3.1 score of 9.3 (Critical) reflects a scope change with high confidentiality and low availability impact, indicating attacker-controlled queries can reach data beyond the plugin's own context. No public exploit identified at time of analysis, but the lack of authentication requirements makes this a high-priority patch target for any site running the affected versions.

SQLi Jetengine
NVD VulDB
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-54186 CRITICAL Act Now

Unauthenticated SQL injection in the eyecix JobSearch WordPress plugin (versions 3.2.9 and earlier) allows remote attackers to inject arbitrary SQL into backend database queries without credentials or user interaction. With a CVSS 3.1 score of 9.3 and a Scope:Changed vector indicating impact beyond the vulnerable component, the flaw enables high-confidentiality data theft from the WordPress database including user records and credentials. No public exploit identified at time of analysis, but Patchstack-tracked WordPress plugin SQLi issues are commonly weaponized shortly after disclosure.

SQLi Jobsearch
NVD VulDB
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-49084 CRITICAL PATCH Act Now

Unauthenticated SQL injection in the JetEngine WordPress plugin versions prior to 3.8.9.1 allows remote attackers to inject malicious SQL into backend database queries without any authentication or user interaction. The flaw carries a CVSS 3.1 score of 9.3 with a changed scope, enabling data disclosure across the WordPress installation and partial impact on availability. No public exploit identified at time of analysis, but the unauthenticated network-reachable nature combined with JetEngine's wide deployment across Crocoblock-powered WordPress sites makes this a high-priority issue.

SQLi Jetengine
NVD
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-49079 CRITICAL Act Now

Unauthenticated SQL injection in the JetSearch WordPress plugin (versions <= 3.5.17) allows remote attackers to inject arbitrary SQL into backend database queries without any authentication or user interaction. The flaw carries a CVSS 9.3 (Critical) score with a scope change, meaning impact extends beyond the plugin to the underlying WordPress database. No public exploit identified at time of analysis, but the trivial attack complexity and lack of authentication requirement make this a high-priority patching target for any WordPress site running the plugin.

SQLi Jetsearch
NVD
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-49076 CRITICAL Act Now

Unauthenticated SQL injection in the JetEngine WordPress plugin (versions up to and including 3.8.9.1) allows remote attackers without credentials to inject arbitrary SQL through plugin-handled inputs. With a CVSS 3.1 score of 9.3 (scope-changed) and no authentication or user interaction required, the flaw is well-suited for opportunistic, mass exploitation of WordPress sites that use this popular Crocoblock plugin. No public exploit identified at time of analysis, but Patchstack has catalogued the issue, indicating vendor-side confirmation.

SQLi Jetengine
NVD
CVSS 3.1
9.3
EPSS
0.4%
CVE-2026-48875 CRITICAL Act Now

Unauthenticated SQL injection in the JetSmartFilters WordPress plugin (versions ≤ 3.8.1) allows remote attackers to inject arbitrary SQL queries against the underlying WordPress database without any authentication or user interaction. The CVSS 9.3 score reflects a scope-changing flaw with high confidentiality impact and low availability impact, and no public exploit has been identified at time of analysis. The vulnerability was disclosed via Patchstack and affects a popular Crocoblock/JetImpex filtering plugin widely deployed on WordPress sites.

SQLi Jetsmartfilters
NVD
CVSS 3.1
9.3
EPSS
0.4%
CVE-2026-39596 CRITICAL PATCH Act Now

Unauthenticated SQL injection in Blocksy Companion Pro (a premium WordPress plugin from Creative Themes) prior to version 2.1.29 allows remote attackers to inject arbitrary SQL into backend database queries without any login or user interaction. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H) with scope-change indicates the impact crosses a security boundary, with full confidentiality compromise of database contents and limited integrity/availability effect. No public exploit identified at time of analysis, but the vulnerability class and SSDLC profile are highly attractive to automated scanners targeting WordPress.

SQLi Blocksy Companion Pro
NVD
CVSS 3.1
9.3
EPSS
0.4%
CVE-2026-22340 CRITICAL Act Now

Unauthenticated SQL injection in the WPJobster WordPress theme versions 6.3.5 and earlier allows remote attackers to inject SQL queries without any authentication or user interaction. Reported by Patchstack and tracked under CWE-89, the issue carries a CVSS 3.1 score of 9.3 with a scope-changed impact, meaning a successful injection can affect resources beyond the vulnerable component. No public exploit identified at time of analysis, but the network-reachable, low-complexity nature of WordPress theme endpoints makes this a high-priority issue for any site running the affected theme.

SQLi Wpjobster
NVD
CVSS 3.1
9.3
EPSS
0.4%
CVE-2026-22332 CRITICAL Act Now

SQL injection in Tutor LMS Pro (Themeum) versions 3.9.6 and earlier allows remote unauthenticated attackers to inject arbitrary SQL against the underlying WordPress database. The CVSS 9.3 rating reflects a scope change with high confidentiality impact, meaning data accessible to the WordPress backend can be exposed. As of analysis, no public exploit identified at time of analysis, and the issue is tracked via Patchstack.

SQLi Tutor Lms Pro
NVD
CVSS 3.1
9.3
EPSS
0.3%
CVE-2026-2467 CRITICAL Act Now

Remote heap-based buffer overflow in RTI Connext Professional Core Libraries allows unauthenticated network attackers to corrupt heap memory in the DDS middleware, impacting integrity and availability of both the vulnerable component and downstream subsystems. The flaw spans a wide range of long-supported branches (5.0.x through 7.6.x) and carries a CVSS 4.0 score of 9.2, though no public exploit identified at time of analysis.

Heap Overflow Buffer Overflow Connext Professional
NVD
CVSS 4.0
9.2
EPSS
0.2%
CVE-2026-3894 CRITICAL Act Now

Out-of-bounds read in RTI Connext Professional Core Libraries allows remote unauthenticated attackers to read beyond intended buffer bounds, with the CVSS 4.0 vector (9.2 Critical) indicating high availability impact on both the vulnerable component and downstream systems consuming its data. The flaw affects a wide range of Connext Professional releases used as DDS middleware in defense, autonomous, and industrial deployments. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Information Disclosure Buffer Overflow Connext Professional
NVD
CVSS 4.0
9.2
EPSS
0.2%
CVE-2026-55196 CRITICAL PATCH Act Now

Authentication bypass in Hermes WebUI before 0.51.409 allows unauthenticated remote attackers to register the first passkey on instances where HERMES_WEBUI_PASSKEY=1 is set and no credentials yet exist, yielding permanent administrative control. The flaw resides in the passkey registration API endpoints, which fail to enforce authentication during the initial enrollment window. No public exploit identified at time of analysis, but a vendor patch is available and the issue was disclosed by VulnCheck.

Authentication Bypass Hermes Webui
NVD GitHub VulDB
CVSS 4.0
9.1
EPSS
0.6%
CVE-2026-20181 CRITICAL NEWS Act Now

Authenticated remote command execution in Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) allows administrators to run arbitrary OS commands and escalate to root via a crafted HTTP request. The flaw, tracked as CVE-2026-20181 and reported by Cisco with a CVSS 3.1 score of 9.1 (scope-changed), can also crash single-node deployments and deny network access to unauthenticated endpoints. There is no public exploit identified at time of analysis.

Path Traversal Cisco Denial Of Service Cisco Identity Services Engine Software Cisco Ise Passive Identity Connector
NVD VulDB
CVSS 3.1
9.1
EPSS
0.6%
CVE-2026-36418 CRITICAL Act Now

JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeSelectApi endpoint passes user-supplied input directly to the Aviator expression engine without adequate validation allowing attackers to execute arbitrary code.

RCE N A Code Injection
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.5%
CVE-2026-20266 CRITICAL Act Now

Authenticated command injection in Splunk AI Toolkit versions below 5.7.4 allows a user with the Splunk admin role to execute arbitrary OS commands on the underlying Splunk Enterprise host. The flaw lives in the btool configuration helper, which builds shell command strings from dynamic parameters with shell interpretation enabled. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Command Injection Splunk Splunk Ai Toolkit
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2026-24611 CRITICAL Act Now

Unauthenticated broken access control in WPMET MetForm Pro WordPress plugin versions 3.9.1 and earlier allows remote attackers to access protected functionality without credentials, with CVSS 9.1 reflecting high confidentiality and availability impact. Reported by Patchstack, the flaw stems from missing authorization (CWE-862) on plugin endpoints, and no public exploit identified at time of analysis.

Authentication Bypass Metform Pro
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2026-52705 CRITICAL Act Now

Unauthenticated arbitrary file upload in the SigmaForms Pro - AI Generated Forms WordPress plugin (versions <= 1.4.5) allows remote attackers to upload files of their choosing to the underlying web server, enabling webshell deployment and full site takeover. The flaw was disclosed by Patchstack and carries a CVSS 3.1 score of 9.0 with scope change, indicating impact beyond the vulnerable component. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

File Upload Sigmaforms Pro Ai Generated Forms
NVD
CVSS 3.1
9.0
EPSS
0.3%
CVE-2026-32966 CRITICAL PATCH GHSA Act Now

Missing authorization check in the Apache DolphinScheduler DataSource API exposes arbitrary data source metadata to users who lack permission to view it, affecting all versions before 3.4.2. Authenticated users with low-privilege access can query the DataSource API and retrieve connection metadata - such as hostnames, ports, database names, and usernames - belonging to data sources they are not authorized to access. No public exploit or active exploitation has been identified at time of analysis, and the Apache Software Foundation has rated this moderate severity, consistent with a confidentiality-only impact against an internal platform.

Apache Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-59872 CRITICAL Act Now

Unrestricted file upload in HCL ZIE for Web (Z and I Emulator) version 16.0 allows remote attackers to upload a web shell that can yield arbitrary command execution on the server, but only when the server is configured to execute uploaded code and the file lands inside the Webroot. The CVSS 3.1 base score is 9.8, yet CISA's SSVC framework rates exploitation as 'none' and not automatable with only partial technical impact, and EPSS sits at just 0.34% (26th percentile). No public exploit is identified at time of analysis and the issue is not listed in CISA KEV.

File Upload Information Disclosure RCE Zie
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-47340 CRITICAL PATCH Act Now

Incorrect authorization in Apache DolphinScheduler before 3.4.2 allows authenticated users to read alert instances belonging to alert groups outside their assigned permissions. The API component (org.apache.dolphinscheduler:dolphinscheduler-api) fails to enforce permission boundaries between alert groups and their associated alert instances, constituting a broken access control flaw. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the moderate severity rating reflects the authentication prerequisite and limited confidentiality impact.

Apache Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-42357 CRITICAL PATCH Act Now

Incorrect Authorization in Apache DolphinScheduler's API layer exposes workflow instance data across project boundaries to authenticated users who lack the required project permissions. All versions prior to 3.4.2 of the org.apache.dolphinscheduler:dolphinscheduler-api component are affected, with the vendor recommending immediate upgrade to 3.4.2. No public exploit has been identified and the vulnerability is not listed in CISA KEV; real-world risk is concentrated in multi-tenant deployments where project isolation is the primary access control boundary.

Apache Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-32967 CRITICAL PATCH GHSA Act Now

Incorrect Authorization in Apache DolphinScheduler's experimental `/v2` API interface permits authenticated users to invoke privileged operations without undergoing permission validation. All releases of the `dolphinscheduler-api` module prior to 3.4.2 are affected. An attacker with a valid account can bypass role-based access controls enforced on the stable API surface by routing requests through the unguarded `/v2` endpoint, potentially performing administrative workflow, datasource, or tenant operations beyond their granted privilege level. No public exploit code or CISA KEV listing has been identified at time of analysis.

Apache Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-49050 CRITICAL Act Now

Privilege escalation in Apache DolphinScheduler before 3.4.2 allows any authenticated general user to mint admin-level access tokens by calling the /access-tokens API endpoint directly, bypassing role-enforcement logic. This effectively grants full administrative control over the workflow scheduling platform to any low-privilege account holder. No public exploit has been identified at time of analysis, but the simplicity of the attack surface - a direct API call - makes this a high-priority remediation target for any multi-tenant or enterprise DolphinScheduler deployment.

Apache Information Disclosure
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy