LDAP injection in Apache Shiro's DefaultLdapRealm allows remote unauthenticated attackers to manipulate Distinguished Name construction during LDAP bind authentication, potentially bypassing authentication or impersonating other users. The flaw affects all versions through 2.2.0 and 3.0.0-alpha-1 when DefaultLdapRealm is in use, with no public exploit identified at time of analysis. The CVSS 4.0 score of 8.8 reflects high integrity impact against an authentication-critical component.
Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Authentication bypass in Tinyproxy through 1.11.3 lets unauthenticated remote attackers reach the internal statistics page and smuggle transparent-proxy requests by forging or port-manipulating the HTTP Host header, because stathost detection used a brittle strcmp against the configured hostname. The flaw is a CWE-444 request-interpretation inconsistency reported by VulnCheck; no public exploit identified at time of analysis, though the upstream fix (commit 09312a1) and a detailed PR diff are publicly available, making a working PoC trivial to reconstruct.
Missing authentication on a critical function in Dell PowerFlex Manager allows an adjacent-network attacker to invoke privileged operations without credentials, yielding code execution, denial of service, information disclosure, tampering, and unauthorized access. No public exploit identified at time of analysis, and the affected version range was not populated in the source advisory placeholder. Dell self-reported the issue under DSA-2026-066.
Heap corruption in Google Chrome's Digital Credentials component (versions prior to 149.0.7827.155) allows remote attackers to trigger a use-after-free condition by enticing a user to visit a crafted HTML page, potentially leading to arbitrary code execution within the renderer process. Chromium rates this issue as Critical severity, and Google has released a patched stable-channel build; no public exploit identified at time of analysis and EPSS sits at 0.31% (23rd percentile), indicating low predicted near-term exploitation pressure despite the high CVSS of 8.8.
Use after free in Downloads in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Remote denial of service and partial data exposure in RTI Connext Professional's Web Integration Service results from a classic buffer overflow (CWE-120) reachable over the network without authentication. Versions 7.4.0 before 7.x, 7.0.0 before 7.3.1.3, and 6.1.2 before 6.1.x are vulnerable, and no public exploit identified at time of analysis. The CVSS 4.0 score of 8.8 reflects high availability impact with low confidentiality and integrity impact, consistent with a filter-failure overflow that crashes the service rather than yielding full code execution.
Remote information disclosure and denial of service in RTI Connext Micro core libraries (versions 4.0.0 through 4.2.x) allow unauthenticated network attackers to trigger an integer underflow that results in an out-of-bounds buffer overread. Exploitation requires no authentication or user interaction and can leak sensitive memory contents while potentially crashing the affected process. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Out-of-bounds read in RTI Connext Micro Core Libraries (versions 4.0.0 up to but not including 4.3.0) allows remote unauthenticated attackers to read beyond allocated buffer boundaries, leading to limited information disclosure and a high availability impact (likely process crash of the DDS middleware). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV. The CVSS 4.0 base score of 8.8 reflects network reachability of the DDS protocol stack with no privileges or user interaction required.
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)
Cross-origin request misrouting in undici's Socks5ProxyAgent (introduced in 7.23.0, affecting all releases through 8.1.0) causes the library to reuse a single SOCKS5 connection pool bound to the first-seen origin for every subsequent origin, so credentials and request bodies destined for origin B are silently sent to and trusted from origin A, and HTTPS targets may be downgraded to HTTP. Any Node.js application using Socks5ProxyAgent (directly or via setGlobalDispatcher) that contacts more than one origin is exposed. No public exploit identified at time of analysis; CISA SSVC records exploitation as none and EPSS is very low (0.15%, 4th percentile), but the GHSA advisory ships a regression test demonstrating the misrouting.
DNS rebinding in NousResearch Hermes Agent prior to 0.16.0 allows remote attackers to reach privileged local WebSocket endpoints (/api/pty, /api/ws, /api/pub, /api/events) by tricking a victim's browser into resolving an attacker-controlled hostname to the agent's loopback address, bypassing Host and Origin checks. Because FastAPI HTTP middleware does not run on WebSocket upgrade requests, the validation layer is silently skipped, letting attackers inject commands into the PTY or stream terminal output. No public exploit has been identified at time of analysis, but VulnCheck reported the issue and an upstream patch is available.
Stack-based buffer overflow in rxi microtar 0.1.0 allows remote attackers to crash or potentially execute arbitrary code in applications that parse attacker-supplied TAR archives. The flaw lies in raw_to_header() (src/microtar.c:112), which uses strcpy() on fixed-width 100-byte ustar name/linkname fields that are not guaranteed to be null-terminated, enabling a 356-byte out-of-bounds read confirmed via AddressSanitizer. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
PHP Object Injection in the Entrepreneur - Booking for Small Businesses WordPress theme through version 3.1.3 allows authenticated subscriber-level users to trigger unsafe deserialization, potentially leading to full site compromise. The flaw was disclosed via Patchstack and carries a CVSS 3.1 base score of 8.8 reflecting high impact on confidentiality, integrity, and availability. No public exploit identified at time of analysis.
Privilege escalation in the Falang Multilanguage WordPress plugin (versions <= 1.4.2) allows authenticated low-privileged users (Subscriber role) to elevate their permissions on affected sites. The flaw is rooted in improper privilege management (CWE-266) and carries a CVSS 3.1 score of 8.8 with high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Authentication bypass in the PowerPack Pro for Elementor WordPress plugin (versions prior to 2.13.0) allows remote attackers to subvert authentication controls and gain unauthorized access with high impact to confidentiality, integrity, and availability. The flaw, reported by Patchstack and tracked as CVE-2026-42629, is classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel) and requires user interaction per the CVSS vector. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Cross-Site Request Forgery in PremiumPress WordPress Dating Theme versions 11.2.0 and earlier allows remote attackers to coerce authenticated victims into performing unintended state-changing actions, with Patchstack documenting an account takeover path. The CVSS 8.8 rating reflects high impact on confidentiality, integrity, and availability when a targeted user is tricked into visiting attacker-controlled content. No public exploit identified at time of analysis and the theme has not been listed in CISA KEV.
Privilege escalation in the Genemy WordPress theme versions 1.6.6 and earlier allows authenticated subscriber-level users to elevate their privileges to higher roles, gaining administrative control over affected WordPress sites. The flaw, reported by Patchstack and tracked under CWE-266 (Incorrect Privilege Assignment), affects all installations using the jthemes Genemy theme up to and including 1.6.6, and no public exploit identified at time of analysis. Given the low attack complexity and minimal authentication requirement (any subscriber account), this represents a high-impact issue for any WordPress site running the affected theme with open user registration.
Privilege escalation in the Sonaar WordPress theme through version 4.27.4 allows an authenticated low-privileged user (Subscriber role) to elevate their permissions, gaining administrative control over the WordPress site. The flaw is categorized as CWE-266 (Incorrect Privilege Assignment) and was disclosed via Patchstack; no public exploit identified at time of analysis, but the low attacker prerequisites (any Subscriber account, which is often self-registerable on WordPress sites) make this a meaningful risk for affected installations.
Privilege escalation in the Contest Gallery WordPress plugin (versions ≤ 30.0.2) allows authenticated Contributor/Author-level users to overwrite the stored RegistryUserRole option to 'administrator', causing newly registered Google sign-in accounts to be promoted to Administrator. The flaw was disclosed by Wordfence and stems from a missing capability check in the option-saving handler; no public exploit identified at time of analysis.
Security check bypass in PickleScan versions before 0.0.33 allows attackers to smuggle arbitrary code execution payloads past the scanner by invoking the pty.spawn function, which was omitted from the unsafe globals deny-list. Publicly available exploit code exists (released as part of the HeroCTF 2025 'Irreductible 2' challenge writeup), and the flaw is particularly impactful for platforms like Hugging Face and other ML pipelines that rely on PickleScan to vet PyTorch model files. No public exploit identified at time of analysis in CISA KEV.
Stored cross-site scripting in Gitea 1.25.x affects the built-in 3D file viewer (Online3DViewer integration) where a crafted .gltf file with an unsupported extension name in extensionsRequired is rendered into the DOM via innerHTML without sanitization. Any low-privileged user who can push a file to a repository (including a public fork) can compromise the session of any user who later views the file, enabling token theft and full account takeover. Publicly available exploit code exists (a working PoC is included in the GHSA-9cpj-qc93-vw8v advisory); no public exploit identified at time of analysis in CISA KEV.
XML External Entity injection in the HAPI FHIR core library (Maven ca.uhn.hapi.fhir:org.hl7.fhir.utilities, versions <= 6.9.9) lets an attacker who controls or MITMs XML routed through XsltUtilities.saxonTransform(...) read local files and perform blind XXE/SSRF. The three saxonTransform overloads instantiate a bare net.sf.saxon.TransformerFactoryImpl that resolves external general and parameter entities, unlike the co-located transform() siblings that use the project's hardened XXE-protected factory. Publicly available exploit code exists (a full end-to-end PoC accompanies the GitHub advisory), though there is no public exploit identified as actively used in the wild.
Sandbox escape via prototype pollution in ThingsBoard (versions prior to v4.3.1.2) allows a TENANT_ADMIN-authenticated user to achieve arbitrary code execution within the tb-js-executor sandboxed JavaScript context. The flaw lets a rule-chain script reach the host realm through the `args.constructor.constructor` chain (e.g., synthesizing a Function that returns `process`), defeating the intended VM isolation. No public exploit identified at time of analysis, though the upstream regression test in PR #15600 effectively documents the escape technique.
Twig sandbox bypass in Pimcore CMS/DXP 12.3.8 lets authenticated administrators escape the template sandbox by abusing empty checkMethodAllowed() and checkPropertyAllowed() implementations, enabling arbitrary method calls on internal PHP objects such as the DAO layer, Doctrine DBAL Connection, and PDO. Exploitation goes through a malicious Twig template injected via the DataObject ClassDefinition Layout\Text component and can lead to arbitrary file reads, arbitrary SQL execution, and potential remote code execution via PHP object gadget chains; the pimcore_* function wildcard broadens the bypass to every Pimcore Twig function. No public exploit identified at time of analysis, but VulnCheck has published an advisory describing the technique.
Arbitrary file read in picklescan versions before 0.0.35 allows remote unauthenticated attackers to exfiltrate sensitive server files by abusing standard-library callables that the tool's RCE-focused blocklist fails to detect. By chaining io.FileIO and urllib.request.urlopen inside a malicious pickle, an attacker can stream contents of files such as /etc/passwd to an attacker-controlled URL when the scanner processes untrusted model artifacts. Publicly available exploit code exists in the GHSA advisory, but there is no public exploit identified at time of analysis in the form of in-the-wild abuse.
Cross-profile authorization bypass in Hermes WebUI before 0.51.368 allows authenticated users to access sessions, files, and resources belonging to other profiles by forging the hermes_profile cookie. The flaw lives in get_profile_cookie(), which trusted attacker-supplied profile names without binding them to the authenticated session. VulnCheck reported the issue and an upstream patch is available; no public exploit identified at time of analysis.
Configuration injection in F5 NGINX Gateway Fabric lets an authenticated Kubernetes user who can create or modify NginxProxy or AuthenticationFilter Custom Resources inject arbitrary NGINX directives into generated data-plane configuration. The flaw lives in the control-plane config generator, which renders the serverTokens and extraAuthArgs fields into NGINX templates without escaping, so any tenant holding RBAC rights over these CRDs can rewrite the NGINX Plus config that gets deployed. There is no public exploit identified at time of analysis and EPSS is low (0.36%), but SSVC rates the technical impact as total.
Configuration injection in F5 NGINX Gateway Fabric allows an authenticated Kubernetes user with permission to create or modify NginxProxy Custom Resource Definitions to inject arbitrary NGINX directives into generated configuration files via the unsanitized access log format setting. The flaw resides in the control plane configuration generator and affects deployments using NGINX Plus or NGINX Open Source as the data plane. There is no public exploit identified at time of analysis, and CVSS 4.0 rates the impact at 8.6 (High) driven by high confidentiality and integrity loss on the vulnerable system.
Path traversal in EMV JobCareer WordPress theme versions up to and including 7.3 allows remote unauthenticated attackers to delete arbitrary files outside the intended directory, leading to high availability impact with scope change. Reported by Patchstack and tracked under CWE-22, this flaw carries a CVSS 3.1 score of 8.6, though no public exploit identified at time of analysis. The Patchstack advisory characterizes this as an arbitrary file deletion vulnerability rather than a read primitive.
Unauthenticated arbitrary file deletion in the OvaTheme BookPro WordPress plugin (versions ≤ 1.1.0) allows remote attackers to delete arbitrary files from the underlying server via a path traversal flaw (CWE-22). Deletion of critical files such as wp-config.php can force a WordPress site into the setup state, enabling site takeover, while the scope-changed CVSS 3.1 score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/A:H) and Patchstack disclosure mark this as a high-priority issue despite no public exploit being identified at time of analysis.
Unauthenticated broken access control in PremiumPress WordPress Dating Theme through version 11.2.0 allows remote attackers to reach restricted functionality without credentials, resulting in high confidentiality impact and limited integrity and availability impact. The flaw was disclosed via Patchstack and currently has no public exploit identified at time of analysis, but the network-reachable, no-interaction vector (AV:N/AC:L/PR:N/UI:N) makes opportunistic abuse against exposed sites realistic. No CISA KEV listing or EPSS score is provided in the input.
Server-side request forgery in Open WebUI versions 0.9.5 and earlier allows authenticated OAuth users to read arbitrary internal HTTP responses by abusing the `_process_picture_url` function in `backend/open_webui/utils/oauth.py`, which validates only the initial URL and then permits aiohttp's default 10-redirect follow chain to reach internal addresses. The decoded response body is stored in the attacker's `profile_image_url` and retrievable via `GET /api/v1/auths/`, yielding cloud metadata credentials and access to localhost-bound services. Publicly available exploit code exists (detailed sentinel-verified PoC supplied by the reporter); no public exploit identified at time of analysis in the form of weaponized tooling, and the CVE is not on the CISA KEV list.
Blind SQL injection in Brainstorm Force SureDash WordPress plugin versions up to and including 1.8.0 allows authenticated low-privileged attackers to inject arbitrary SQL commands through unsanitized input. The scope-changed CVSS 8.5 score reflects that exploitation can impact resources beyond the vulnerable component, exposing sensitive WordPress database contents to remote attackers. No public exploit identified at time of analysis.
Blind SQL injection in VeronaLabs Slimstat Analytics WordPress plugin through version 5.4.11 allows authenticated low-privileged users to inject SQL commands via improperly neutralized input. The CVSS 8.5 score reflects scope change (S:C) impacting the broader WordPress database beyond the plugin context, with high confidentiality impact and partial availability impact. No public exploit identified at time of analysis, but the WordPress plugin ecosystem and Patchstack reporting suggest discovery through standard SQLi testing.
SQL injection in the Cornerstone WordPress plugin (Themeco) versions prior to 7.8.8 allows authenticated users with Subscriber-level access to inject SQL into backend queries. Per the CVSS vector (PR:L, scope changed, C:H), a low-privileged WordPress account can read sensitive database contents - including credentials and PII - across security boundaries, with limited availability impact and no integrity impact. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
SQL injection in the Geo Mashup WordPress plugin (versions <= 1.13.19) allows authenticated users with Subscriber-level privileges to inject arbitrary SQL queries via unsanitized input, leading to confidentiality compromise and limited availability impact across other WordPress components. No public exploit identified at time of analysis, but the low privilege barrier (any registered subscriber) on a widely-deployed plugin class makes this a meaningful risk for WordPress sites with open registration. The Scope:Changed CVSS metric indicates the SQL injection can affect resources beyond the plugin's own security authority.
SQL injection in the WooCommerce Frontend Manager - Ultimate WordPress plugin (versions prior to 6.7.7) allows authenticated subscriber-level users to inject SQL via plugin-handled input, exposing database contents and enabling limited data tampering on affected WooCommerce sites. The CVSS 8.5 rating reflects a scope change reaching the underlying database with high confidentiality impact. No public exploit identified at time of analysis.
SQL injection in the Events Schedule - WordPress Events Calendar plugin (versions <= 2.7.2) by CurlyThemes allows authenticated users with Subscriber-level privileges to inject arbitrary SQL into backend database queries. Because the CVSS scope is Changed with high confidentiality impact, a successful attacker can read data beyond the plugin's intended boundary, potentially exfiltrating WordPress user hashes and site secrets. No public exploit identified at time of analysis, and the issue is reported by Patchstack.
In JazzCore python-pdfkit 1.0.0, the from_string method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files.
Command injection in the AWS Bedrock AgentCore Python SDK (versions >= 1.1.3, < 1.6.1) allows remote authenticated users to execute arbitrary commands within the Code Interpreter sandbox by supplying crafted package name arguments to the install_packages() method. The flaw stems from improper neutralization of argument delimiters (CWE-88), letting attacker-controlled strings break out of the intended pip-install argument context. No public exploit identified at time of analysis, but a vendor patch and advisory are available from AWS.
Local privilege escalation in Quanos SCHEMA ST4 on-premises allows low-privileged authenticated Windows users to obtain SYSTEM-level code execution by abusing the Client Update Service. The service exposes a .NET Remoting endpoint over a named pipe with missing authorization checks (CWE-862), letting any local user invoke privileged Update() methods that perform arbitrary file write/delete as NT AUTHORITY\SYSTEM. No public exploit identified at time of analysis, but technical details were disclosed by SEC Consult (SEC-VLab).
Local privilege escalation in Quanos SCHEMA ST4 on-premises allows an authenticated local user to gain NT AUTHORITY\SYSTEM by abusing insecure .NET Remoting deserialization in the Client Update Service. The endpoint, reachable through a local named pipe with TypeFilterLevel.Full, accepts attacker-controlled serialized objects and yields arbitrary code execution in the update process context. No public exploit identified at time of analysis, though a SEC-Consult/SEC-VLab advisory documents the issue.
Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.3.8. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.