W3 Total Cache for WordPress (versions through 2.9.1) exposes Author-role users to administrative plugin functions due to missing authorization checks (CWE-862), enabling unintended read, write, and availability impacts against the caching layer. The CVSS vector confirms a network-accessible, low-complexity exploit requiring Author-level authentication (PR:H), with low but confirmed impact across all three CIA dimensions. No public exploit code or active exploitation via CISA KEV has been identified at the time of analysis.
Implicit execution of untrusted repository-controlled TypeScript/JavaScript extensions in Pi coding agent (npm package @earendil-works/pi-coding-agent) before 0.79.0 allows an attacker who controls a repository to execute arbitrary code with the victim user's full process privileges. Pi's startup path auto-loaded project-local extensions from a repository's .pi directory - including executable TypeScript/JavaScript modules - without any trust gate or user prompt, meaning a developer who cloned and ran Pi in a malicious repository would silently execute attacker-supplied extension code. No public exploit has been identified at time of analysis and this CVE is not listed in CISA KEV, but the attack class (supply-chain / repository-as-malware-delivery) is highly relevant to developer tooling security.
Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Sibling-prefix path traversal in open-webui 0.9.5 and earlier allows any authenticated user to read arbitrary files from directories adjacent to the configured cache directory, provided those directories share the string prefix 'cache' (e.g., cache_backup, cached_models). The flaw exists in serve_cache_file() at main.py:2914, where a missing trailing path separator in the startswith boundary check causes os.path.abspath() to validate resolved sibling paths as if they were within the cache root. Publicly available exploit code exists in the GHSA advisory (PoC confirmed against open-webui 0.9.5 via raw ASGI delivery); no confirmed active exploitation (not in CISA KEV) at time of analysis.
Broken Object Level Authorization in Open WebUI's `search_knowledge_files` builtin tool (versions ≤ 0.9.5) allows any authenticated user to enumerate file metadata from private or restricted knowledge bases they do not own or have permission to access. By sending a crafted chat completion request with native function calling enabled and supplying an arbitrary `knowledge_id`, an attacker bypasses the `AccessGrants` permission model entirely, receiving file IDs, filenames, knowledge base names, and timestamps. No KEV listing exists at time of analysis, but a detailed proof-of-concept with full reproduction steps is publicly documented in GitHub Security Advisory GHSA-cx9v-4qj2-jrw6, and a vendor-released patch is available in version 0.9.6.
Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels.3.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
: Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels.8.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Open redirect in the browser-based Cisco Webex App allowed unauthenticated remote attackers to redirect users to attacker-controlled websites by crafting malicious URLs with manipulated parameters. The vulnerability (CWE-601) stems from improper input validation of URL parameters in HTTP requests and scores CVSS 4.3 Medium (AV:N/AC:L/PR:N/UI:R). Cisco has fully remediated this server-side with no customer action required; no public exploit or CISA KEV listing exists at time of analysis.
Outbound SSRF-class data exfiltration in Splunk AI Toolkit versions below 5.7.4 allows any low-privileged authenticated Splunk user - without admin or power roles - to redirect the AI agent's HTTP request mechanism to an attacker-controlled server. The root cause is an insecure default domain allowlist shipped with the toolkit that places no restrictions on which external domains the AI agent may contact. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, but the low privilege barrier makes it broadly relevant in enterprise Splunk deployments with many standard users.
Insufficient authorization in the Katello ContentUploadsController within Red Hat Satellite 6 permits authenticated users holding only the edit_products permission to query content metadata for repositories belonging to products they have no rights to manage. The flaw, rooted in a missing ActiveRecord scope on repository lookup, allows cross-product content-existence enumeration via the content-upload API - but explicitly does not permit modification, import, or publication of content. No public exploit exists and the vulnerability is not listed in CISA KEV; risk is bounded by the authentication requirement and the limited read-only impact.
Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels.7.11. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
{event_id}/update` endpoint validates write access only on the source calendar, silently omitting the destination `calendar_id` authorization check that `create_event` correctly enforces - a classic IDOR pattern. A verified public proof-of-concept exists against v0.9.4 (the official Docker image); the fix is available in v0.9.6. No CISA KEV listing was present in the input data, so widespread in-the-wild exploitation is unconfirmed.
Process-terminating denial of service in Deno's WebSocket client (versions <= 2.7.4) allows any server - or a network man-in-the-middle on an unencrypted ws:// connection - to crash a Deno application by returning non-visible-ASCII bytes (0x80-0xFF) in the Sec-WebSocket-Protocol or Sec-WebSocket-Extensions handshake response headers. The root cause is an unhandled Rust panic in the HTTP upgrade path: HeaderValue::to_str() returns an error for out-of-range bytes, and that error path was not caught, causing the entire Deno process to abort. No public exploit has been identified at time of analysis and this is not listed in the CISA KEV catalog; impact is strictly availability - the advisory explicitly states there is no information disclosure or memory-safety consequence.
Missing Authorization vulnerability in Jegstudio Startupzy startupzy allows Exploiting Incorrectly Configured Access Control Security Levels.1.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site request forgery (CSRF) vulnerability in Extend Themes Skyline WP allows Cross Site Request Forgery.0.10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Broken Access Control in Bricks Builder for WordPress (versions up to and including 2.1.4) allows subscriber-level authenticated users to perform actions that should be restricted to higher-privilege roles such as editor or administrator. Rooted in CWE-862 (Missing Authorization), the flaw means certain builder endpoints or AJAX actions execute without verifying whether the requesting user holds sufficient capabilities. No public exploit code identified at time of analysis, and this CVE is not listed in CISA KEV; however, the low authentication barrier (any registered subscriber) on sites with open registration increases realistic exposure.
Broken Access Control in MetForm Pro WordPress plugin (versions <= 3.9.1) permits subscriber-level authenticated users to perform actions restricted to higher-privileged roles, resulting in unauthorized low-level integrity modifications. The flaw stems from missing authorization checks (CWE-862) on one or more plugin endpoints or AJAX handlers accessible to the lowest standard WordPress role. No active exploitation has been confirmed by CISA KEV, and no public exploit code has been identified at time of analysis, but the low attack complexity and network accessibility make this exploitable by any user with a valid WordPress subscriber account on an affected site.
Broken access control in WishList Member X WordPress plugin (versions ≤ 3.29.0) permits authenticated subscriber-level users to access membership-restricted content without holding the required membership tier. Rooted in CWE-862 (Missing Authorization), the plugin fails to enforce authorization checks on protected content access paths, exposing paid or restricted resources to the lowest WordPress authenticated role. No public exploit has been identified at time of analysis, and this vulnerability has not been added to the CISA KEV catalog.
In multiple functions of btm_sec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. (Chromium security severity: High)
Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. (Chromium security severity: High)
SameSite attribute parsing in undici's cookie implementation uses substring matching instead of the case-insensitive exact match required by RFC 6265, enabling a malicious or non-compliant upstream server to silently downgrade a cookie's SameSite enforcement to a more permissive value. All undici installations from v5.15.0 onward through the unpatched release branches are affected when consuming Set-Cookie headers via undici's fetch or proxy code paths and forwarding or relying on the parsed sameSite attribute. No public exploit has been identified and no CISA KEV listing exists at time of analysis; however, the integrity impact is concrete in architectures where SameSite policy enforcement is delegated to the parsed cookie attribute.
Response queue poisoning in Undici's HTTP/1.1 client allows an attacker-controlled or compromised upstream server to inject unsolicited HTTP responses onto idle keep-alive sockets, causing subsequent outbound requests to receive falsified responses. All Undici versions across the v6, v7, and v8 branches prior to the patched releases are affected when keep-alive connection reuse is active (the default). While the CVSS score is low (3.7) and no public exploit or KEV listing exists, the integrity impact can carry significant business logic consequences in applications that proxy requests through third-party or partially trusted upstream servers.
In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Out-of-bounds write in snes9x 1.63's UPS patch file parser allows a crafted .ups ROM patch file to trigger memory corruption and a denial-of-service crash. The flaw resides in the ReadUPSPatch loop in memmap.cpp, where the loop iterator `relative` was not bounded against CMemory::MAX_ROM_SIZE, permitting writes past the end of the allocated ROM buffer. Impact is limited to availability (crash) per the CVSS vector, though the underlying CWE-787 out-of-bounds write class carries broader memory-safety implications. No public exploit identified at time of analysis, and CVSS rates this Low (2.9) due to local attack vector and high complexity.
Credential disclosure in Pi coding agent affects all versions of @mariozechner/pi-coding-agent (>=0.28.0, <=0.73.1) and @earendil-works/pi-coding-agent (>=0.74.0, <0.78.1) due to a TOCTOU race condition in auth.json file writes. The credential storage code wrote auth.json with umask-inherited permissions and only subsequently tightened the mode to owner-only, leaving a brief window in which a local user with directory traverse access could read API keys, OAuth access tokens, and OAuth refresh tokens. This is not remotely exploitable; no public exploit identified at time of analysis, and the vendor CVSS of 2.2 reflects the strict local and timing prerequisites.
Steeltoe.Configuration.Encryption 4.0.0 through 4.1.0 silently downgrades RSA encryption from OAEP to PKCS#1 v1.5 when operators explicitly configure `encrypt:rsa:algorithm=OAEP`. The root cause is an incorrect BouncyCastle transformation string in `RsaKeyStoreDecryptor.cs` - the `OAEP` branch passed `"RSA/ECB/PKCS1"` to `CipherUtilities.GetCipher()` instead of the correct `"RSA/NONE/OAEPWithSHA1AndMGF1Padding"`, meaning both the `OAEP` and `DEFAULT` settings silently selected the same weaker algorithm. No public exploit is identified at time of analysis, and CVSS scores this at 1.9 (Low) given the high-privilege local attack vector; however, the security consequence is a cryptographic guarantee failure that exposes encrypted configuration secrets to Bleichenbacher-class padding oracle attacks that OAEP was chosen to prevent.
Privilege escalation in Apache DolphinScheduler before 3.4.2 allows any authenticated general user to mint admin-level access tokens by calling the /access-tokens API endpoint directly, bypassing role-enforcement logic. This effectively grants full administrative control over the workflow scheduling platform to any low-privilege account holder. No public exploit has been identified at time of analysis, but the simplicity of the attack surface - a direct API call - makes this a high-priority remediation target for any multi-tenant or enterprise DolphinScheduler deployment.
Denial of service in libtiff v4.7.1 and prior allows processing of a crafted TIFF file containing an abnormally large SamplesPerPixel tag value to crash or hang the affected process. Any application or service that passes attacker-controlled TIFF files through libtiff is potentially vulnerable, including web-based image processors, document converters, and media ingestion pipelines. No active exploitation has been confirmed by CISA KEV, and no public exploit code has been identified at the time of this analysis.