Unbounded memory allocation in KubeVirt's downward metrics virtio-serial server within Red Hat OpenShift Virtualization 4 allows a local VM guest user to exhaust host-side memory. The virt-handler process - which runs on the Kubernetes node and manages VM lifecycle - uses textproto.Reader.ReadLine() with no read deadline or buffer cap, so a continuous byte stream from the guest causes virt-handler to allocate memory without bound until the Linux OOM killer terminates it. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis; the CVSS score of 3.8 reflects low severity but the scope-change flag (S:C) correctly captures that the disruption crosses the guest boundary to a privileged host process.
Markdown image rendering restrictions in Mattermost are bypassed specifically for AI bot tool result posts, enabling authenticated attackers to exfiltrate data to attacker-controlled infrastructure. Affected are Mattermost versions 10.11.x through 10.11.18, 11.5.x through 11.5.6, and 11.6.x through 11.6.3. When a victim's client renders an AI bot tool result post containing injected markdown image syntax, the client issues an outbound request to the attacker's server, leaking request metadata such as session tokens or channel context. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog at time of analysis.
Incorrect authorization in Statamic CMS's Live Preview endpoint allows authenticated Control Panel users with view-only permissions to submit and render arbitrary field values they are not authorized to edit. By exploiting this flaw, a restricted user can generate a shareable Live Preview URL that displays unauthorized content as if authored through legitimate editorial workflow. No public exploit code or active exploitation has been identified; this is a low-severity integrity issue confirmed patched by the vendor in versions 5.74.0 and 6.20.3.
DNS rebinding SSRF in Aimeos Pagible CMS's administrative proxy route (`cmsproxy`) exploits a TOCTOU race condition between URL validation and HTTP request execution to bypass private-IP blocklists. Authenticated attackers with basic CMS access who control a TTL=0 DNS server can cause the application to fetch cloud metadata endpoints such as the AWS Instance Metadata Service (169.254.169.254), potentially returning IAM credentials to the attacker. A detailed, step-by-step proof-of-concept is publicly available via GitHub Advisory GHSA-mmj8-wcvw-6789; no active exploitation is confirmed in CISA KEV at time of analysis.
Memory exhaustion via decompression bomb in fluent-plugin-s3's `in_s3` input plugin enables an attacker with S3 bucket write access to crash the Fluentd log collection process. Versions 0.7.0 through 1.8.4 decompress gzip, lzma2, and lzop files from S3 into memory with no size cap, allowing a crafted high-ratio compressed payload to trigger an OS OOM kill and disrupt all log ingestion on the affected node. No public exploit has been identified at time of analysis, and the CVSS PR:H requirement tightly constrains real-world exploitability.
RESP protocol injection in Dragonfly's EvalSerializer allows an authenticated low-privilege user to embed raw CRLF sequences inside Lua redis.error_reply() and redis.status_reply() return values, causing response stream desynchronization for connection-pool clients. All Dragonfly releases prior to 1.39.9 are affected; the vulnerability is confirmed fixed in 1.39.9 per GitHub security advisory GHSA-h77h-c6hc-qc9h. No public exploit has been identified at time of analysis, and exploitation requires authenticated access plus a connection-pooling client architecture, substantially limiting real-world risk.
Server-Side Request Forgery in HTMLy 3.1.1 allows authenticated administrators to coerce the server into issuing arbitrary outbound HTTP or local filesystem requests via the RSS feed import feature. The vulnerable `get_feed()` function at `system/admin/admin.php` lines 1549-1551 passes the admin-supplied URL directly to PHP's `file_get_contents()` with no scheme filtering or allowlist validation, enabling access to cloud metadata endpoints (e.g., 169.254.169.254), internal network services, or local files via `file://` wrappers. No public exploit or CISA KEV listing exists at time of analysis; the CVSS 4.0 score of 2.1 reflects the high privilege prerequisite and limited confidentiality impact.
An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input,. Rated low severity (CVSS 1.8). No vendor patch available.
Output manipulation in flawfinder before version 2.0.20 allows an attacker who controls repository filenames or file content to inject ANSI escape sequences into terminal output, visually hiding or falsifying scan results from human reviewers. The same untrusted-input handling gap extends to structured report generation: CSV reports and SonarQube XML output (via the output_sonar() function) can be corrupted or attribute-injected when filenames, categories, or code context contain unescaped special characters. No public exploit code is identified and the vulnerability is not in CISA KEV; however, the defense-evasion potential is meaningful for organizations running flawfinder against untrusted or adversarial repositories in CI/CD pipelines. The 'RCE' tag present in the intelligence metadata is not supported by the advisory and appears to be a mis-classification.
Nil pointer dereference in the Incus daemon (incusd) `CreateCustomVolumeFromBackup` function crashes the entire daemon process when a crafted backup tarball omits the `expires_at` field on any volume snapshot entry. Any authenticated user holding the `can_create_storage_volumes` entitlement on any project - below the admin tier - can trigger this with a single POST to the storage backup import endpoint, making it a persistent denial-of-service against all container, VM, and storage operations on the affected host or cluster member. A proof-of-concept exploit (479-byte tarball, confirmed against Incus 7.0.0) was bundled with the advisory; no public exploit identified at time of analysis beyond the reporter-supplied PoC. Fix is available in 7.1.0.
Nil-pointer dereference in Incus daemon (incusd) v7.0.0 allows any authenticated user holding the low-privilege `can_create_instances` permission to crash the entire incusd process with a single crafted HTTP request. The flaw resides in `createDependentVolumesFromBackup` (backend.go:9352-9412), where a prior partial fix (commit d768f81c) guarded only the outer loop variable but left three inner sub-fields - `disk.Volume`, `disk.Pool`, and `disk.VolumeSnapshots[i]` - unguarded against nil; an uploaded backup tarball with a null snapshot entry or omitted volume/pool block triggers a Go panic, taking down all container and VM operations on the host. No public exploit identified at time of analysis per CISA KEV, though a working 666-byte proof-of-concept tarball is publicly bundled with the report and was confirmed against the production 7.0.0 release.