Skip to main content
CVE-2026-58053 CRITICAL POC PATCH Act Now

Container escape in Gitea act_runner (Docker backend, through act 0.262.0) lets an authenticated user with workflow-execution rights break out to the host as root even when privileged mode is disabled. The runner passes a workflow's container.options string straight into the Docker job container's HostConfig and only forces the Privileged flag off, leaving dangerous options like --pid=host, --cap-add, and --security-opt intact. Publicly available exploit code exists (reported by VulnCheck), though it is not listed in CISA KEV.

Privilege Escalation Gitea Docker Act Runner
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.3%
CVE-2026-58049 HIGH POC PATCH This Week

Out-of-bounds heap write in FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) allows attackers to corrupt memory when libavcodec decodes a crafted stream using the RASC FourCC. The decoder performs 32-bit reads/writes at the row cursor before the NEXT_LINE boundary check and validates DLTA regions in pixel rather than byte units, letting a DLTA run on a PAL8 frame write and read several bytes past the row allocation. Publicly available exploit code exists (reported by VulnCheck); no public active exploitation has been identified at time of analysis.

Memory Corruption Buffer Overflow Ffmpeg
NVD GitHub VulDB
CVSS 4.0
8.8
EPSS
0.3%
CVE-2026-58054 HIGH POC This Week

Privilege escalation in MyBB 1.8.40 lets a limited Admin Control Panel (ACP) user who holds only the delegated user-management permission promote any account into the Administrators usergroup (gid 4), gaining the full Administrator permission set. The flaw stems from the user module exposing the Administrators group as an assignable option while the datahandler's verify_usergroup() unconditionally returns true, performing no authorization check on the target group. Publicly available exploit code exists (VulnCheck), though the issue is not listed in CISA KEV and has no public evidence of active exploitation.

Privilege Escalation Mybb
NVD GitHub VulDB
CVSS 4.0
8.6
EPSS
0.3%
CVE-2026-58050 HIGH POC PATCH This Week

Heap buffer overflow in the libssh2 SSH client library (all versions through 1.11.1) lets a malicious or compromised SSH server corrupt memory in any connecting client on 32-bit platforms. The publickey subsystem reads an attacker-supplied 32-bit attribute count and multiplies it by the attribute structure size without bounds checking, so the allocation integer-overflows to an undersized buffer that the parsing loop then writes past. Publicly available exploit code exists; this is a CWE-190 integer overflow with no public exploit identified in CISA KEV, so it is not confirmed actively exploited.

Integer Overflow Buffer Overflow Libssh2
NVD GitHub VulDB
CVSS 4.0
8.3
EPSS
0.3%
CVE-2026-58051 HIGH POC PATCH This Week

Free of an uninitialized, attacker-influenceable pointer in libssh2 through 1.11.1 allows a malicious SSH server to corrupt memory in any connecting client that uses the publickey subsystem. The publickey list is grown via SSH2_REALLOC without zero-initializing new entries, so a server-induced parse failure that reaches the cleanup path causes libssh2_publickey_list_free to operate on an uninitialized attrs pointer. Publicly available exploit code exists (reported by VulnCheck); no public evidence of active exploitation, and it is not listed in CISA KEV.

Information Disclosure Libssh2
NVD GitHub VulDB
CVSS 4.0
8.3
EPSS
0.3%
CVE-2026-58056 HIGH POC This Week

Authorization scope bypass in RustDesk lets a peer holding only a FileTransfer authorization inject keyboard and mouse input and invoke the screenshot and display-capture handlers, escalating a limited file-transfer session into full interactive remote control and screen surveillance. The defect arises because RustDesk gates incoming control messages on per-capability flags that a file-transfer session never clears, rather than on the session's authorized connection type. Publicly available exploit code exists (reported by VulnCheck); no public active exploitation has been identified at time of analysis.

Authentication Bypass Rustdesk
NVD GitHub VulDB
CVSS 4.0
7.2
EPSS
0.2%
CVE-2026-58058 MEDIUM POC PATCH This Month

Out-of-bounds reads and a process crash in Nmap through 7.99 can be triggered remotely by any host that is being scanned, or by an on-path attacker, via a crafted IPv6 packet with a truncated extension header. The root cause is an integer underflow in the `ipv6_get_data_primitive` function (libnetutil/netutil.cc) where an insufficiently strict bounds check allows the extension-header walk pointer to advance past the captured packet buffer, causing the remaining-length subtraction to wraparound to a very large value. A publicly available exploit proof-of-concept exists; this vulnerability is not currently listed in the CISA KEV catalog.

Integer Overflow Denial Of Service Nmap
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2026-58055 MEDIUM POC PATCH This Month

HTTP request/response smuggling in nghttpx (the reverse proxy component of nghttp2 through 1.69.0) allows unauthenticated remote attackers to poison shared backend keep-alive connections by crafting an HTTP/1.1 Upgrade request that simultaneously carries a Content-Length header and body. When nghttpx forwards this ambiguous message to a backend and re-adds Connection and Upgrade headers while passing Content-Length verbatim, a backend that resolves the parsing ambiguity in the attacker's favor treats the body as a separate, attacker-controlled HTTP request - enabling cross-client response-queue poisoning. A publicly available proof-of-concept exploit exists; no CISA KEV listing at time of analysis.

Request Smuggling Information Disclosure Nghttp2
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.2%
CVE-2026-13503 MEDIUM POC This Month

Path traversal in ANTLR4 up to 4.13.2 exposes arbitrary file read via the tokenVocab grammar option handler. The vulnerable function getImportedVocabFile in TokenVocabParser.java fails to sanitize user-controlled grammar option values, allowing an attacker to supply a crafted .g4 grammar file that causes the tool to read files outside the intended working directory. A publicly available proof-of-concept exploit exists (GitHub issue reference), and no vendor patch has been released - the vendor did not respond to disclosure. No active exploitation is confirmed in CISA KEV, but the CVSS 4.0 E:P flag confirms exploit code is public.

Java Path Traversal Antlr4 Red Hat Suse
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.5%
CVE-2026-13486 MEDIUM POC This Month

SQL injection in SourceCodester Class and Exam Timetabling System 1.0 allows unauthenticated remote attackers to manipulate the `course_year_section` parameter on the `/preview6.php` endpoint, enabling unauthorized read and write access to the underlying database. The CVSS 4.0 vector (AV:N/AC:L/PR:N/UI:N) confirms exploitation requires no authentication and no special conditions, and a public proof-of-concept has been disclosed on GitHub. While not listed in CISA KEV, the trivially low attack complexity combined with POC availability raises the realistic exploitation risk above what the 5.5 medium score alone implies.

SQLi PHP Class And Exam Timetabling System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-13485 MEDIUM POC This Month

SQL injection in SourceCodester Class and Exam Timetabling System 1.0 exposes the `/preview.php` endpoint to remote unauthenticated exploitation via the unsanitized `course_year_section` parameter, allowing arbitrary SQL query execution against the backend database. A public proof-of-concept exploit has been published on GitHub, materially lowering the barrier to exploitation. Impact is rated low-to-partial across confidentiality, integrity, and availability, bounded by the database account's privileges, and no vendor patch has been identified at time of analysis.

SQLi PHP Class And Exam Timetabling System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-13500 MEDIUM POC This Month

Code injection in ANTLR4's Grammar Action Block Handler allows remote attackers to execute arbitrary code by supplying a crafted grammar file processed by the tool. All versions up to and including 4.13.2 are affected via the OutputFile.java code generation pathway. A public proof-of-concept exploit exists on GitHub (no KEV listing), though the vendor has not acknowledged or patched the issue, leaving users without an official fix.

Code Injection Java RCE Antlr4 Red Hat +1
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-13498 MEDIUM POC This Month

SQL injection in yashpokharna2555's restaurent-management-system exposes the /forgotpassword.php endpoint to unauthenticated remote exploitation via the POST email parameter, allowing attackers to execute arbitrary SQL against the backend database. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms no authentication or preconditions are required, and a public exploit is referenced in GitHub issue #3. The project has no versioning scheme and the maintainer has not responded to the disclosure, meaning no patch is available and all deployed instances remain vulnerable.

SQLi PHP Restaurent Management System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-13488 MEDIUM POC This Month

SQL injection in SourceCodester Class and Exam Timetabling System 1.0 exposes the `/preview7.php` endpoint to unauthenticated remote exploitation via unsanitized input in the `course_year_section` parameter. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms zero-friction remote exploitation with no authentication or user interaction required. No public exploit identified at time of analysis is incorrect here - a publicly available exploit exists (GitHub issue referenced in references), elevating urgency despite the absence of a CISA KEV listing.

SQLi PHP Class And Exam Timetabling System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-13487 MEDIUM POC This Month

SQL injection in SourceCodester Class and Exam Timetabling System 1.0 exposes any publicly reachable deployment to unauthenticated database manipulation via the unsanitized `sy` parameter in /archive.php. The CVSS 4.0 vector (AV:N/AC:L/PR:N/UI:N) confirms remote exploitation with no prerequisites, yielding low-to-moderate impact across confidentiality, integrity, and availability of the underlying database. A publicly available proof-of-concept exploit exists on GitHub (referenced via VulDB submission 838189), lowering attacker skill requirements, though no CISA KEV listing indicates mass exploitation has not been confirmed at time of analysis.

SQLi PHP Class And Exam Timetabling System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-58052 MEDIUM POC This Month

Mark-of-the-Web protection is bypassed in 7-Zip for Windows 26.02 and earlier when extracting crafted RAR5 archives, allowing an attacker to strip the Internet-zone marker (ZoneId=0) and spoof the extracted file's data stream content - directly defeating SmartScreen and Windows attachment warnings. The bypass exploits a gap between 7-Zip's exact-string guard ('Zone.Identifier') and the NTFS-canonical equivalent (':Zone.Identifier:$DATA') that a RAR5 STM record can supply; a second STM record ('::$DATA') additionally overwrites the default file data stream for content spoofing. A publicly available proof-of-concept exists; no vendor-released patched version has been confirmed at the time of analysis.

Microsoft Information Disclosure 7 Zip
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2026-49048 HIGH This Week

SQL injection in the JoomCCK content-construction-kit extension for Joomla (versions 1.0 through 6.4.0) lets remote attackers read arbitrary database contents by injecting into a front-end controller task that concatenates an unescaped request parameter into two SQL statements. The flaw is reachable over the network without authentication or user interaction, and SSVC rates it automatable with total technical impact; however, there is no public exploit identified at time of analysis and EPSS is low at 0.28% (20th percentile).

SQLi Joomcck Extension For Joomla
NVD VulDB
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-8095 HIGH This Week

Authenticated arbitrary file deletion in the Frontend File Manager Plugin (nmedia-user-file-uploader) for WordPress versions through 23.6 lets Subscriber-level users delete any file on the server, including wp-config.php, which can cascade into full site takeover. The flaw stems from a case-sensitivity gap in input sanitization within the wpfm_file_meta_update AJAX handler that allows attacker-controlled paths to reach unlink() unchecked. Reported by Wordfence with a CVSS of 8.1; no public exploit identified at time of analysis and the issue is not on CISA KEV.

WordPress Information Disclosure PHP
NVD VulDB
CVSS 3.1
8.1
EPSS
0.4%
CVE-2026-10646 HIGH PATCH This Week

Memory corruption and denial of service in Zephyr RTOS (v4.0.0 through v4.4.0) arises in the BSD-sockets getaddrinfo() implementation, where a timed-out DNS query is retried without cancelling the prior query, leaving a callback holding a pointer into a stack frame that goes out of scope after getaddrinfo() returns. A network-delivered DNS response matched by its spoofable 16-bit transaction id, or the resolver's own delayed timeout work, then writes through that stale pointer, enabling crashes or reused-stack corruption. There is no public exploit identified at time of analysis and the issue is not in CISA KEV; exploitation is gated by a timing/race window reflected in CVSS AC:H.

Memory Corruption Buffer Overflow Denial Of Service Use After Free Zephyr
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.3%
CVE-2026-13491 LOW POC PATCH Monitor

Denial-of-service in xiaozhi-esp32 MQTT firmware (versions up to 2.2.6) allows a remote attacker to crash the device's MQTT session handler by sending a crafted goodbye message containing a non-string session_id field. The MQTT Goodbye Handler in mqtt_protocol.cc fails to validate the cJSON type of the session_id node before dereferencing its valuestring member, producing undefined behavior that terminates the session. A public proof-of-concept exists (GitHub issue #2022), but attack complexity is rated high (AC:H) and the vulnerability is not listed in the CISA KEV catalog, suggesting exploitation requires deliberate effort rather than opportunistic scanning.

Denial Of Service Xiaozhi Esp32
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.4%
CVE-2026-13510 LOW POC PATCH Monitor

Deployment authentication token weakness in SimStudioAI Sim up to 0.6.92 leaks a truncated SHA-256 derivative of the encrypted deployment password inside base64-encoded auth cookies, enabling offline hash cracking and potential token forgery against password-protected deployments. The vulnerable Password Protection Handler embeds only the first 8 hex characters (32 bits) of an unsalted SHA-256 hash of the encrypted password directly in the unprotected token payload - a CWE-328 use of weak hash - allowing an attacker who obtains the cookie to brute-force the narrow hash space and fingerprint or bypass deployment authentication. No patch has been merged; fix PR #4760 is pending acceptance, and a public proof-of-concept is available at https://github.com/simstudioai/sim/issues/4759.

Information Disclosure Sim
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.2%
CVE-2026-10593 MEDIUM PATCH This Month

NULL pointer dereference in the Zephyr Bluetooth LE Audio Basic Audio Profile unicast client crashes devices running Zephyr v4.3.0 and v4.4.0 (and earlier) when connected to a malicious or buggy remote ASCS server. The handler unicast_client_ep_qos_state() writes attacker-controlled QoS fields through stream->qos without verifying the pointer is non-NULL - a condition that legitimately exists during the window between bt_bap_stream_config() and unicast_group_add_stream(). No public exploit code has been identified and this vulnerability is not listed in CISA KEV, but CVSS adjacency (AV:A) and no-auth (PR:N) make it exploitable by any device within Bluetooth LE radio range acting as a rogue ASCS server.

Denial Of Service Null Pointer Dereference Zephyr
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-13490 MEDIUM This Month

Authorization bypass in GLPI 11.0.5 through 11.0.7 exposes restricted documents to unauthorized network-based access via a manipulable docid parameter in the document download handler. The vulnerability resides in the Document::canViewFile authorization check within front/document.send.php, where an attacker can tamper with the docid argument to circumvent document-level access controls and retrieve files they are not permitted to view. No public exploit has been identified at time of analysis, and EPSS data was not provided; however, the remote network vector with no required privileges raises concern for exposed GLPI deployments.

Authentication Bypass PHP Glpi
NVD VulDB
CVSS 4.0
6.3
EPSS
0.3%
CVE-2026-58057 LOW POC PATCH Monitor

Arbitrary code execution in Flowise before 3.1.3 on Windows allows an authenticated user with Custom MCP node configuration access to bypass the NODE_OPTIONS environment variable denylist by supplying the lowercase variant 'node_options', exploiting a case-sensitive string comparison against a case-insensitive OS. The injected NODE_OPTIONS --require directive causes the Flowise server process to load an attacker-controlled module when spawning a Custom MCP stdio child process. A publicly available proof-of-concept exists per VulnCheck; the vulnerability is not listed in CISA KEV, and exploitation is constrained by Windows platform dependency and the requirement for stdio mode to be explicitly enabled.

Microsoft RCE Flowise
NVD GitHub VulDB Exploit-DB
CVSS 4.0
2.3
EPSS
0.2%
CVE-2026-13499 LOW POC Monitor

Cross-site scripting in yashpokharna2555/restaurent-management-system allows remote unauthenticated attackers to inject arbitrary client-side script via the Username argument in login_register.php's Registration Handler. The payload executes in the browser of any user who subsequently views the tainted data - most likely an administrator reviewing registered accounts. A public exploit exists per VulDB and GitHub issue #4; no public exploit identified as confirmed actively exploited (CISA KEV). The CVSS 4.0 base score of 2.1 reflects the limited scope and required victim interaction, but the availability of a POC elevates practical risk for any deployment.

XSS PHP Restaurent Management System
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-13497 LOW POC Monitor

SQL injection in itsourcecode Hospital Management System 1.0 exposes the appointment management endpoint to remote database manipulation via the unsanitized `editid` parameter in `/appointment.php`. Authenticated low-privileged users can craft malicious SQL payloads to read, modify, or corrupt appointment and patient records in the underlying database. A publicly available proof-of-concept exploit exists (GitHub issue linked in references); no CISA KEV listing at time of analysis.

SQLi PHP Hospital Management System
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.2%
CVE-2026-13496 LOW POC Monitor

SQL injection in itsourcecode Hospital Management System 1.0 exposes the `/ajaxmedicine.php` endpoint to database manipulation via the unsanitized `medicineid` parameter, exploitable by any low-privilege authenticated user over the network. A public proof-of-concept has been published on GitHub, materially lowering the barrier to exploitation. No active exploitation has been confirmed by CISA KEV, but the combination of public exploit code, a medical data context, and low attack complexity makes this a credible risk for any organization running this software.

SQLi PHP Hospital Management System
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.2%
CVE-2026-13495 LOW POC Monitor

SQL injection in itsourcecode Hospital Management System 1.0 exposes authenticated administrators to database manipulation via the `loginid` parameter in `/adminprofile.php`. The CVSS 4.0 vector (PR:H) confirms exploitation is constrained to authenticated high-privilege sessions, limiting mass exploitation risk despite network accessibility. A public proof-of-concept exploit has been disclosed on GitHub, lowering the technical barrier for targeted abuse by insiders or credential-compromised actors.

SQLi PHP Hospital Management System
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.2%
CVE-2026-13504 LOW POC Monitor

Cross-site scripting in code-projects Project Management System 1.0 allows a remote authenticated attacker to inject malicious scripts via the /mail.php Mail Compose Page, targeting other users who interact with the crafted mail content. The CVSS 4.0 vector (PR:L/UI:P) confirms exploitation requires a low-privileged authenticated session and passive victim interaction, limiting scope but not eliminating risk in shared environments. A public proof-of-concept exploit has been disclosed on GitHub; no KEV listing and no vendor patch have been identified at time of analysis.

XSS PHP Project Management System
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.2%
CVE-2026-13501 LOW POC Monitor

Command injection in ANTLR4's Go code generation target (GoTarget.java) allows a local low-privilege attacker to execute arbitrary OS commands via unsanitized input passed to the gofmt invocation, affecting all versions up to 4.13.2. This vulnerability is scoped entirely to local environments such as developer workstations or CI/CD pipelines running ANTLR4 Go target code generation. A publicly available proof-of-concept exploit exists per the GitHub disclosure, but this is not confirmed as actively exploited (not in CISA KEV), and the CVSS 4.0 base score of 1.9 reflects its genuinely constrained real-world impact.

Command Injection Java Antlr4
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.7%
CVE-2026-13493 LOW POC PATCH Monitor

Workflow checkpoint endpoints in ComfyUI-Copilot up to 2.0.28 expose an insecure direct object reference (IDOR) flaw - the restore_workflow_checkpoint and update_workflow_ui handlers in conversation_api.py accept externally supplied version identifiers without verifying that the referenced checkpoint belongs to the requesting session, enabling an authenticated remote attacker to read workflow data owned by other sessions. The CVSS 4.0 score of 2.3 reflects limited confidentiality-only impact and high attack complexity (AC:H) due to the need to enumerate valid cross-session identifiers. A proof-of-concept is publicly available at GitHub issue #149; the upstream fix (PR #150) is pending acceptance and no patched release version has been confirmed.

Information Disclosure Checkpoint Comfyui Copilot
NVD VulDB GitHub
CVSS 4.0
1.3
EPSS
0.2%
CVE-2026-13489 LOW POC PATCH Monitor

Improper response routing in xiaozhi-esp32 firmware up to version 2.2.6 allows any authenticated WebSocket client to receive MCP (Model Context Protocol) responses intended for other connected clients, enabling cross-client information disclosure and low-integrity interference. The flaw resides in the ParseMessage function within main/mcp_server.cc, where the MCP Response Handler broadcasts responses globally to all connected WebSocket clients on port 8080 rather than routing replies back to the originating client. A public proof-of-concept is available via GitHub issue #2020; no active exploitation has been confirmed in CISA KEV, and the CVSS 4.0 score of 2.3 reflects high attack complexity and limited overall impact in this niche IoT context.

Information Disclosure Xiaozhi Esp32
NVD VulDB GitHub
CVSS 4.0
1.3
EPSS
0.2%
CVE-2026-13511 LOW POC PATCH Monitor

Improper authorization in VoltAgent's Memory REST API allows an authenticated user to read another user's private conversation history by substituting a victim's conversationId in requests to the handleGetMemoryConversation endpoint. All VoltAgent versions up to and including 2.1.17 are affected; the CVSS 4.0 base score of 2.3 reflects high attack complexity and limited confidentiality impact. No public exploit confirmed active exploitation (CISA KEV absent), but a proof-of-concept is publicly available via GitHub issue #1315, and a fix PR (#1317) remains pending acceptance with no released patched version confirmed at time of analysis.

Authentication Bypass Voltagent
NVD VulDB GitHub
CVSS 4.0
1.3
EPSS
0.2%
CVE-2026-13484 LOW POC Monitor

Missing authorization in MLflow's Experiment-scoped Label Schema CRUD API allows a remote, low-privileged attacker to perform unauthorized read, create, update, or delete operations on label schema resources. The vulnerability stems from a pre-release feature that was disclosed before its authentication handlers were implemented - a GitHub maintainer confirmed: 'The auth handlers will be added before the release.' A proof-of-concept is publicly available via the referenced GitHub issue. Despite network accessibility, the CVSS 4.0 score of 1.3 reflects high attack complexity and limited impact scope, and no CISA KEV listing has been issued.

Authentication Bypass Mlflow
NVD VulDB GitHub
CVSS 4.0
1.3
EPSS
0.2%
CVE-2026-13483 LOW POC PATCH Monitor

Credential storage in DocsGPT up to 0.18.0 uses AES-CBC - an unauthenticated cipher mode - allowing a low-privilege authenticated attacker to tamper with encrypted credential blobs without detection, as the application performs no integrity or authenticity verification before decrypting. The root cause (CWE-345) is the absence of authenticated encryption: CBC provides confidentiality only, with no MAC or HMAC binding, and the legacy implementation also lacked any user_id binding, enabling potential cross-user credential replay. Publicly available exploit code exists (CVSS 4.0 E:P), though no confirmed active exploitation (not in CISA KEV); the upstream fix in PR #2331 migrates to AES-GCM with user_id-bound AAD but has not yet been merged.

Information Disclosure Docsgpt
NVD VulDB GitHub
CVSS 4.0
1.3
EPSS
0.1%
CVE-2026-13502 LOW POC Monitor

Time-of-check time-of-use (TOCTOU) race condition in antlr4-maven-plugin up to version 4.13.2 allows a local low-privileged attacker to manipulate grammar dependency state between validation and consumption in ObjectInputStream.readObject() within GrammarDependencies.java, yielding limited confidentiality, integrity, and availability impact on build artifacts. No public exploit identified at time of analysis is incorrect here - a publicly available exploit exists via a GitHub issue, though KEV listing is absent, indicating no confirmed widespread active exploitation. The CVSS 4.0 score of 1.1 reflects genuine low real-world risk due to local-only access, high attack complexity, and constrained impact scope.

Java Information Disclosure Antlr4
NVD VulDB GitHub
CVSS 4.0
1.1
EPSS
0.1%
CVE-2026-10644 LOW PATCH Monitor

Out-of-bounds write in Zephyr RTOS's Microchip SERCOM-G1 UART driver (introduced in v4.4.0) allows an adjacent attacker who can send serial data to corrupt one byte of memory immediately beyond the caller-supplied RX buffer, potentially causing a crash or denial of service. The flaw exists only when CONFIG_UART_MCHP_ASYNC is enabled (non-default on in-tree PIC32CM-JH board configs) and the consuming application calls uart_rx_enable() with a one-byte buffer - a narrow but real embedded firmware scenario. No exploit code is publicly available and this vulnerability is not listed in CISA KEV; the upstream fix has been committed but a tagged patched release version has not been independently confirmed.

Memory Corruption Denial Of Service Buffer Overflow Zephyr
NVD GitHub VulDB
CVSS 3.1
3.1
EPSS
0.1%
CVE-2026-13482 LOW Monitor

Weak hash usage in SkyPilot's User ID Handler (versions up to 0.12.0) allows remote attackers with high-complexity access to manipulate user identity integrity by exploiting the `username.encode` function in `sky/users/server.py`. The vulnerability (CWE-328) results in a low-integrity impact on the vulnerable system, with no confidentiality or availability impact per the CVSS 4.0 vector, though the VulDB-assigned 'Information Disclosure' tag suggests the weak hash may additionally expose derivable username data. A public exploit exists (CVSS 4.0 E:P modifier confirmed), but no confirmed active exploitation or CISA KEV listing has been identified at time of analysis.

Information Disclosure Skypilot
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.2%
CVE-2026-13507 LOW PATCH Monitor

Insufficient data authenticity verification in volcengine OpenViking's Local VectorDB Primary-key Label Handler (versions up to 0.3.21) allows a remote attacker with low-privilege access to manipulate the ID argument passed to the str_to_uint64 function, potentially enabling limited tampering with vector database primary-key label data. The attack vector is network-accessible but rated highly complex, with CVSS 4.0 score of 2.3 reflecting constrained, low-severity impact across confidentiality, integrity, and availability. No public exploit code exists and no active exploitation has been identified; an upstream fix is pending via an unmerged pull request.

Information Disclosure Openviking
NVD VulDB GitHub
CVSS 4.0
2.3
EPSS
0.1%
CVE-2026-13509 LOW Monitor

Path traversal in RAGapp's Knowledge File Handler (versions up to 0.1.5) allows authenticated low-privilege users to read, write, or delete files outside the intended data/ directory by supplying crafted filenames containing sequences such as '../' to the upload or remove file API endpoints. The vulnerability exists in the FileHandler.upload_file and FileHandler.remove_file functions in src/ragapp/backend/controllers/files.py, where client-supplied filenames were interpolated directly into file paths without sanitization. A proof-of-concept exploit has been publicly disclosed; however, no vendor-released patched version is available as of analysis date - only an unmerged upstream pull request (PR #294) addresses the issue.

Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-13512 LOW Monitor

Tenant isolation bypass in Databend up to 1.2.881 allows an authenticated remote attacker to access or corrupt session state belonging to users in other tenants by exploiting a missing tenant dimension in the ClientSessionManager session key derivation. The state_key function generated keys using only username and client_session_id, enabling key collisions across tenants sharing a server process - a flaw confirmed by the PR #19931 diff which adds tenant scoping to all key construction paths. Publicly available exploit code exists; no patched release has been confirmed at time of analysis.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2026-13508 LOW Monitor

Incorrect authorization in khoj's Conversation Sharing Handler exposes private agent configurations to authenticated low-privileged users in versions up to 2.0.0-beta.28. The conversation.agent parameter is passed through shared conversation copy paths in src/khoj/routers/api_chat.py without verifying the requesting user's permission to access that agent, allowing leakage of private agent personality instructions and system prompts across trust boundaries. A proof-of-concept has been published (CVSS 4.0 E:P); the vulnerability is not in CISA KEV, and no officially released patch version has been confirmed.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy