Path traversal in Vibe-Trading before version 0.1.10 allows low-privileged authenticated network attackers to write arbitrary Markdown files outside the application's intended memory root directory. The `remember` tool fails to sanitize the `memory_type` parameter before constructing filesystem paths, enabling traversal sequences to escape the memory root and land files at attacker-controlled locations on the server. No public exploit or CISA KEV listing has been identified, but the high integrity impact and low attack complexity make patching urgent for any internet-exposed deployment.
Unauthorized source code disclosure in GitHub Enterprise Server exposes private repository contents to any authenticated user on the instance, regardless of their actual repository permissions. The Copilot pull request description diff summary endpoint accepted cross-repository comparison ranges and rendered the resulting diff without verifying the requesting user held read access to the target repository - a missing authorization flaw (CWE-862) allowing lateral access to arbitrary private repositories. No active exploitation has been confirmed (not in CISA KEV), the issue was responsibly disclosed via GitHub's Bug Bounty program, and patches are available across four release branches.
SSO enforcement bypass in n8n before 2.8.0 allows any authenticated SSO user to disable organization-wide SSO enforcement via the API, then register a local password credential, permanently decoupling their account from the identity provider. This defeats identity-provider-enforced MFA and enables persistent access that survives SSO policy changes or user deprovisioning in the IdP. No public exploit code has been identified at time of analysis, but the technique requires only a valid SSO session and knowledge of the relevant API endpoint.
Cross-profile workspace isolation bypass in Hermes WebUI before 0.51.521 allows an authenticated low-privilege user operating under the default profile to read files scoped to other named profiles' workspaces. The /api/session/import handler validates the workspace against the active named profile but omits setting the profile field on the constructed Session object, persisting it with a null profile value. Because the authorization layer treats null profile as equivalent to the default profile, any default-profile user can exploit imported session identifiers to traverse the intended profile boundary and extract file contents - a complete defeat of the application's workspace isolation model. No public exploit is identified at time of analysis, and a vendor-released patch is available at v0.51.521.
Sandbox property allowlist bypass in Twig's `column` filter allows template authors operating under `SourcePolicyInterface`-gated sandboxing to read any public or magic property of any object reachable in the render context, circumventing `SecurityPolicy::$allowedProperties` entirely. This is a residual bypass of CVE-2026-46635, exploitable only when three conditions coexist: `SourcePolicyInterface`-based sandbox mode, `column` present in `allowedFilters`, and attacker-controlled template authoring access. The global sandbox mode and direct attribute access paths are both unaffected, making this a targeted policy enforcement gap rather than a broad sandbox failure. No public exploit has been identified at time of analysis; the vendor-released patch is Twig v3.27.0.
Open redirect in the TP-Link Archer AX20 V2 embedded web server allows unauthenticated attackers to craft URLs containing URL-encoded path traversal sequences that cause the device to issue HTTP 3xx redirects toward attacker-controlled external domains. All firmware versions through 2.1.9 Build 20230829 on the V2.0 hardware revision are confirmed affected per TP-Link's own advisory and CPE data. No public exploit identified at time of analysis, and a vendor-released patch is available; active exploitation has not been confirmed by CISA KEV.
Use-after-free in Zephyr's asynchronous SNTP client (sntp_close_async, v4.2.0-v4.4.0) can be triggered remotely by any network peer or off-path attacker capable of dropping or delaying UDP NTP responses, exploiting a race between the system workqueue thread and the socket-service poll thread. The most probable outcome is a crash of the networking subsystem thread (denial of service); where the freed net_context pool slot is rapidly reallocated, memory corruption is possible. The vulnerability is on the normal SNTP timeout path, making it reliably and periodically triggerable when NET_CONFIG_SNTP_INIT_RESYNC is enabled. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Process memory disclosure in Google Chrome's Views UI framework on ChromeOS allows a crafted extension, once installed by a user, to read potentially sensitive data from Chrome's process memory. All ChromeOS Chrome versions prior to 150.0.7871.47 are affected; desktop Chrome on Windows, macOS, and Linux is not confirmed in scope. No public exploit has been identified at time of analysis, and Chromium's own internal severity rating is Low - tempering the NVD CVSS 5.9 score - indicating Google's security team assessed limited practical exploitability.
Cleartext data transmission in IBM watsonx.data intelligence versions 5.2.2 through 5.3.1 (including patch-1) exposes sensitive information to network interception by a man-in-the-middle adversary. The platform transmits certain data without encryption, enabling an attacker positioned on the network path to capture confidential content in transit. No active exploitation has been confirmed (not in CISA KEV), and no public exploit code has been identified; however, the CVSS High confidentiality impact (C:H) signals that the interceptable data is substantively sensitive, likely including queries, credentials, or intelligence payloads.
Cleartext transmission in IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 exposes sensitive data to interception by network-adjacent attackers using man-in-the-middle techniques. The CVSS vector (AV:N/AC:H/PR:N) confirms exploitation requires no authentication but does demand the attacker occupy a privileged on-path network position, moderating the overall risk. No public exploit code and no CISA KEV listing have been identified at time of analysis; vendor-released patch is available.
Time-of-check time-of-use (TOCTOU) race condition in Samsung's open-source Escargot JavaScript engine exposes systems - notably Samsung TV appliances - to local exploitation resulting in limited confidentiality, integrity, and availability impact. The flaw exists at a specific upstream commit (bab3a5797557014ce3c2e28419a6310cfba90d0d) and allows an attacker who can execute code in the same environment to exploit a timing window between a security check and the subsequent use of a resource. No active exploitation has been identified at time of analysis, but a fix commit is available upstream.
Unbounded memory exhaustion in Sigstore's timestamp-authority server allows any unauthenticated remote attacker to crash or degrade the service by flooding it with high-cardinality HTTP requests. The root cause is the global `wrapMetrics` Prometheus middleware, which permanently registers a new time-series entry for every unique combination of raw request path and HTTP method it observes - including requests for unmatched paths that return 404 - causing heap memory to grow without bound under attacker-controlled input. No public exploit code has been identified at time of analysis, but exploitation requires no authentication and no special configuration, making any publicly exposed timestamp-authority endpoint a realistic target for denial-of-service attacks against software signing and CI/CD pipelines.
Heap-use-after-free in openGauss 7.0.0-RC1 and RC2 allows a database user with SQL execution privileges to crash the backend process by crafting a to_timestamp() call with NLS parameters that triggers the seqscan+sort execution path. The nls_fmt_str pointer is stored in session context but allocated within SeqScan's expression memory context, which is freed upon scan completion; subsequent access by timestamp_out() via CheckNlsFormat() dereferences the dangling pointer. The practical impact is denial of service through backend process termination. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis.
Redeight CMS 1.0 stores user passwords using unsalted MD5 hashes, enabling any attacker who obtains the credential database to recover plaintext passwords nearly instantaneously via precomputed rainbow tables. All stored credentials are effectively exposed upon database compromise, since MD5 is cryptographically broken and the absence of per-user salts eliminates hash uniqueness across identical passwords. No public exploit code or confirmed active exploitation has been identified at time of analysis, but the cracking technique is trivially automated and requires no specialized skill.
MSE Diffie-Hellman key exchange in Net::BitTorrent (Perl, all versions through 2.0.1) is rendered cryptographically transparent to passive network observers because Perl's non-cryptographic rand() function generates the 160-bit DH private key in KeyExchange.pm, and the same PRNG sequence simultaneously produces cleartext random padding transmitted during the same handshake. A passive eavesdropper who captures the handshake can recover the drand48 PRNG state from the observable padding bytes, reconstruct the private key, derive the RC4 session keys, and fully decrypt the MSE-encrypted stream - completely defeating the passive-observation obfuscation MSE is designed to provide. No public exploit has been identified at time of analysis, but the recovery is deterministic and requires only standard number theory once the handshake is captured.
Sandbox escape in Google Chrome prior to 150.0.7871.47 exploits a heap-based buffer overflow (CWE-122) in the Storage component, enabling an attacker who has already compromised the renderer process to break out of Chrome's sandbox via a crafted HTML page. This is a chained, second-stage vulnerability - renderer compromise through a separate flaw is a hard prerequisite, making standalone exploitation infeasible. EPSS sits at 0.21% (11th percentile), there is no CISA KEV listing, and no public exploit code has been identified at time of analysis; a vendor patch is confirmed available as Chrome 150.0.7871.47.
HTML injection in IBM watsonx.data Intelligence versions 5.2.0 through 5.3.0 enables a remote authenticated attacker to plant malicious HTML content that executes in a victim's browser within the hosting site's security context. The CVSS vector (PR:L/UI:R/C:H) confirms exploitation requires low-privilege authentication and a second user to view the injected content, with the primary impact being confidentiality loss - such as session token theft or credential harvesting. No public exploit code has been identified and this vulnerability does not appear in the CISA KEV catalog; a vendor patch is available via IBM advisory 7277801.
Denial of service in fzf's --listen mode HTTP server arises from quadratic-time (O(n²)) body processing caused by repeated string concatenation when reading POST request payloads. All fzf releases prior to 0.73.1 are affected when the --listen flag is explicitly activated to expose the embedded HTTP server. An attacker with access to the listening socket can send a single crafted POST request with many small body segments to monopolize the single-threaded server, blocking all other clients indefinitely. No public exploit identified at time of analysis; vendor-released patch is available in version 0.73.1.
Out-of-bounds read in Chrome's Chromecast component allows a local attacker to leak sensitive contents from the browser's process memory by delivering malicious network traffic to the affected subsystem. Affected versions are all Chrome releases prior to 150.0.7871.47 on desktop platforms. No public exploit code or CISA KEV listing is identified at time of analysis, and Google's own severity rating is Low, though the CVSS confidentiality impact is scored High due to potential direct process memory exposure.
Stored cross-site scripting in SolarWinds Database Performance Analyzer enables a highly privileged, adjacent-network attacker to persist malicious scripts in the application that execute within other users' browsers upon page load. The CVSS vector (AV:A/AC:H/PR:H/UI:R) imposes substantial constraints - adjacency, high complexity, admin-level credentials, and victim interaction are all required - limiting realistic risk to insider-threat or post-compromise scenarios. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Integer overflow in fzf's FuzzyMatchV2 function causes a non-recoverable process crash (denial of service) when input lines reach approximately 2,200,000 bytes and a search pattern of ~999 bytes is active. The Go runtime detects the resulting invalid slice bounds and immediately terminates the process with a panic - there is no recovery path and no possibility of memory corruption or code execution. No public exploit code has been identified and this CVE is not listed in CISA KEV; the CVSS 4.0 score of 5.6 (AT:P, UI:A) reflects that exploitation requires atypical input volumes and active user or script interaction.
### Impact Shovel and Federation plugins perform URI obfuscation in their worker (link) state. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
File path control vulnerability (CWE-73) in IBM App Connect Enterprise and IBM Integration Bus for z/OS enables a remote attacker to socially engineer a victim into triggering unauthorized file creation on the local system. Despite being tagged and described as SQL injection, the governing weakness classification is CWE-73 (External Control of File Name or Path), and the described impact - unexpected local file creation - aligns with that CWE rather than database injection. Affected versions span IBM ACE 12.x and 13.x across wide release ranges, as well as IBM Integration Bus for z/OS 10.1.x. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
Navigation restriction bypass in Google Chrome's DevTools component on Android (all versions prior to 150.0.7871.47) allows a local attacker to circumvent policy-enforced browsing controls by delivering a crafted malicious file. The vulnerability is confined to Android - desktop Chrome is not in scope - and requires user interaction with the malicious file, substantially narrowing the realistic attack surface. No public exploit code exists and no active exploitation has been confirmed; an EPSS score of 0.14% (3rd percentile) corroborates low real-world exploitation probability at time of analysis.
Sensitive information disclosure in IBM UrbanCode Deploy and IBM DevOps Deploy exposes potentially sensitive data to any local user who can read application log files. Affected are UrbanCode Deploy 7.2 through 7.2.3.23 and 7.3 through 7.3.2.18, as well as DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog, but the local no-privilege vector combined with high confidentiality impact makes this a meaningful insider threat and post-compromise escalation vector in enterprise CI/CD environments.
Chrome's built-in Passwords subsystem on macOS leaks sensitive process memory contents when a malicious file is processed, potentially exposing stored credentials or authentication tokens to a local attacker. All Google Chrome releases for Mac prior to 150.0.7871.47 are affected. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in CISA KEV; however, the confidentiality impact is rated High given the nature of the data at risk within the Passwords feature.
Cross-site scripting in IBM watsonx.data Intelligence 5.2.0 through 5.3.0 allows low-privileged authenticated users to inject arbitrary JavaScript into the Web UI, enabling credential theft or session hijacking against higher-privileged victims. The CVSS scope change (S:C) confirms the injected script executes in the victim's browser context, crossing trust boundaries within the platform. No public exploit code has been identified and this vulnerability is not listed in CISA KEV; IBM has released a patch via advisory PSIRT.
UI spoofing in Google Chrome's Extensions implementation (all versions prior to 150.0.7871.47) enables a remote attacker - who has already achieved renderer process compromise via a separate exploit - to render deceptive UI elements through a crafted HTML page, potentially misleading users into unintended interactions. The vulnerability carries a CVSS 5.4 Medium score, though Chromium's internal rating is Low, and the EPSS score of 0.18% (8th percentile) reflects minimal exploitation probability. No public exploit code and no active exploitation (CISA KEV) have been identified at time of analysis.
UI spoofing in Google Chrome's Network component (versions prior to 150.0.7871.47) can be triggered by a remote attacker who has already compromised the renderer process, allowing browser UI elements to be faked via a crafted HTML page. This is a chained exploit - not a standalone flaw - requiring both prior renderer compromise and user interaction, which significantly constrains real-world risk. No public exploit code exists and no confirmed active exploitation has been recorded; EPSS at 0.18% (8th percentile) and Chromium's own 'Low' severity rating reinforce this assessment.
UI spoofing in Google Chrome's WebXR component (all versions prior to 150.0.7871.47) allows remote attackers to misrepresent browser interface elements when a victim visits a crafted HTML page. The flaw stems from an inappropriate implementation in the WebXR Device API, enabling manipulation of what the user perceives as trusted UI - potentially obscuring origin indicators, security state, or page identity. No public exploit code exists and EPSS stands at 0.18% (8th percentile); CISA SSVC rates exploitation as none with partial technical impact, placing this firmly in the lower-priority tier despite its network-accessible vector.
UI spoofing in Google Chrome's WebAppInstalls component (prior to 150.0.7871.47) is reachable only after an attacker has already compromised the Chrome renderer process, making this a chained, post-exploitation capability rather than a standalone entry point. With a compromised renderer, the attacker can serve a crafted HTML page that bypasses insufficient input validation in WebAppInstalls to forge Chrome's native UI - potentially deceiving users into trusting malicious web app install prompts or dialogs. No public exploit or active exploitation (CISA KEV) is confirmed; EPSS sits at 0.18% (8th percentile), consistent with the high prerequisite barrier and Chromium's own 'Low' severity rating.
Universal Cross-Site Scripting (UXSS) in Google Chrome's HTMLParser prior to 150.0.7871.47 enables remote attackers to inject arbitrary scripts or HTML into a victim's browser context by serving a crafted HTML page. The flaw is classified Medium severity by Google's Chromium security team and carries a CVSS 5.4 score, with EPSS at 0.17% (7th percentile) and no CISA KEV listing, indicating low current exploitation activity. A vendor-released patch exists in Chrome 150.0.7871.47; Chrome's auto-update mechanism substantially narrows the exposure window for most consumer endpoints.
UI spoofing via the Speech component in Google Chrome prior to 150.0.7871.47 requires an attacker to have already compromised the renderer process, making this a chained, second-stage exploit rather than a standalone remote attack. The vulnerability stems from insufficient input validation (CWE-20) in Chrome's Speech subsystem, enabling a renderer-compromised attacker to manipulate browser UI elements through a crafted HTML page. No public exploit code exists, SSVC assessment confirms no active exploitation, and an EPSS score of 0.17% (7th percentile) reflects a very low probability of mass exploitation - consistent with Google's own 'Low' internal severity rating.
SQL injection in the Apache Gravitino UI exposes server-side files to authenticated malicious users, enabling unauthorized file read and file truncation on the underlying host. Affected versions are listed as 1.0.0 and below, though the advisory contains an apparent inconsistency - the fix is attributed to version 1.0.0 itself, suggesting the actual patched release may be a later point version. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
Server-side request forgery in Open WebUI before 0.6.27 enables authenticated users to bypass SSRF protections in the web retrieval endpoint by supplying URLs that trigger server-side HTTP redirects to internal network resources. The /api/v1/retrieval/process/web endpoint follows Location redirect headers without revalidating the destination against SSRF blocklists, exposing internal services and potentially instance secrets that could enable command execution. No public exploit code or active exploitation has been identified at time of analysis, but the authenticated escalation path to internal infrastructure warrants prompt patching.
Path traversal in Rancher Fleet's ImageScan subsystem (CWE-23) allows authenticated remote attackers to escape intended directory boundaries and trigger denial of service across four active release branches (0.12.x through 0.15.x). The flaw appears to have been introduced in the 0.12.0 series and persisted undetected through at least sixteen subsequent patch releases, indicating the ImageScan component lacked adequate path sanitization for an extended period. No public exploit code or active exploitation has been identified; the CVSS 4.0 vector (PR:L) confirms exploitation requires authenticated access, materially limiting opportunistic attack surface.
Memory disclosure in Google Chrome's GPU component on Windows enables a remote attacker - who has already established renderer process compromise - to extract sensitive data from process memory via a crafted HTML page. Affected versions are all Chrome for Windows releases prior to 150.0.7871.47. This is a second-stage exploit component: it does not independently achieve remote code execution but can be chained with a renderer exploit to leak process memory contents, potentially exposing credentials, tokens, or other in-memory sensitive data. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Sandbox bypass in Twig 3.26.x allows string callables to circumvent the Closure-only restriction when applications use the deprecated `twig_array_some()` and `twig_array_every()` wrapper functions over a sandboxed Environment. The 3.26.0 source-policy hardening changed `CoreExtension::checkArrow()` to accept a boolean sandbox state, but the legacy wrappers in `src/Resources/core.php` were not updated, causing them to silently pass `false` for `$isSandboxed` and accept arbitrary string callables such as `'exec'` or `'system'` that the sandbox was designed to block. No public exploit has been identified at time of analysis, and impact is limited to the narrow subset of applications calling the deprecated wrappers with sandbox mode active.
Uninitialized memory read in Skia, Chrome's 2D graphics library, exposes process memory contents to an attacker who has already compromised the renderer process by delivering a crafted HTML page. Affected are all Chrome desktop installations prior to 150.0.7871.47; the confidentiality impact is scoped to renderer process memory, which may contain session tokens, DOM content, or cached credentials. No public exploit code and no CISA KEV listing have been identified at time of analysis; the CVSS Medium score of 5.3 reflects the high attack complexity imposed by the renderer pre-compromise prerequisite.
Uninitialized memory exposure in Google Chrome's Media component allows a remote attacker who has already compromised the renderer process to read potentially sensitive data from process memory by serving a crafted HTML page. Affected versions are all Chrome releases prior to 150.0.7871.47, across desktop platforms. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; exploitation requires a chained renderer compromise, significantly constraining real-world risk despite the high confidentiality impact rating.
Uninitialized memory exposure in the UI layer of Google Chrome on Android (prior to 150.0.7871.47) allows an attacker who has already compromised the renderer process to read potentially sensitive data from process memory by serving a crafted HTML page. The vulnerability is CWE-457 (use of uninitialized variable) and is scoped to the Android platform only. No public exploit code or active exploitation has been identified at time of analysis; a vendor patch has been released.
Uninitialized GPU memory use in Google Chrome prior to 150.0.7871.47 enables a remote attacker who has already compromised the renderer process to read sensitive data from GPU process memory by delivering a crafted HTML page. This is a second-stage information disclosure primitive - exploitation is contingent on a prior renderer compromise, making it a component of a multi-vulnerability attack chain rather than a standalone critical issue. No public exploit code or CISA KEV listing has been identified at time of analysis; Google has released a patched stable channel build (150.0.7871.47).
Uninitialized memory read in Google Chrome's XR (Extended Reality/WebXR) subsystem exposes process memory to a remote attacker who has already achieved renderer process compromise. Affected versions are all Chrome releases prior to 150.0.7871.47. This is a second-stage, chained vulnerability - an attacker leverages a crafted HTML page to trigger the uninitialized read and extract sensitive data from process memory, but only after separately exploiting a renderer process escape. No public exploit code or CISA KEV listing has been identified at time of analysis.
Process memory disclosure in Google Chrome DevTools on Windows (versions prior to 150.0.7871.47) allows a remote attacker to read potentially sensitive data from browser process memory by serving a crafted HTML page and convincing a user to perform specific UI gestures. The flaw stems from insufficient input validation (CWE-20) within the DevTools subsystem and is limited to the Windows platform. No public exploit code or CISA KEV listing has been identified at time of analysis, but the confidentiality impact is rated High by NVD.
Insufficient policy enforcement in the Spellcheck component of Google Chrome prior to 150.0.7871.47 exposes process memory to attackers who have already achieved renderer process compromise. The vulnerability enables a second-stage information disclosure step in a chained attack: after compromising the renderer, the attacker serves a crafted HTML page that exploits the Spellcheck policy gap to read potentially sensitive data from memory. No public exploit code or active exploitation via CISA KEV has been identified at time of analysis; Google has released a fix in the stable channel update.
Process memory disclosure in Google Chrome's ANGLE graphics abstraction layer (versions prior to 150.0.7871.47) enables a renderer-compromised attacker to read potentially sensitive data from process memory via a crafted HTML page. This is a post-exploitation, second-stage vulnerability: it cannot be triggered without a prior renderer process compromise, functioning as a chaining component rather than a standalone entry point. No public exploit code or CISA KEV listing has been identified at time of analysis; Chromium's own team rates it Medium severity, consistent with the prerequisite attack complexity.
Out-of-bounds read in the Chromecast component of Google Chrome prior to 150.0.7871.47 enables a remote attacker, who has already achieved renderer process compromise, to exfiltrate potentially sensitive data from process memory via a crafted HTML page. This is a second-stage, chained vulnerability - it cannot be exploited in isolation and requires a prior renderer compromise as a prerequisite. Google has released a patch in Chrome 150.0.7871.47; no public exploit code or CISA KEV listing has been identified at time of analysis.
The Python Code node in n8n allows authenticated workflow editors to bypass the AST security validator by crafting Python code that evades an incomplete blocklist (CWE-184), reaching the task executor module namespace. Affected self-hosted n8n deployments running versions before 2.25.7 or 2.26.x before 2.26.2 with the Python Task Runner enabled are exposed to environment variable disclosure when N8N_BLOCK_RUNNER_ENV_ACCESS is not set to restrict access, potentially leaking API keys, database credentials, or other secrets injected at process startup. No public exploit code exists and no active exploitation has been confirmed at time of analysis.
Out-of-bounds read in ANGLE, Chrome's cross-platform graphics abstraction engine, enables sensitive process memory disclosure on macOS for attackers who have already compromised the renderer process. Affected versions are Google Chrome prior to 150.0.7871.47 on Mac; Windows and Linux are not listed as affected. This flaw is a second-stage technique in a multi-vulnerability chain - not a standalone entry point - and no public exploit code or CISA KEV listing has been identified, placing real-world exploitation risk substantially below what the C:H confidentiality impact alone might imply.
Insufficient policy enforcement in Chrome's built-in Passwords subsystem (prior to 150.0.7871.47) allows a remote attacker who has already compromised the renderer process to read potentially sensitive credential data from process memory via a crafted HTML page. This is a second-stage, chained information-disclosure flaw - not a standalone exploit - that bypasses Chrome's inter-process access boundaries to reach password manager data. No public exploit code has been identified at time of analysis, and a vendor patch is confirmed available in Chrome 150.0.7871.47.