Privilege-escalating remote code execution in the Git Service shared by Altium Enterprise Server and Altium 365 lets an authenticated user with basic git access abuse post-clone file-manipulation operations to move arbitrary files outside the repository, plant executable script content, and run code as the Git Service account. On multi-tenant Altium 365 cloud nodes this also created a cross-tenant data-exposure path. No public exploit identified at time of analysis; the CVSS 4.0 score of 9.4 (Critical) reflects full confidentiality, integrity and availability impact with only low privileges required.
OS command injection in Guardian language-system's transcribe.php lets an unauthenticated remote attacker inject arbitrary shell commands through the 'id' GET parameter, which is concatenated directly into a PHP exec() call. Because no authentication or user interaction is required and the flaw yields full command execution, it maps to a CVSS 4.0 score of 9.3 with high confidentiality, integrity, and availability impact. No public exploit is identified at time of analysis, though a public gist writeup and a VulnCheck advisory document the issue.
OS command injection in the Guardian language-system lets unauthenticated remote attackers run arbitrary shell commands by injecting metacharacters into the 'id' GET parameter, which speechmac_text.php concatenates directly into a PHP exec() call. The CVSS 4.0 base score is 9.3 (critical) with full compromise of confidentiality, integrity, and availability, and no authentication or user interaction is needed. No public exploit identified at time of analysis, though a referenced gist and the VulnCheck advisory may contain technical exploitation detail.
OS command injection in Guardian language-system allows an unauthenticated remote attacker to execute arbitrary shell commands by injecting metacharacters into the 'id' GET parameter of complex_start.php, which is passed unsanitized into a PHP exec() call. No authentication or user interaction is required, and the CVSS 4.0 score of 9.3 (Critical) reflects full compromise of confidentiality, integrity, and availability. A public gist demonstrating the flaw means publicly available exploit code exists, though it is not listed in CISA KEV.
OS command injection in the Guardian language-system lets an unauthenticated remote attacker execute arbitrary operating-system commands on the hosting server. The flaw arises because text.php passes the user-controlled 'id' GET parameter straight into a PHP exec() call without sanitization, allowing shell metacharacters to break out of the intended command. The CVSS 4.0 base score is 9.3 (network vector, no privileges, no user interaction); no public exploit is identified at time of analysis, though a referenced gist and a VulnCheck advisory document the issue.
Unauthenticated OS command injection in the Guardian language-system PHP application lets remote attackers run arbitrary operating-system commands by injecting shell metacharacters into the 'id' GET parameter of text_to_subtitles.php, which is concatenated directly into a PHP exec() call. Any internet-reachable instance can be fully compromised without credentials or user interaction, and the CVSS 4.0 base score of 9.3 reflects full confidentiality, integrity, and availability loss. No public exploit identified at time of analysis, though a VulnCheck advisory and a technical gist describe the exact vulnerable code path.
OS command injection in Guardian language-system's transcribe_amazon.php allows an unauthenticated remote attacker to run arbitrary operating-system commands on the host. The id GET parameter is concatenated directly into a PHP exec() call that shells out to a transcription job, so appending shell metacharacters (e.g. ; | `) yields command execution with the privileges of the web server. No authentication or user interaction is required (PR:N/UI:N), and a public gist reference exists that may contain proof-of-concept details, though active exploitation is not confirmed in CISA KEV.
OS command injection in Guardian Language System's translate_text.php allows unauthenticated remote attackers to execute arbitrary operating-system commands by injecting shell metacharacters into the 'id' GET parameter, which is concatenated directly into a PHP exec() call. Because no authentication is required and the CVSS 4.0 vector is AV:N/AC:L/PR:N/UI:N, exploitation is trivial and yields full command execution in the web server's context. There is no public exploit identified at time of analysis, though a VulnCheck advisory and a public gist document the flaw.
Unauthenticated OS command injection in Guardian language-system's speech_text.php allows remote attackers to execute arbitrary shell commands by injecting metacharacters into the id GET parameter, which is passed unsanitized into a PHP exec() call. No authentication is required (CVSS 4.0 base 9.3), giving full read/write/availability impact on the host. A referenced GitHub gist and a VulnCheck advisory document the flaw, indicating publicly available exploit details, though it is not listed in CISA KEV.
OS command injection in the Guardian language-system's speechmac.php enables unauthenticated remote attackers to run arbitrary operating-system commands by injecting shell metacharacters into the 'id' GET parameter, which is concatenated directly into a PHP exec() call. No credentials or user interaction are required, so any network-reachable instance can be fully compromised. This is a CWE-78 flaw carrying a CVSS 4.0 base score of 9.3; no public exploit identified at time of analysis, though a referenced gist may contain proof-of-concept material.
OS command injection in the Guardian language-system lets an unauthenticated remote attacker run arbitrary shell commands by injecting metacharacters into the 'id' GET parameter, which speech.php passes unsanitized into a PHP exec() call. Rated CVSS 4.0 9.3 (Critical) with a fully remote, no-privilege, no-interaction vector, this is a direct pre-auth RCE. No CISA KEV listing or EPSS score is present in the provided data, and no confirmed public exploit is identified, though a referenced GitHub gist and a VulnCheck advisory document the flaw.
Arbitrary file write in the Feast Feature Server's `/save-document` endpoint lets an unauthenticated remote attacker write attacker-controlled JSON to the host filesystem, bypassing the endpoint's path restrictions to overwrite application configuration or startup scripts. Because no credentials are required (CVSS 9.1, PR:N), any network-reachable attacker can corrupt system integrity, cause denial of service through disk exhaustion, or potentially achieve remote code execution. This flaw also ships in Red Hat OpenShift AI (RHOAI), which bundles Feast; there is no public exploit identified at time of analysis and it is not in CISA KEV.
Arbitrary file deletion in the WP-BusinessDirectory (Business Directory) plugin for WordPress (versions ≤ 4.0.1) lets unauthenticated remote attackers delete any file the web server can access, including wp-config.php. The flaw stems from the frontend-accessible task=upload.remove endpoint accepting an unsanitized _filename parameter that permits ../ path traversal. No public exploit is identified at time of analysis, but the CVSS 9.1 rating and trivial exploitation (network, no auth, no user interaction) make it high priority; deleting wp-config.php can force WordPress into its installer, enabling site takeover.
Authentication via hardcoded default credentials in UltraVNC repeater through 1.8.2.2 lets any remote attacker who can reach the HTTP administration port (default TCP 80) log in as administrator. On a fresh or unmodified install where settings2.txt is absent, the repeater writes the literal password 'adminadmi2', and the Basic-auth handler enforces no rate-limiting or lockout, so a single well-known credential yields full control over allow/deny rules and session visibility. Rated CVSS 9.1 (CWE-798); no public exploit identified at time of analysis, though the credential itself is disclosed in the advisory.
Server impersonation in erlang_quic (Benoît Chesneau's Erlang QUIC/HTTP/3 library) before 1.4.4 arises because the QUIC client performed no server authentication during the TLS 1.3 handshake - the CertificateVerify signature, certificate chain, and hostname were all left unchecked, making the `verify` option a no-op. An on-path attacker can present any certificate to impersonate any server and transparently read or modify traffic, breaking both confidentiality and integrity (CVSS 9.1). No public exploit has been identified at time of analysis, and PSK-based session resumption handshakes are unaffected because the peer is authenticated by the PSK binder.
Authentication and authorization bypass in @fastify/middie 9.1.0 through 9.3.2 lets remote unauthenticated attackers reach protected parameterized route handlers by placing an encoded slash (%2F) in a path parameter. The middleware layer decodes %2F before matching while Fastify's router preserves the encoding, so the two disagree on the canonical path and any middie-based auth, authz, rate-limiting, or auditing middleware silently fails to run while the route handler still fires. No public exploit identified at time of analysis; the flaw is method-agnostic and requires no special preconditions, and the vendor rates it CVSS 9.1.
Server-side URL manipulation in the pretix-oppwa payment plugin (fixed in pretix 2026.5.3) lets a remote attacker exfiltrate the Oppwa API access token by tampering with the resourcePath return parameter. Because the plugin concatenated the attacker-controlled resourcePath onto the API base domain without a separating slash or validation, a crafted value redirects pretix's server-side status-check request - which carries the account API key - to an attacker-controlled host. No public exploit identified at time of analysis, and the CVSS 4.0 vector carries E:U (exploit unproven).
Out-of-bounds write in the command interface of NVIDIA ConnectX SmartNICs and BlueField DPUs allows a local user holding virtual function (VF) access - typically a tenant inside a guest VM - to corrupt device memory via crafted input and potentially achieve arbitrary code execution on the network device itself. Because the CVSS scope is Changed (S:C), a successful exploit crosses the VF isolation boundary and threatens the host and other tenants, making this a serious multi-tenant/cloud isolation-breakout risk. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Out-of-bounds write in the command interface of NVIDIA ConnectX network adapters and BlueField DPUs allows a local user holding an assigned virtual function (VF) to corrupt device memory via crafted input, potentially achieving arbitrary code execution on the device itself. Because the flaw sits at the firmware command interface reachable from a SR-IOV guest, a successful exploit crosses the guest/device trust boundary (CVSS scope-changed, base 9.0) and can compromise the host that owns the adapter. This is a vendor-reported issue with no public exploit identified at time of analysis and no CISA KEV listing.
Server-side object injection in BMC Control-M/Server and Control-M/Enterprise Manager 9.0.20.x (and potentially earlier) lets an authenticated attacker abuse the messaging consumer to deserialize untrusted, type-unrestricted objects, triggering unintended server-side behavior that can escalate to full compromise of the automation server. The affected releases are already out of support, and the CVSS 4.0 base score is 8.9 (High) with high privileges and high attack complexity required. There is no public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Remote code execution in the UltraVNC Viewer (all versions through 1.8.2.2) stems from an integer overflow in the RFB failure-response parser: a malicious or man-in-the-middle VNC server can send a reasonLen of 0xFFFFFFFF that wraps to 0 during buffer sizing, then stream 4 GiB into a 256-byte heap allocation. The flaw is reachable pre-authentication through connection-failure and auth-failure messages, so merely connecting a viewer to an attacker-controlled endpoint can corrupt the heap and potentially execute code as the user running the viewer. No public exploit identified at time of analysis, though the researcher confirmed a reliable heap-buffer-overflow write with AddressSanitizer.
Remote code execution in the V8 JavaScript engine of Google Chrome before 150.0.7871.46 allows a remote attacker who lures a victim to a crafted HTML page to execute arbitrary code — though notably only within the renderer sandbox rather than achieving full host compromise. Rated CVSS 8.8 and stemming from a code-generation flaw (CWE-94) in V8, it affects all Chrome desktop installations on the vulnerable channel; a fix has shipped, but there is no public exploit identified at time of analysis and CISA SSVC records exploitation status as none.
Privilege escalation in Foreman (the engine behind Red Hat Satellite 6) lets an authenticated user holding usergroup-management permissions attach arbitrary roles - including the administrator role - to a user group and then enroll themselves, gaining full admin-level control. The Usergroup model fails to validate that the assigning user actually holds the roles being granted, breaking the RBAC delegation boundary. Rated CVSS 8.8; no public exploit identified at time of analysis and it is not listed in CISA KEV, but the low attack complexity and clear escalation path make it a strong patch priority.
Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Remote code execution in Google Chrome's V8 JavaScript engine (versions prior to 150.0.7871.46) allows a remote attacker to run arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page. The flaw is an integer overflow in V8, rated High by Chromium and scored CVSS 8.8; exploitation requires user interaction (visiting a malicious page) but no authentication. There is no public exploit identified at time of analysis, and CISA SSVC records exploitation status as none, indicating no observed in-the-wild activity yet.
Remote code execution in Google Chrome's V8 JavaScript engine (versions prior to 150.0.7871.46) allows an attacker to run arbitrary code inside the renderer sandbox when a victim visits a crafted HTML page. The flaw is a use-after-free (CWE-416) reported by Google's own Chrome team; Chromium rated it Medium severity while NVD assigns CVSS 8.8. No public exploit has been identified at time of analysis, and CISA's SSVC framework records exploitation status as 'none'.
Privilege escalation in the Dokan Pro WooCommerce multivendor plugin for WordPress (all versions through 5.0.4) allows an authenticated vendor-level attacker to grant themselves or a controlled vendor_staff account the WordPress administrator capability, resulting in full site takeover. The flaw stems from the update_capabilities() REST handler accepting arbitrary capability strings with no allowlist, only checking for the dokandar capability. No public exploit has been identified at time of analysis, and no EPSS or KEV signals were supplied; however, the issue is reported by Wordfence and exploitation is straightforward on sites where the Vendor Staff module is enabled and vendor self-registration is permitted.
Remote code execution in Google Chrome's V8 JavaScript engine (all channels prior to 150.0.7871.46) allows a remote attacker to run arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page. The flaw is a CWE-843 type-confusion bug rated High by Chromium and CVSS 8.8; there is no public exploit identified at time of analysis and CISA's SSVC framework marks exploitation status as none. Because CVSS is AV:N/PR:N with UI:R, exploitation is unauthenticated but requires the victim to open a malicious page.
Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Use-after-free in Chrome's V8 JavaScript engine (versions before 150.0.7871.46) lets a remote attacker achieve arbitrary code execution inside the renderer sandbox by luring a victim to a crafted HTML page. Chromium rated this Medium severity, but the CVSS 8.8 reflects high confidentiality, integrity, and availability impact requiring only a single user click; there is no public exploit identified at time of analysis and CISA's SSVC framework records no known exploitation. Because scope is unchanged (S:U), code execution is confined to the sandbox and does not by itself constitute a full host compromise.
Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Privilege escalation via Cross-Site Request Forgery in the RegistrationMagic WordPress plugin (all versions through 6.0.9.1) lets a remote attacker promote an arbitrary form submitter to administrator by forging a request to the process_request function, which lacks proper nonce validation. The attack plants a malicious Chronos automation task that later runs through WordPress cron, and it succeeds when a logged-in administrator is tricked into clicking an attacker-supplied link. No public exploit identified at time of analysis, and it is not listed in CISA KEV; risk is driven by the plugin's install base and the low technical bar of CSRF.
Arbitrary file read in Gradio before 6.16.0 lets remote unauthenticated attackers escape the FileExplorer component's configured root_dir by submitting path segments with traversal sequences ('../') or absolute paths, exploiting how os.path.join discards the root prefix when handed an absolute path. Any Gradio app exposing a FileExplorer is exposed, enabling exposure of sensitive files (source code, secrets, credentials) outside the intended directory. There is no public exploit identified at time of analysis, but the flaw was reported by VulnCheck and a vendor patch is available.
Out-of-bounds memory access in Google Chrome's Tint component (the WGSL shader translator inside the Dawn/WebGPU stack) affects all desktop builds prior to 150.0.7871.46 and lets a remote attacker corrupt memory when a victim opens a crafted HTML page. Chromium rates the severity High and the CVSS 3.1 score is 8.8, driven by high confidentiality, integrity, and availability impact requiring only that the user visit a malicious page. No public exploit identified at time of analysis, and the low EPSS score (0.19%, 9th percentile) indicates exploitation is not currently widespread.
Remote code execution risk in Google Chrome's V8 JavaScript engine (versions prior to 150.0.7871.46) arises from a use-after-free that a remote attacker can trigger by luring a victim to a crafted HTML page, leading to heap corruption and potential arbitrary code execution in the renderer. The CVSS 8.8 rating reflects high impact with only user interaction (visiting a page) required, though Google rated the Chromium security severity as Low and no public exploit is identified at time of analysis. EPSS is low at 0.18% (8th percentile) and CISA SSVC records no known exploitation.
Heap corruption in the V8 JavaScript engine of Google Chrome before 150.0.7871.46 lets a remote attacker who lures a user to a crafted HTML page and coaxes them into specific UI gestures potentially achieve memory corruption and code execution in the renderer. The flaw was reported internally by the Chrome team and is patched in the Stable channel; no public exploit identified at time of analysis, and EPSS is low (0.18%, 8th percentile). Note the tension in the signals: NVD/aggregator CVSS is 8.8 (High) while Google's own Chromium severity rating is Low.
Reflected cross-site scripting in Guardian Language-System's media.php allows authenticated attackers to inject arbitrary JavaScript into the victim's browser session by crafting a malicious URL with a script payload in the id GET parameter. The flaw exists because the id parameter is written unsanitized directly into HTML source and form action attributes at lines 119 and 129 of media.php. A publicly available proof-of-concept exploit exists on GitHub, though no KEV listing indicates broad active exploitation at time of analysis.
Reflected XSS in Guardian Language-System's text_file.php allows an authenticated attacker to inject arbitrary script tags into at least six distinct form action attributes (lines 94, 101, 323, 403, 826, 852) by crafting a malicious URL with a payload in the id GET parameter. When a second authenticated victim is socially engineered into following the crafted link, the script executes within their browser session against the Guardian Language-System origin, enabling session token theft or unauthorized actions on the victim's behalf. A publicly available proof-of-concept exploit exists on GitHub; no CISA KEV listing has been identified, meaning active exploitation is not confirmed at time of analysis.
Reflected XSS in Guardian language-system's designer.php allows authenticated attackers to inject and execute arbitrary JavaScript in a victim's browser session by crafting a malicious URL. The `name` GET parameter is echoed unsanitized directly into an HTML input value attribute at line 57, enabling classic reflected cross-site scripting. A publicly available proof-of-concept exploit exists on GitHub (via VulnCheck advisory); the vulnerability is not currently listed in CISA KEV, and real-world impact is constrained by the requirement for victim interaction and authentication.
Authenticated OS command injection in Seiko Solutions SkyBridge MB-A100 and MB-A110 industrial LTE gateways allows an attacker who is already logged in with administrative privileges to execute arbitrary operating-system commands on the device. The CVSS 4.0 base score is 8.6 (High), reflecting full confidentiality, integrity, and availability impact once admin access is obtained, though the PR:H requirement confines exposure to authenticated administrators. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Authentication bypass in @acastellon/auth (npm package, aka antonio-castellon/module-auth) before 2.3.0 lets a remote unauthenticated attacker impersonate a trusted internal service by sending spoofed 'auth-user' and 'Host' request headers. The validateToken() middleware short-circuits its own token check when auth-user equals 'service-brother' and the Host header starts with the configured hostname - both fully client-controllable - so an attacker skips legacy/JWT/OIDC validation entirely. No public exploit identified at time of analysis, but the flaw is trivially reproducible from the advisory and carries CVSS 4.0 8.7 (high).
Privilege-escalation via admission-control bypass in Rancher Fleet allows an attacker with git push access to a Fleet-monitored repository to overwrite Pod Security Standards (PSS) enforcement labels on target namespaces. Because Fleet's agent-side deployer failed to filter security-sensitive keys (notably the `pod-security.kubernetes.io/` prefix) from `namespaceLabels` in `fleet.yaml` or `BundleDeployment.spec.options.namespaceLabels`, an attacker can downgrade namespace admission enforcement and deploy privileged or otherwise restricted workloads that PSS would normally block. No public exploit identified at time of analysis; the flaw was privately reported through responsible disclosure by a NATO NCSC researcher and is not listed in CISA KEV.
Privilege escalation to Administrator in the LatePoint booking plugin for WordPress (versions up to and including 5.6.3) lets an authenticated Agent-level user hijack any WordPress account by abusing an Insecure Direct Object Reference in OsOrdersController::create_or_update(). By supplying an arbitrary order[customer_id], an attacker overwrites the email of any LatePoint customer - including one tied to a WordPress Administrator - and then logs in as that user because OsAuthHelper::authorize_customer() never checks the linked account's role. Reported by Wordfence and rated CVSS 8.8; no public exploit identified at time of analysis and it is not on CISA KEV, though the root-cause code paths are pinpointed in public plugin source.
Denial-of-service exposure in the Delta Electronics DVP80ES3 programmable logic controller (part of the DVP-ES3 series) stems from an improperly implemented standard security check (CWE-358) that a remote, unauthenticated attacker can abuse over the network to force a loss of availability. The CVSS 4.0 base score is 8.7 (High), driven entirely by high availability impact with no confidentiality or integrity impact in the scored vector. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; note that the vendor's tags label this 'Information Disclosure,' which conflicts with the availability-only CVSS vector and should be verified against the Delta advisory.
Stored cross-site scripting in Eclipse Open VSX Registry (versions 0.1.0 through before 1.0.2) allows an attacker who self-registers a publisher account to upload a VSIX containing malicious HTML that the /vscode/unpkg/ endpoint serves inline as text/html within the open-vsx.org origin, with no Content-Security-Policy or Content-Disposition: attachment header. When a logged-in victim is lured to the resulting URL, the script runs in the registry's origin and can steal session tokens, mint Personal Access Tokens, and publish trojanized extension versions - turning a single XSS into a supply-chain compromise of VS Code, VSCodium, Cursor, and Windsurf users. No public exploit is identified at time of analysis and EPSS risk is low (0.17%), but the downstream blast radius is severe.
Remote code execution in Ray (the distributed compute/ML framework) before version 2.56.0 lets attackers run arbitrary code by feeding a malicious tar archive to the WebDataset reader. The read_webdataset() datasource invokes pickle.loads() on .pkl/.pickle entries and torch.load() with weights_only=False on .pt/.pth entries with no validation, so code executes inside every Ray remote worker that processes the archive. No public exploit has been identified at time of analysis, but the fix is available in Ray 2.56.0 and the issue is documented in a GitHub Security Advisory (GHSA-hhrp-gw25-jr43) and a VulnCheck advisory.
Privilege escalation and container escape in NVIDIA Container Toolkit for Linux (and the GPU Operator that bundles it) stem from a time-of-check to time-of-use (TOCTOU) race condition that can lead to arbitrary code execution, privilege escalation, and data tampering across a scope boundary. A low-privileged attacker who can win the race may break out of the intended isolation boundary of GPU-enabled containers. No public exploit has been identified at time of analysis, and the CVE is not listed in CISA KEV; NVIDIA is the reporting source via its product-security advisory 5850.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that lets an authorized attacker run arbitrary code over a network within the browser process. Microsoft has shipped an official fix and rates it CVSS 8.3; the exploit-maturity metric is Unproven (E:U), meaning no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is high to confidentiality and integrity with partial availability loss, making it a meaningful but not emergency patch priority for Edge-based endpoints.
Sandbox escape in Google Chrome on Android (versions prior to 150.0.7871.46) lets an attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page that abuses insufficient input validation in the Dawn WebGPU component. Google rates the Chromium severity as High, and the flaw carries a CVSS 8.3 with a scope-changing impact. There is no public exploit identified at time of analysis, and CISA SSVC records exploitation status as none.