Skip to main content
CVE-2026-12195 HIGH POC PATCH This Week

Authenticated OS command injection in the myVesta hosting control panel lets a low-privileged user inject arbitrary shell commands through the v_ftp_user parameter during FTP-account deletion, escalating to full command execution as the admin user and takeover of the panel. Publicly available exploit code exists (documented by ProjectBlack/PRJBLK) and a vendor fix commit has been published, though no CISA KEV listing or EPSS data is provided. Because a scope change moves the attacker from a low-privilege panel account to admin-level command execution, this is a high-impact privilege-escalation-to-RCE path.

Command Injection RCE Vesta
NVD GitHub VulDB
CVSS 4.0
8.5
EPSS
0.7%
CVE-2026-14637 HIGH POC PATCH This Week

PHP object injection in kirilkirkov's Ecommerce-CodeIgniter-Bootstrap allows remote unauthenticated attackers to pass attacker-controlled data into the getCartItems() function of application/libraries/ShoppingCart.php, which deserializes the shopping_cart argument (CWE-502). Depending on available gadget chains in the CodeIgniter application, this can lead to code execution or denial of service. Publicly available exploit code exists (VulDB, GHSA-9g5q-g6m3-v5cr), but there is no public exploit identified as being used in active attacks and the item is not in CISA KEV; EPSS was not provided.

Deserialization PHP Ecommerce Codeigniter Bootstrap
NVD VulDB GitHub
CVSS 4.0
7.8
EPSS
0.6%
CVE-2026-14535 CRITICAL PATCH Act Now

Security-control bypass in Trail of Bits fickling (≤0.1.11) neuters its MLAllowlist analysis pass so that malicious pickle files pass fickling's check_safety() gate as LIKELY_SAFE, enabling arbitrary code execution when fickling.load() deserializes them. Because UnsafeImportsML pre-registers every import in the shared reported_shortened_code set, MLAllowlist always short-circuits and never validates imports against the known-safe ML ecosystem, so any standard-library module outside the UNSAFE_IMPORTS denylist can be smuggled through. Publicly available exploit code exists (SSVC 'poc'); it is not listed in CISA KEV and EPSS is low (0.30%), consistent with a demonstrated-but-not-yet-widespread threat.

Deserialization Fickling
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-14628 MEDIUM POC This Month

Path traversal in NousResearch hermes-agent (all versions through 2026.5.16) exposes arbitrary server-side files via the Live Webhook Endpoint's `extract_media` function in `gateway/platforms/base.py`. Remote, unauthenticated attackers can read files outside the intended directory, resulting in low-confidentiality-impact disclosure - potentially exposing configuration files, credentials, or internal data. A public proof-of-concept exploit is available on GitHub; however, this vulnerability has not been listed in CISA KEV, indicating active exploitation is not yet confirmed at time of analysis.

Path Traversal Hermes Agent
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.6%
CVE-2026-14622 MEDIUM POC This Month

Unauthenticated access to the administrative AJAX endpoint in jairiidriss/restaurant-website-php-mysql exposes backend admin functions to any remote attacker without credentials. The /admin/ajax_files endpoint fails to enforce authentication (CWE-306), allowing manipulation of whatever administrative operations it services - likely CRUD operations on menu items, orders, or reservations. No CISA KEV listing exists, but a public proof-of-concept was published via GitHub issue #6, and the maintainer has not responded to disclosure, leaving all deployments up to commit 521428b5b612449df0cf4a5d15ee40cba67f3d35 unpatched.

Authentication Bypass Restaurant Website Php Mysql
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.5%
CVE-2026-14635 MEDIUM POC PATCH This Month

Path traversal in kirilkirkov's Ecommerce-CodeIgniter-Bootstrap exposes server-side files and upload directories to manipulation via the unsanitized `folder` parameter in the Vendor Multi-Image Endpoint (AddProduct.php), enabling remote attackers to read or write files outside the designated upload path. A public exploit has been released per GitHub Security Advisory GHSA-6whv-r5hm-vcjr and the CVSS 4.0 E:P modifier confirms proof-of-concept availability, with a base score of 6.9 reflecting low-complexity network exploitation. No CISA KEV listing was identified; however, all deployed instances cloned prior to patch commit 2a9497ff are exposed, as this is a rolling-release project with no discrete versioned releases.

Path Traversal PHP Ecommerce Codeigniter Bootstrap
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-14641 MEDIUM POC This Month

SQL injection in SourceCodester Class and Exam Timetabling System 1.0 exposes the `/edit_course.php` endpoint to unauthenticated remote database manipulation via a malicious `id` parameter. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms zero-barrier remote exploitation with no authentication or user interaction required, and a public proof-of-concept exploit has been disclosed on GitHub. No active exploitation is confirmed in CISA KEV, though the combination of a public POC and fully unauthenticated attack path elevates practical risk for any internet-exposed deployment.

SQLi PHP Class And Exam Timetabling System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-14660 MEDIUM POC This Month

SQL injection in code-projects Online Job Portal 1.0 exposes the login.php endpoint to remote unauthenticated exploitation via the txtUser and txtPass parameters, enabling attackers to manipulate backend SQL queries without any credentials or user interaction. A public proof-of-concept exploit is documented on GitHub, significantly lowering the barrier to attack for any internet-exposed instance. No patch has been identified from the vendor at time of analysis; the wildcard CPE suggests all versions are affected.

SQLi PHP Online Job Portal
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-14653 MEDIUM POC This Month

SQL injection in SourceCodester Simple and Nice Shopping Cart Script 1.0 enables remote, unauthenticated attackers to manipulate database queries through the user_id parameter in /admin/mensproductdeletequery.php, exposing partial confidentiality, integrity, and availability of the underlying database. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) indicates no authentication or special conditions are required for exploitation over the network. A public exploit has been disclosed on GitHub, elevating the practical risk above the raw score suggests - though this is not confirmed as actively exploited by CISA KEV at time of analysis.

SQLi PHP Simple And Nice Shopping Cart Script
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-14652 MEDIUM POC This Month

SQL injection in SourceCodester Simple and Nice Shopping Cart Script 1.0 exposes the admin login interface to remote unauthenticated attackers through unsanitized input in the Username parameter of /admin/login.php. The CVSS 4.0 score of 6.9 (Medium) reflects limited per-request impact (VC:L/VI:L/VA:L), but a publicly available proof-of-concept exploit (E:P) on GitHub substantially lowers the exploitation bar for opportunistic attackers. No KEV listing exists at time of analysis; however, the trivial attack complexity (AC:L, AT:N, PR:N, UI:N) combined with public exploit code makes any internet-facing deployment of this script an immediate remediation priority.

SQLi PHP Simple And Nice Shopping Cart Script
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-14642 MEDIUM POC This Month

SQL injection in SourceCodester Class and Exam Timetabling System 1.0 exposes the database to remote unauthenticated attackers via the unvalidated ID parameter in /edit_class2.php. The CVSS 4.0 vector (AV:N/AC:L/PR:N/UI:N) confirms trivial, unauthenticated remote exploitation requiring no special conditions. Publicly available exploit code (E:P) lowers the bar to exploitation further, though the product's niche deployment footprint significantly limits real-world blast radius. No KEV listing; no patch identified at time of analysis.

SQLi PHP Class And Exam Timetabling System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-14648 MEDIUM POC This Month

Unauthenticated SQL injection in code-projects Online Voting System 0.x-1.0 exposes the admin login endpoint to full authentication bypass and database extraction. The vulnerability resides in the `test_input` function within `/authentication.php`, where the `adminUserName` and `adminPassword` parameters are passed unsanitized into SQL queries, enabling classic injection attacks against the login form. A public proof-of-concept exploit has been published on GitHub; no vendor patch has been identified at time of analysis.

SQLi PHP Online Voting System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-14640 MEDIUM POC This Month

SQL injection in CodeAstro Apartment Visitor Management System 1.0 exposes the login endpoint at /index.php to unauthenticated remote attackers who can manipulate the Username parameter to execute arbitrary SQL queries against the backend database. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms zero prerequisites for exploitation, and the E:P modifier reflects a publicly available proof-of-concept on GitHub. No CISA KEV listing was found at time of analysis, but the combination of an exposed login surface, no authentication barrier, and live POC code materially elevates practical risk beyond the medium CVSS score of 6.9.

SQLi PHP Apartment Visitor Management System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-14534 HIGH PATCH This Week

Arbitrary code execution bypass in Trail of Bits fickling (versions ≤ 0.1.10) allows attackers to craft malicious pickle files that the tool's check_safety() gate rates LIKELY_SAFE with zero findings. Because the standard-library modules _posixsubprocess, site, and atexit are missing from the UNSAFE_IMPORTS denylist in fickle.py, payloads invoking _posixsubprocess.fork_exec, site.execsitecustomize, or atexit._run_exitfuncs pass the scanner and are then deserialized and executed by fickling.load(), which chains check_safety() into pickle.loads() as its security gate. No public exploit has been identified at time of analysis, and no EPSS or KEV signals are present in the input, but the advisory documents the exact bypass primitives.

Python RCE Fickling
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-71380 HIGH This Week

Arbitrary command execution in the n8n workflow automation platform lets authenticated users abuse the built-in Execute Command node to run OS commands directly on the host running n8n. Any user with workflow-editing access or stolen credentials can leverage this by-design node to exfiltrate data, disrupt the service, or fully compromise the underlying host, and CWE-284 (Improper Access Control) reflects that command execution is not restricted to trusted operators. Reported by VulnCheck; no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Authentication Bypass N8n
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.4%
CVE-2026-54424 HIGH This Week

Local privilege escalation in Unity Parsec for Windows (all builds through v2026-05-04.0) lets an unprivileged local user coerce an instance of parsecd.exe to run as NT AUTHORITY\SYSTEM while honoring a user-controlled AppData environment variable, allowing the attacker to redirect the privileged process to resources under their control and gain SYSTEM. The flaw is a CWE-648 misuse of privileged APIs; publicly available exploit code exists (a dedicated CVE GitHub repository and a researcher write-up), and it is fixed in Parsec for Windows 150-104a. It is not listed in CISA KEV and no EPSS score was supplied, so there is no evidence of widespread active exploitation.

Microsoft Information Disclosure Parsec
NVD GitHub VulDB
CVSS 3.1
8.4
EPSS
0.2%
CVE-2026-12196 HIGH PATCH This Week

Privilege escalation and remote code execution in the HestiaCP control panel allows an authenticated low-privilege user to abuse the panel's cronjob feature, which invokes HestiaCP management scripts via passwordless sudo, to run arbitrary commands and seize administrator accounts and the underlying webserver. Because the cronjob editor lets an ordinary panel user schedule execution of privileged v-scripts, the flaw yields a straight path from a normal hosting account to full host compromise. A detailed public write-up (projectblack.io) documents the exploitation technique, though it is not listed in CISA KEV.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
8.3
EPSS
0.3%
CVE-2026-49297 HIGH PATCH This Week

Path traversal in Apache Airflow's Google provider (apache-airflow-providers-google before 22.2.1) lets a principal with write access to a source GCS bucket overwrite arbitrary files on the SFTP server (GCSToSFTPOperator) or the worker host (GCSTimeSpanFileTransformOperator) by crafting a GCS object name containing `..` segments. Because the bucket writer is frequently a lower-trust party than the DAG author (partner uploads, ingest-only service accounts, public-data buckets), exploitation crosses a trust boundary that operators may not have modeled. No public exploit is identified at time of analysis, and CISA SSVC rates exploitation as none, so this is a real but non-default, targeted-risk integrity flaw rather than a mass-exploitable one.

Apache Path Traversal Google Apache Airflow Providers Google
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.6%
CVE-2026-12746 HIGH PATCH This Week

Login CSRF via a missing OAuth 2.0 state parameter in Dancer2::Plugin::Auth::OAuth::Provider (all versions before 0.23) allows a remote, unauthenticated attacker to associate their own OAuth provider identity and access token with a victim's application session, potentially achieving persistent account takeover. The plugin's authentication_url method never generates a state value, and the callback handler never validates one, leaving the entire authorization flow unbound to the session that initiated it. No public exploit code or active exploitation (CISA KEV) has been identified, but the attack concept is well-understood and described in RFC 6749 §10.12 as a known threat to any OAuth 2.0 implementation omitting state binding.

CSRF
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-12740 HIGH This Week

Login cross-site request forgery in Plack::Middleware::OAuth through 0.10 (Perl/PSGI OAuth login middleware) lets an unauthenticated remote attacker bind their own provider identity to a victim's session because the OAuth 2.0 flow omits the anti-CSRF state parameter and never verifies that a callback belongs to the session that initiated the flow. With victim interaction (clicking an attacker-supplied callback URL), the attacker's provider account and access token become associated with the victim's session, and where the app persists this as an account link the attacker retains ongoing access to the victim's account. There is no public exploit identified at time of analysis; EPSS is low (0.13%) and it is not in CISA KEV, but an upstream fix exists in PR #13.

CSRF
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-12252 HIGH PATCH This Week

Arbitrary code execution in the NLTK Python library (nltk/nltk 3.9.3 and earlier) allows an attacker to run untrusted Java code when a victim loads a malicious JAR through five Stanford interface wrappers (StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, StanfordNeuralDependencyParser). These classes pass a user-controllable JAR path to an internal java() helper that calls subprocess.Popen() with no SHA256 integrity check, so a substituted or poisoned JAR executes with the user's privileges. This is a regression of CVE-2026-0848, whose SHA256 verification fix was applied only to StanfordSegmenter and never propagated to these five classes; no public exploit is identified at time of analysis, though a huntr bounty report exists.

Code Injection RCE Nltk Nltk Red Hat
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-71364 HIGH PATCH This Week

Detection bypass in picklescan before 0.0.30 lets a crafted pickle smuggle the asyncio.unix_events._UnixSubprocessTransport._start built-in past the scanner's malicious-opcode checks, so a model or pickle that picklescan reports as safe actually executes arbitrary OS commands when a victim deserializes it. Because picklescan is a security scanner used to vet untrusted ML artifacts (e.g. in AI model supply chains), this false-negative turns a trusted safety gate into a blind spot. No public exploit identified at time of analysis and it is not on CISA KEV, but the technique is fully described in the VulnCheck advisory.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.6%
CVE-2025-71369 HIGH PATCH This Week

Safety-check bypass in picklescan before 0.0.28 allows attackers to smuggle malicious pickle files past the scanner by abusing torch.utils.data.datapipes.utils.decoder.basichandlers as a reduce gadget, so a payload the tool reports as clean still executes arbitrary code when the victim deserializes it. Because picklescan is a defensive scanner used to vet untrusted ML models (notably in Hugging Face workflows), this blind spot converts a trusted safety gate into a false sense of security. No public exploit identified at time of analysis, and it is not on CISA KEV; CVSS 4.0 base score is 7.6.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71367 HIGH PATCH This Week

Security-scanner detection bypass in picklescan before 0.0.34 lets attackers slip malicious pickle files past its checks by invoking _operator.attrgetter inside a reduce method, so a file the scanner reports as clean still executes arbitrary code when pickle.load() deserializes it. The flaw affects ML/AI supply-chain pipelines that rely on picklescan to vet untrusted model files. No public exploit identified at time of analysis; the issue was reported by VulnCheck and fixed in 0.0.34.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71366 HIGH PATCH This Week

Security-scanner evasion in picklescan before 0.0.28 lets attackers slip malicious pickle files past its safety checks by abusing the torch.utils.bottleneck.__main__.run_cprofile call, which the scanner's blocklist does not recognize as dangerous. Any ML pipeline or platform that relies on picklescan to vet untrusted models will therefore approve a weaponized file, and the embedded code runs with arbitrary execution when the victim deserializes it. No public exploit identified at time of analysis; not listed in CISA KEV, but VulnCheck published a dedicated advisory and the technique is fully documented.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71347 HIGH PATCH This Week

Security-scanner evasion in picklescan before 0.0.33 lets attackers smuggle malicious pickle files past its detection engine by abusing the numpy.f2py.crackfortran.param_eval function inside a pickle reduce method, so a payload the scanner declares safe still triggers arbitrary code execution when the application deserializes it. This defeats the exact protection picklescan exists to provide, endangering ML pipelines that rely on it to vet untrusted model/pickle files (e.g., Hugging Face-style workflows). No public exploit is identified at time of analysis and it is not in CISA KEV, though VulnCheck published an advisory.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71373 HIGH PATCH This Week

Detection bypass in picklescan before 0.0.33 lets attackers slip malicious pickle files past its security scanner by using operator.methodcaller, a callable the scanner's blocklist did not recognize. Any ML pipeline, model hub, or workflow that trusts picklescan to vet untrusted pickle/model files is affected, because a crafted payload will be marked safe yet execute arbitrary code the moment the file is deserialized. No public exploit identified at time of analysis and the flaw is not in CISA KEV, but the bypass technique is straightforward and the issue is tagged RCE by the reporting source (VulnCheck).

RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71359 HIGH PATCH This Week

Detection bypass in picklescan before 0.0.29 lets attackers slip malicious pickle payloads past the scanner by abusing lib2to3.pgen2.grammar.Grammar.loads inside a pickle reduce method, resulting in remote code execution when the file is later deserialized with pickle.load(). Because picklescan is trusted as a safety gate for machine-learning model files, a bypass converts a 'scanned and clean' verdict into silent arbitrary code execution. No public exploit has been identified at time of analysis and the flaw is not listed in CISA KEV, though the technique is concretely described in the VulnCheck advisory.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71345 HIGH PATCH This Week

Malicious-pickle detection bypass in picklescan before 0.0.30 allows attackers to smuggle undetected remote code execution payloads past the scanner by abusing the torch.utils.bottleneck.__main__.run_autograd_prof gadget, which was absent from picklescan's dangerous-import blocklist. Because picklescan is used as a security gate to vet untrusted ML model files, a false-negative here means a crafted model passes as safe and executes arbitrary code when subsequently deserialized. Reported by VulnCheck via GHSA-4whj-rm5r-c2v8; no public exploit identified at time of analysis, and it is not on CISA KEV.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71342 HIGH PATCH This Week

Malicious pickle detection bypass in picklescan before 0.0.30 lets attackers hide code that runs during pickle.load, because the scanner does not flag the idlelib.run.Executive.runcode primitive used in a reduce method. Since picklescan is a security tool relied upon to vet PyTorch/ML model files, this bypass turns a trusted safety check into a false 'clean' verdict, enabling remote code execution and supply-chain attacks against anyone loading an attacker-supplied model. Reported by VulnCheck; no public exploit identified at time of analysis and not listed in CISA KEV.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71372 HIGH PATCH This Week

Security-scanner bypass in Picklescan before 0.0.33 lets attackers smuggle arbitrary-code-execution payloads past its safety checks by abusing the numpy.f2py.crackfortran.getlincoef gadget inside a pickle __reduce__ method, which the scanner fails to flag as dangerous. Because Picklescan is used to vet shared machine-learning model files, a malicious pickle passes as 'clean' and then executes attacker-controlled Python when the trusting downstream consumer deserializes it. No public exploit is identified at time of analysis, and it is not listed in CISA KEV; the CVSS 4.0 score is 7.6 and the attack depends on a victim actually loading the file.

Deserialization Python RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71375 HIGH PATCH This Week

Malicious code execution via scanner bypass affects picklescan before 0.0.34, a security tool used to vet pickle files for unsafe deserialization before loading ML model artifacts. The scanner fails to flag the _operator.methodcaller built-in, so an attacker can craft a pickle that passes picklescan's malware check yet executes arbitrary code the moment a victim calls pickle.load(). No public exploit has been identified at time of analysis, and the flaw is not on CISA KEV; the fix landed in version 0.0.34.

Deserialization RCE Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.4%
CVE-2025-71362 HIGH PATCH This Week

Malicious-pickle detection bypass in picklescan before 0.0.33 lets attackers smuggle arbitrary code past the scanner by abusing numpy.f2py.crackfortran functions that call eval() on attacker-controlled strings. Because picklescan is itself the security tool meant to vet untrusted pickle/model files, this evasion causes a weaponized pickle to be marked safe, so the embedded code executes when the file is later deserialized. Reported by VulnCheck with a CVSS 4.0 score of 7.6; no public exploit identified at time of analysis and it is not in CISA KEV.

Deserialization Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.3%
CVE-2025-71360 HIGH PATCH This Week

Security-control bypass in picklescan before 0.0.29 lets attackers craft malicious pickle files that evade its malware scanner by hiding a reduce-method payload behind Python's idlelib.calltip.get_entity function, so a file the scanner reports as clean executes arbitrary commands when a victim deserializes it. Affected are ML/AI pipelines and users relying on picklescan to vet untrusted model artifacts. No public exploit or CISA KEV listing is identified at time of analysis, though the technique and a GitHub Security Advisory (GHSA-9xph-j2h6-g47v) are documented by VulnCheck.

Deserialization Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.3%
CVE-2025-71356 HIGH PATCH This Week

Security scanner bypass in picklescan before 0.0.28 allows attackers to smuggle arbitrary code past the tool's malware detection by abusing torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression, which is not on picklescan's dangerous-globals blocklist. Because picklescan is a defensive tool used to vet untrusted ML pickle files (notably in the Hugging Face ecosystem), a bypass causes a malicious model to be marked safe and then execute remote code when the victim deserializes it. There is no public exploit identified at time of analysis and this CVE is not listed in CISA KEV, but the technique is fully described in the VulnCheck advisory.

Deserialization Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.3%
CVE-2025-71353 HIGH PATCH This Week

Detection bypass in picklescan before 0.0.28 lets attackers smuggle malicious pickle files past the scanner by abusing the torch._dynamo.guards.GuardBuilder.get gadget inside a __reduce__ method, so a file that picklescan reports as safe still executes arbitrary commands when deserialized (e.g. via torch.load). This undermines the security control that ML pipelines and model hubs rely on to vet untrusted model artifacts, turning a trusted-scan result into a false negative. Reported by VulnCheck with a vendor GHSA advisory; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Deserialization Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.3%
CVE-2025-71343 HIGH PATCH This Week

Detection bypass in picklescan before 0.0.30 lets attackers smuggle malicious pickle files past the scanner by abusing lib2to3.pgen2.pgen.ParserGenerator.make_label as a reduce callable, so a file that picklescan clears still runs arbitrary commands when downstream code calls pickle.load(). picklescan is the security control itself - a static scanner used to vet ML model artifacts - so this weakness undermines the exact protection teams rely on to catch unsafe pickles. No public exploit identified at time of analysis and it is not on CISA KEV, but the technique is documented in VulnCheck and vendor advisories.

Deserialization Picklescan
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.3%
CVE-2026-14627 LOW POC Monitor

Improper authentication in NousResearch hermes-agent through version 0.15.2 allows remote attackers to bypass the Discord user allowlist by exploiting a logic flaw in the `DiscordAdapter._is_allowed_user` function within `gateway/platforms/discord.py`. Exploitation is rated high complexity (CVSS 4.0 AC:H), resulting in limited but confirmed confidentiality, integrity, and availability impact against the vulnerable system. A public proof-of-concept exploit has been disclosed via GitHub Gist; no vendor patch exists as the vendor did not respond to responsible disclosure.

Authentication Bypass Hermes Agent
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.4%
CVE-2026-14649 MEDIUM This Month

SQL injection in code-projects Online Voting System 1.0 exposes remote unauthenticated attackers a direct path to manipulate backend database queries through four parameters in the vote submission endpoint /saveVote.php. The test_input function - intended as a sanitization layer - fails to neutralize SQL metacharacters across voterName, voterEmail, voterID, and selectedCandidate, indicating a systemic rather than isolated input-handling failure. A publicly available proof-of-concept exists on GitHub, lowering the exploitation barrier, though real-world exposure is substantially constrained by the product's near-zero production deployment footprint as an educational PHP project.

SQLi PHP
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2026-12194 LOW POC Monitor

PHP file inclusion in PHPIPAM allows authenticated API users to include and execute arbitrary PHP files from the web server's filesystem, with primary impact on application confidentiality through exposure of sensitive configuration data. Exploitation is gated behind two non-default conditions: the REST API must be deliberately enabled by an administrator, and the attacker must hold valid API credentials - constraining the realistic attack surface substantially. Publicly available exploit code exists per Project Black's research blog, though the vulnerability carries a CVSS 4.0 score of 2.3 and is absent from CISA KEV, reflecting its narrow exploitation prerequisites rather than widespread threat activity.

LFI Information Disclosure PHP Phpipam
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.4%
CVE-2026-14623 LOW POC PATCH Monitor

Denial of service in omec-project AMF (Access and Mobility Management Function) versions up to 2.1.1 allows a low-privileged remote attacker to crash or degrade the NGAP Message Handler by submitting a crafted RRCInactiveTransitionReport message, exploiting improper resource release (CWE-404). The vulnerability affects the 5G core network control plane component responsible for UE mobility and session management, making it a high-value target in operator and research 5G deployments. No active exploitation is confirmed via CISA KEV, but a public proof-of-concept has been disclosed via GitHub issue #676 and a patch commit exists.

Denial Of Service Amf
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.5%
CVE-2026-14656 LOW POC Monitor

Cross-site scripting in code-projects Assessment Management 1.0 allows remote unauthenticated attackers to inject malicious scripts via the unsanitized `ID` parameter in `/admin/remove-user.php`. A public proof-of-concept exploit is available on GitHub (E:P in the CVSS 4.0 supplemental metrics), lowering the bar for exploitation. The vulnerability is not listed in the CISA KEV catalog, so confirmed widespread active exploitation has not been established, though the admin-facing endpoint makes session hijacking of privileged users a realistic outcome.

XSS PHP Assessment Management
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.4%
CVE-2026-14659 LOW POC Monitor

SQL injection in itsourcecode Hospital Management System 1.0 exposes patient and appointment data to remote attackers holding low-privilege credentials via the `patiente` parameter in `/patientappointment.php`. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N) confirms network-reachable exploitation with no attack complexity, and the E:P modifier reflects a publicly disclosed proof-of-concept on GitHub. While not yet listed in CISA KEV, the combination of a live PoC, a healthcare data context, and trivial exploitation conditions makes this a credible risk for any organization running this application.

SQLi PHP Hospital Management System
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-14658 LOW POC Monitor

SQL injection in code-projects Assessment Management 1.0 allows authenticated remote attackers to execute arbitrary SQL queries by manipulating the smarksrange[] array parameter in /lecturer/marking-scheme.php. The CVSS 4.0 vector (PR:L) confirms low-privilege authentication is required, limiting the attack surface to registered users such as lecturers. A public exploit proof-of-concept is available on GitHub, elevating the practical risk despite the medium CVSS 4.0 score of 5.3 and no confirmed active exploitation in the CISA KEV catalog.

SQLi PHP Assessment Management
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-14657 LOW POC Monitor

SQL injection in code-projects Assessment Management 1.0 exposes database query handling in the lecturer marking-scheme feature to manipulation via the unsanitized `squestions[]` parameter at `/lecturer/marking-scheme.php`. Authenticated remote attackers with low-privilege access can alter SQL query logic to extract or modify student assessment data. A public proof-of-concept exploit is documented on GitHub, lowering the skill bar for exploitation; however, the application is not listed in CISA KEV and carries a CVSS 4.0 score of 2.1 reflecting its constrained impact and authentication prerequisite.

SQLi PHP Assessment Management
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-14624 LOW POC PATCH Monitor

Denial of service in omec-project's 5G Access and Mobility Management Function (AMF) versions up to 2.0.2 and 2.1.1 allows remote low-privileged attackers to crash the AMF process by sending a malformed NGSetupRequest message over the NGAP interface. A publicly available proof-of-concept exploit exists via GitHub issue #677, lowering the exploitation barrier substantially. No CISA KEV listing exists, but given the AMF's role as the central mobility and registration anchor in 5G core infrastructure, even a partial service disruption can deny connectivity across entire served cell areas.

Denial Of Service Amf
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-14618 LOW POC PATCH Monitor

Denial of service in the Open5GS AMF component (versions up to 2.7.7) can be triggered remotely by a low-privileged attacker via improper resource handling in the `amf_nnrf_handle_nf_discover` function of `src/amf/nnrf-handler.c`. The AMF is a critical 5G core control-plane element; crashing or hanging it disrupts mobility management and NF discovery for all connected UEs and network functions. A public proof-of-concept exists (GitHub issue #4517), and a patch commit has been identified, though the fix originates in a fork rather than the mainline repository.

Denial Of Service Open5gs
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-14629 LOW POC PATCH Monitor

Divide-by-zero in RT-Thread's lightweight process (lwp) syscall handler allows a low-privileged remote attacker to crash the RTOS by sending crafted read, write, or sys_ioctl system calls with malicious parameters to the affected handler in components/lwp/lwp_syscall.c. Affected versions are 5.2.2 and below. A public proof-of-concept exploit has been disclosed via GitHub issue #11429, though this vulnerability has not been added to the CISA KEV catalog, suggesting exploitation remains opportunistic rather than broadly weaponized. The upstream fix exists only as a pull request (PR #11453) awaiting merge acceptance.

Information Disclosure Rt Thread
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-14634 LOW POC PATCH Monitor

Reflected/stored cross-site scripting in the Subscribed Emails Admin Page of kirilkirkov's Ecommerce-CodeIgniter-Bootstrap allows an unauthenticated remote attacker to inject arbitrary JavaScript by crafting a malicious HTTP User-Agent header, which is rendered unencoded via the checkForPostRequests function in application/core/MY_Controller.php. When an administrator subsequently views the subscription management panel, the payload executes in their browser session. A public exploit exists (CVSS E:P); this is not listed in CISA KEV, indicating no confirmed widespread active exploitation at time of analysis.

XSS PHP Ecommerce Codeigniter Bootstrap
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-14632 LOW POC PATCH Monitor

Open redirect in kirilkirkov Ecommerce-CodeIgniter-Bootstrap allows remote attackers to manipulate the href argument of the setReferrer() function in the Trusted Backend Interface, redirecting users to arbitrary attacker-controlled URLs. A publicly available proof-of-concept exploit exists (CVSS 4.0 E:P), lowering the exploitation barrier for phishing and credential harvesting campaigns. This vulnerability is not listed in CISA KEV, indicating no confirmed widespread active exploitation at time of analysis.

Open Redirect PHP Ecommerce Codeigniter Bootstrap
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy