Arbitrary code execution in DataEase before 2.10.24 lets authenticated users bypass H2 JDBC URL validation using special Unicode characters whose case conversion differs between DataEase's validator and the H2 parser, smuggling dangerous parameters such as INIT into a malicious H2 connection string. Because H2's INIT clause executes SQL/DDL at connection time, an attacker can run arbitrary code on the host. No public exploit has been identified at time of analysis, but a fix commit and release exist, making the mechanism reproducible from the public patch.
Denial of service in GNU Wget through 1.25.0 lets a malicious or compromised HTTP(S) server crash the client by serving a Metalink document whose URL element contains only whitespace, causing clean_metalink_string() in src/metalink.c to decrement a pointer past the start of the heap buffer. The out-of-bounds read (CWE-125) produces abnormal program behavior and is reported by VulnCheck; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The fix landed upstream in GitLab commit 37a40fc.
Unauthorized portfolio data exposure in Ghostfolio's public API allows anyone holding a private access ID to read another user's full portfolio through the GET /api/v1/public/:accessId/portfolio endpoint. The endpoint accepts private access IDs without enforcing the granteeUserId filter, so holdings, quantities, buy prices, and performance metrics are returned without authentication. This is an authorization (broken access control) flaw with high confidentiality impact and no known public exploit at time of analysis.
Authentication bypass in DataEase open-source BI platform before 2.10.24 lets unauthenticated remote attackers who know a protected share UUID retrieve a valid X-DE-LINK-TOKEN from the /de2api/share/proxyInfo endpoint, because the token is issued before the share password or ticket is checked. With that token an attacker can call subsequent share APIs and read data behind password-protected dashboards without valid credentials. No public exploit identified at time of analysis; the flaw is fixed in 2.10.24.
SQL injection in DataEase before 2.10.24 lets an authenticated user inject arbitrary SQL into queries run against configured datasources by supplying malicious quota (chart aggregation) or Y-axis filter values. The flaw sits in Quota2SQLObj.getYWheres(), which embeds attacker-controlled filter values directly into generated SQL while skipping the literal validation and escaping that other filter paths enforce. No public exploit identified at time of analysis, but the fixing commit and GitHub Security Advisory publicly disclose the exact vulnerable code path.
Broken access control in DataEase before 2.10.24 lets any authenticated low-privilege user reach the /de2api/datasetData/previewSql endpoint, which is missing its mandatory @DePermit authorization check, and pass datasourceId=-1 to hit the built-in engine database and execute arbitrary SQL. This CWE-862 missing-authorization flaw exposes sensitive core application data and carries a CVSS 4.0 base score of 8.7 (High). No public exploit has been identified at time of analysis, and it is not listed in CISA KEV.
Arbitrary file deletion in the WordPress Frontend File Manager Plugin (versions up to and including 23.6) lets unauthenticated visitors remove any file on the server when guest upload mode is enabled, because a user-supplied file path is not validated before the delete operation. Removing critical files such as wp-config.php drops the site into its installation/setup routine, which an attacker can chain toward a complete site takeover. No public exploit is identified at time of analysis and EPSS is low (0.15%, 4th percentile), but the unauthenticated network vector and scope-changing impact make this a serious risk for exposed sites running the vulnerable configuration.
Cross-tenant file disclosure in FastGPT prior to v4.15.0-beta5 allows an attacker to read another team's stored files by supplying that team's S3 object key to the chat-file presign or dataset preview endpoints. The handlers authorize an unrelated resource but then sign or read the S3 object using a request-supplied key without verifying tenant ownership, so global bucket keys become an IDOR primitive. No public exploit code has been identified at time of analysis, though the upstream fix (PR #7104 / commit decb6d2) reveals the exact vulnerable code path.
Arbitrary Python code execution in calibre (e-book manager) before 9.10.0 lets attackers run code on a victim's machine simply by having them import or edit a malicious EPUB, OPF, or PDF. The crafted file embeds a custom column definition containing a python: template inside the calibre:user_metadata field, which calibre passes unsanitized to exec() in its template formatter during routine metadata reading (Add books / Edit books). No public exploit has been identified at time of analysis, but the flaw triggers through normal user workflows, making weaponized e-book files a realistic delivery vector.
Remote code execution in Koodo Reader (versions 2.3.0 and earlier) lets an attacker who supplies a malicious EPUB file run arbitrary OS commands with the victim's privileges once the book is imported and opened. The flaw combines a dangerously permissive Electron IPC handler (nodeIntegrationInSubFrames enabled) with unsanitized innerHTML rendering of chapter content, turning ebook display into a Node.js code-execution primitive. No public exploit has been identified at time of analysis; the issue is fixed in version 2.3.1 and is not listed in CISA KEV.
Privilege escalation in ARC Informatique PcVue SCADA/HMI software (all versions prior to 17.0.0) arises because the encryption algorithm protecting user-account configuration in the built-in user directory is cryptographically inadequate (CWE-326). A local attacker with low privileges can decrypt or tamper with the stored account configuration and ultimately obtain privileged access to the PcVue application. No public exploit identified at time of analysis, and it is not listed in CISA KEV; the vendor CVSS 4.0 base score is 8.4 (High).
Authentication bypass in DataEase before 2.10.24 lets remote attackers forge valid share-link JWTs because ShareSecretManage ships with a hardcoded signature key (link-pwd-fit2cloud). An attacker who has obtained any passwordless share can mint linkToken JWTs that pass TokenFilter verification and access backend resources as the original share creator, even after that share has been revoked. There is no public exploit identified at time of analysis, but the hardcoded key is disclosed in the advisory, making forgery trivial once the signing algorithm is known.
Pre-account-hijacking in the better-auth Node/TypeScript authentication library (versions < 1.6.11 on the stable line and all current `next` pre-releases) lets an unauthenticated attacker seize a victim's account by pre-registering the victim's email via `/sign-up/email`, then having the victim's later OAuth/SSO sign-in implicitly linked to the attacker's row. The result is a single account the attacker controls with a working password login plus the victim's OAuth identity, and the link-time verification flip defeats `requireEmailVerification: true`. No public exploit identified at time of analysis; not listed in CISA KEV, though the flaw is the same class as Microsoft nOAuth (2023) and the Sign in with Apple JWT flaw (2020).
Privilege escalation and unauthorized functionality access in HAVELSAN Liman MYS (Yönetim Sistemi) before release.Master.1107 allows an authenticated low-privileged user to invoke functions that should be gated by access-control lists. Because certain endpoints fail to enforce authorization (CWE-862), a limited user can reach administrative or restricted operations, enabling significant integrity and availability impact. No public exploit identified at time of analysis; the flaw was reported by Turkey's national CERT (TR-CERT / USOM).
Information disclosure in Armiya Information Technologies' Access Control System (GKS) before Version 2 allows remote unauthenticated attackers to collect sensitive data from common resource locations due to a missing authorization check. Because the affected endpoints do not verify that a requester is entitled to the data they return, an attacker who can reach the system over the network can harvest information without credentials. No public exploit is identified at time of analysis and the flaw is not listed in CISA KEV, but the CVSS 8.2 rating and CWE-862 root cause make it a meaningful exposure for any accessible deployment.
Privilege escalation to root and Kerberos-based authentication bypass in SSSD's Active Directory GPO provider affects Red Hat Enterprise Linux 6 through 10 and OpenShift Container Platform 4. Because ad_gpo_extract_smb_components() fails to sanitize '..' sequences in the gPCFileSysPath LDAP attribute (CWE-23), an actor holding AD GPO management rights can force an SSSD-enrolled host to write attacker-controlled files outside the GPO cache as root, injecting Kerberos configuration to bypass authentication. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.
Refresh-token family forking in better-auth's OAuth provider plugin (@better-auth/oauth-provider 1.6.0–1.6.10, and embedded in better-auth 1.4.8-beta.7–1.5.x) lets a race condition on the /oauth2/token refresh_token grant split one parent refresh token into multiple valid child families, defeating RFC 9700 reuse detection. An attacker holding a stolen refresh token who times two concurrent redemptions can obtain a persistent, independently-rotating branch that survives revocation of the legitimate user's branch and never trips family-invalidation. No public exploit is identified at time of analysis and the flaw is not listed in CISA KEV, but the security impact is indefinite unauthorized access plus detection bypass at the victim's full authorization scope.
Signature verification bypass in HAVELSAN Liman MYS (versions before release.Master.1107) lets remote attackers forge the source/authenticity of data - tagged as a JWT attack - enabling identity spoofing and likely authentication bypass. Per CVSS the vector is network-based and unauthenticated (AV:N/PR:N) with high impact to confidentiality and integrity. No public exploit is identified at time of analysis and it is not on CISA KEV.
{uuid} endpoint performing a state-changing password reset when merely visited. In versions prior to 4.0.0-beta.471, an attacker who knows a victim's invitation UUID and lures them to a crafted link can silently reset the victim's account password to a predictable value and seize the account. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the fix is confirmed in release v4.0.0-beta.471.
Authentication bypass in Digi International PortServer TS 1/2/4 and Digi One SP/SP IA/IA serial device servers permits remote unauthenticated attackers to circumvent authorization controls and access restricted device resources. The CVSS vector (AV:N/AC:H/PR:N/UI:N) confirms remote, credential-free exploitation but places High Attack Complexity on the flaw, indicating specific preconditions must be met - limiting opportunistic or automated mass exploitation. Impact is strictly confidentiality (C:H/I:N/A:N), meaning successful exploitation exposes restricted data or configuration without enabling modification or service disruption; no public exploit and no CISA KEV listing have been identified at time of analysis.
Reflected XSS in Dashy's workspace view allows a remote attacker to execute arbitrary JavaScript in the victim's browser within the Dashy origin by tricking an authenticated user into visiting a crafted URL containing a javascript: scheme in the url query parameter. All Dashy releases prior to 4.3.7 are affected. Successful exploitation enables reading same-origin browser data, DOM manipulation, and issuing authenticated requests on behalf of the victim. No public exploit identified at time of analysis.
Heap memory corruption in GIMP's PSD (Photoshop) file parser allows a malicious .psd image to overflow an integer in read_RLE_channel(), producing an undersized heap allocation for the RLE row-length table that is then overwritten row-by-row, potentially yielding denial of service or arbitrary code execution. The flaw affects GIMP as shipped across Red Hat Enterprise Linux 6 through 9 and is triggered when a victim opens or imports a crafted PSD file. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Server-side request forgery in QuantumNous New API (an open-source LLM API gateway/proxy) lets any authenticated low-privilege user coerce the server into making HTTP requests to internal or cloud-metadata IP addresses via notification URL configuration. Because the default SSRF protection (ApplyIPFilterForDomain disabled) validated only the literal hostname against domain allow/block lists and never resolved and re-checked the destination IP, a user could set Webhook, Bark, or Gotify notification URLs whose hostname points at internal services. No public exploit identified at time of analysis; the flaw is fixed in v0.12.0-alpha.1 and rated High (CVSS 7.7).
Cross-tenant log disclosure in Coolify (self-hosted PaaS) before 4.0.0-beta.466 lets any authenticated user read application logs belonging to other teams by supplying a victim resource's UUID. The Logs::mount() component resolves resources by UUID alone without verifying the caller's team ownership, breaking the multi-tenant isolation boundary. Rated CVSS 7.7 (CWE-639, IDOR); no public exploit identified at time of analysis and it is not listed in CISA KEV, but the fix is a one-line-class authorization check that is trivially reversible from the public commit.
Server-side request forgery in FastGPT before 4.15.0-beta4 lets an authenticated team member abuse the HTTP-tool OpenAPI schema importer to reach internal-only services and cloud instance metadata. Because the importer only validates the top-level URL and then hands the document to SwaggerParser.bundle, whose $ref resolver fetches remote references without FastGPT's internal-address guard, fetched content is returned inline to the caller. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the vendor advisory (GHSA-72hf-5382-2mq9) confirms the flaw and its fix.
Path traversal in Goploy's `/deploy/fileDiff` endpoint (versions <=1.17.5) enables any authenticated low-privilege member to read arbitrary files on both the Goploy host and every SFTP-managed remote server registered in the system. The dual file read returns local content in the `srcText` response field and remote server content in `distText`, multiplying the blast radius across all managed deployment targets. Publicly available exploit code exists per the GitHub Security Advisory; this is not listed in CISA KEV, but exploitation conditions are trivially met under default Goploy configuration.
Privilege escalation and account/organization takeover in the better-auth Node/TypeScript library affects applications using the organization plugin with unverified email sign-up enabled (emailAndPassword without requireEmailVerification). Because acceptInvitation treats a plain email-string match as proof of address ownership, an attacker who pre-registers an unverified account keyed to a victim's address and obtains a leaked invitationId can accept an admin's invitation and join the organization at the invited role. There is no public exploit identified at time of analysis and the flaw is not in CISA KEV, but the mechanism is fully documented in the vendor advisory (GHSA-fmh4-wcc4-5jm3).
Single-use authorization-code enforcement can be bypassed under concurrency in the better-auth OAuth provider (@better-auth/oauth-provider 1.6.0 through 1.6.10, the embedded plugin in better-auth 1.4.8-beta.7 through 1.6.10, and the legacy oidc-provider and mcp plugins). Because the POST /oauth2/token authorization_code grant redeems the code via a non-atomic find-then-delete, two concurrent requests carrying the same code both pass the read step and each mint a fresh access, refresh, and id token for the original user's scope. No public exploit is identified at time of analysis and it is not in CISA KEV, but the vendor rates it CVSS 4.0 7.6 (High) with high confidentiality and integrity impact.
Sensitive information disclosure in OneBlog V2.3.9 lets remote unauthenticated attackers retrieve WeChat Official Account secrets - the access_token and jsapi_ticket - through unprotected REST endpoints backed by RestApiController.java, JsApiTicketComponent.java, and GetAccessTokenComponent.java. Because these credentials grant control over the linked WeChat public account, disclosure enables account takeover of the integration rather than just data leakage. Classified CWE-306 (Missing Authentication); a referenced public gist appears to contain proof-of-concept details, though EPSS is low (0.26%, 18th percentile) and it is not listed in CISA KEV.
Insecure Direct Object Reference in Idvlabs Ontime (all versions through build 04052026) lets remote attackers read data belonging to other users or tenants by substituting trusted identifiers in requests, without authentication per the published CVSS vector (PR:N). The flaw exposes confidential data only (C:H/I:N/A:N) and was reported by Turkey's TR-CERT under advisory TR-26-0503. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; no EPSS score was provided.
Insecure Direct Object Reference in Idvlabs Ontime (all versions through build 04052026) lets remote unauthenticated attackers read confidential records belonging to other users by tampering with user-controlled resource identifiers. Because the application trusts client-supplied keys without verifying ownership, an attacker can enumerate or substitute IDs to exfiltrate data they should not access. There is no public exploit identified at time of analysis, but the flaw is trivial to exercise (AV:N/AC:L/PR:N) and was flagged by Turkey's national CERT (TR-CERT).
Regular-expression denial of service in the String::Util Perl module (versions before 1.36) lets remote unauthenticated attackers exhaust CPU by supplying a string with a long run of whitespace to the trim or rtrim functions. The vulnerable `s/\s*$//u` pattern backtracks quadratically over whitespace runs, so any application feeding untrusted input through these helpers is exposed. No public exploit code has been identified; EPSS is low (0.19%, 9th percentile) and the flaw is not on CISA KEV, indicating no observed active exploitation.
Arbitrary file write in the AMP for WP - Accelerated Mobile Pages WordPress plugin (versions up to and including 1.1.12) lets authenticated Author-level users, granted permission by an Administrator, upload and unsafely extract a crafted ZIP through the ampforwp_save_local_font() function, planting attacker-controlled files in a web-accessible uploads path. On hosts configured to execute PHP from the uploads directory, this escalates to remote code execution. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; an upstream fix is present in the plugin repository (changeset 3512870).
OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025, and LTS2024 branches) lets an already-authenticated, high-privileged remote user break out of the appliance's restricted management context and run arbitrary commands as root. Dell rates it Critical because the flaw defeats the platform's protection mechanism and yields full root-level code execution on the backup appliance. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Dell explicitly urges customers to upgrade at the earliest opportunity.
Arbitrary file deletion in DataEase (open-source data visualization and analytics platform) before 2.10.24 lets authenticated users delete arbitrary writable files inside the application container via a path traversal in the font management module. The stored fileTransName value is concatenated with the font storage directory and passed unsanitized to FileUtils.deleteFile() when a font record is deleted. No public exploit identified at time of analysis; the CVSS 4.0 base score is 7.2 (VI:H/VA:H), reflecting integrity and availability impact without confidentiality loss.
Privilege escalation via broken authorization in Actual (self-hosted open-source budgeting app) before 26.7.0 lets any shared user holding only user_access on a budget file invoke owner-only file-management endpoints. Because requireFileAccess treats ordinary shared access as sufficient, a low-privileged collaborator can call /delete-user-file, /reset-user-file, and /user-create-key to destroy or reset another user's budget data or rotate its encryption key. No public exploit is identified at time of analysis, and it is not in CISA KEV.
Arbitrary file disclosure in AWS Research and Engineering Studio (RES) prior to version 2026.06 allows an authenticated remote user to read any file readable by root on the cluster-manager EC2 instance. The Auth.GetUserPrivateKey API follows a user-controlled symbolic link at ~/.ssh/id_rsa, and because the cluster-manager process runs as root, an attacker can exfiltrate other users' SSH private keys and application secrets. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Relative path traversal in the MicroRealEstate file upload functionality lets an authenticated low-privilege user supply crafted filenames containing directory-traversal sequences to write outside the intended upload directory and potentially overwrite system files. All releases through 1.0.0-alpha3 are affected. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; the CVSS 4.0 base score is 7.1, driven primarily by high availability impact.
Credential leakage in the Perl HTTP::Tiny client (all versions before 0.095) lets an attacker who controls a redirect destination harvest sensitive headers. When a server answers with a 3xx redirect, HTTP::Tiny re-sends caller-supplied Authorization, Cookie and Proxy-Authorization headers to the new host without verifying it shares the original origin, including across scheme, host or port boundaries and over https-to-http downgrades that expose them in cleartext on the wire. No public exploit is identified at time of analysis and CISA SSVC rates exploitation as none, but the flaw is well-documented and a vendor patch is available in 0.095.
Insecure Direct Object Reference in DataEase before 2.10.24 lets a holder of any valid share-link token retrieve arbitrary datasets by tampering with the request body. The share-mode chart endpoint POST /de2api/chartData/getData validates only that sceneId matches the resourceId bound to the link token, but never checks that the supplied tableId and field IDs belong to the shared resource, so an attacker can swap in identifiers for datasets they were never granted. No public exploit is identified at time of analysis, but the flaw is trivially exploitable by anyone already given a legitimate share link.
Broken object-level authorization in FastGPT before 4.15.0 lets any authenticated user retrieve another team's LLM interaction traces via GET /api/core/ai/record/getRecord. The endpoint verifies the caller is logged in but fetches records solely by requestId without checking team ownership, exposing cross-tenant prompts, retrieved RAG chunks, and model completions to any user who can guess or obtain a valid requestId. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, but exploitation requires only a low-privilege account and knowledge of a target requestId.
Broken object-level authorization in Cap's GET /api/video/ai endpoint lets any authenticated user supply arbitrary video IDs to read private AI-generated metadata - titles, summaries, and chapters - belonging to other users, and to trigger unauthorized AI generation that burns the victim's credits. Reported by VulnCheck with a vendor patch (commit 8d48642) available; no public exploit identified at time of analysis, and EPSS/KEV data were not supplied. The flaw combines confidentiality loss over private content with an abusable, cost-incurring side effect.
Unauthorized document disclosure in MicroRealEstate through version 1.0.0-alpha3 lets an authenticated low-privilege user retrieve documents uploaded by other landlords or tenants. The flaw combines a broken object-level authorization check (CWE-639) with document IDs that are generated using a predictable, deterministic pattern, so an attacker can guess or enumerate identifiers and pull files they should not see. No public exploit has been identified at time of analysis, and the CVSS 4.0 score of 7.1 reflects high confidentiality impact with no effect on integrity or availability.
Sensitive document disclosure in MicroRealEstate through 1.0.0-alpha3 lets an authenticated low-privilege user retrieve PDF documents belonging to other tenants or organizations by manipulating object identifiers passed to the PDF generator. Classified under CWE-639 (IDOR) and CVSS 4.0 7.1, the flaw exposes confidential data (VC:H) without requiring integrity or availability impact. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Unauthenticated information disclosure in FOSSBilling 0.5.3-0.7.2 exposes administrator-defined custom API key configuration fields (`custom_*`) to any caller possessing a valid API key via the guest-tier `serviceapikey/get_info` endpoint. The affected fields may contain business-sensitive operational data including pricing tiers, feature flags, rate limits, expiry overrides, and access scope data as populated by billing administrators. No public exploit has been identified and no CISA KEV listing exists, but the network-accessible, low-complexity nature of the flaw makes it trivially exploitable by any party holding or able to obtain a valid API key. Vendor patch is confirmed available in version 0.8.0.
Chevereto's `/json` AJAX listing endpoint fails to enforce the private profile access control that the HTML profile route correctly applies, exposing user images and usernames to unauthenticated callers. Versions 3.7.5 through 4.5.3 are affected across both the commercial Chevereto product and the Chevereto Free (rodber/chevereto-free) variant. An unauthenticated attacker who knows a target's numeric user ID can bypass the privacy setting to retrieve all publicly-scoped media and recover the username the victim explicitly chose to hide. No public exploit is identified at time of analysis, and this vulnerability is not listed in CISA KEV.
Integer overflow in GNU Wget through 1.25.0 allows a malicious or compromised web server to corrupt client download sessions by supplying crafted Content-Range response headers. The parse_content_range() function in src/http.c performs signed integer arithmetic on server-supplied values without overflow guards, triggering undefined behavior under C's signed overflow rules and causing download desynchronization on the affected client. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code is known at time of analysis; real-world impact is bounded to availability disruption rather than host compromise based on current data.
Stored cross-site scripting in the web management interfaces of Digi PortServer TS, Digi One SP, Digi One SP IA, and Digi One IA serial device servers allows a remote, authenticated administrator to persist malicious script payloads in system configuration fields. The injected script executes in the browser of any user who subsequently views the affected configuration pages, enabling session hijacking, credential theft, or UI redress attacks against those users. No public exploit code or active exploitation has been identified at time of analysis; the CVSS 4.0 score of 4.8 reflects the high-privilege prerequisite that meaningfully constrains real-world risk.
Insecure credential storage in PcVue exposes built-in user account passwords to any local attacker with low-privileged filesystem access, across all versions prior to 17.0.0. The credentials are stored unprotected in the project's User directory, recoverable without elevated OS privileges. No public exploit code has been identified at time of analysis, but in OT/SCADA environments where PcVue is deployed, recovered credentials could enable unauthorized control of industrial processes.
Integer underflow in the OpenWrt Emergency Access Daemon crashes the daemon when any unauthenticated attacker on the local network sends a single crafted UDP packet to it. Affected are all OpenWrt versions prior to v25.12.5. The CVSS adjacent-network vector (AV:A) constrains the attack surface to local or adjacent network segments, but within that context exploitation requires no credentials and no user interaction - a single malformed packet suffices. No public exploit code or CISA KEV listing has been identified at time of analysis; the patch is confirmed available in v25.12.5.