Improper input validation in the snap7 library (versions up to 1.4.3) allows adjacent-network attackers to trigger a deserialization flaw via crafted ReadVar requests processed by TS7Worker::PerformFunctionRead in the S7 server component. Exploitation results in partial confidentiality, integrity, and availability impact against the snap7 server process - a concern in industrial OT environments where PLC communication libraries may interface with safety-relevant systems. No vendor-released patch exists as the maintainer has not responded to disclosure, and a publicly available proof-of-concept exploit lowers the barrier to exploitation.
Timing side-channel exposure in Red Hat Directory Server's PBKDF2-SHA256 password verification allows a remote unauthenticated attacker to send repeated LDAP bind requests and statistically infer partial hash information by measuring response-time differences caused by non-constant-time memcmp() comparisons. Affected deployments span Red Hat Directory Server 11 through 13 and the 389-ds-base package shipped across RHEL 6 through 10. No public exploit identified at time of analysis, and practical exploitation is acknowledged to be extremely difficult due to the computational overhead inherent in PBKDF2 key stretching, which substantially degrades the timing signal.
Same-origin policy bypass in Google Chrome's WebAppInstalls component on Android exposes limited cross-origin data to a local attacker who can direct a user to visit a crafted HTML page. All Chrome for Android releases prior to 150.0.7871.115 are affected. Google has rated this High severity internally despite a CVSS base score of 3.3 (Low); no public exploit code or active exploitation has been identified at time of analysis, and a vendor patch is available.
Information disclosure in Wireshark's BLF file parser affects versions 4.6.0-4.6.6 and 4.4.0-4.4.16, stemming from use of an uninitialized variable (CWE-457) that may expose portions of process memory when parsing a crafted BLF file. Exploitation is constrained by a local attack vector, high attack complexity, and mandatory user interaction - a victim must actively open a malicious file. With a CVSS score of 2.5, no CISA KEV listing, and no public exploit identified at time of analysis, this is a low-priority finding with a narrow, socially-engineered attack surface.
Symlink extraction bypass in BBOT's unarchive module allows an attacker to plant an attacker-controlled symlink into the extraction directory when BBOT scans and fetches a crafted zip or 7z archive. The bypass exploits BBOT's failure to detect symlink entries carrying a DOS-attribute prefix before the unix mode field, a format produced by legacy p7zip builds - a variant the pre-extraction guard did not account for. Impact is strictly limited to symlink planting (the symlink target is not written through), and exploitation requires the scanning host to be running a legacy p7zip build; no public exploit or active exploitation (CISA KEV) has been identified at time of analysis.
Path traversal in BBOT's github_workflows module allows a crafted CODE_REPOSITORY URL to write a downloaded artifact outside the operator-configured output directory by bypassing a path-containment check that failed to resolve `..` sequences. Affected versions span all BBOT releases per CPE data, with a fix available via upstream commit. The write primitive is constrained to at most two directory levels above the output location, and the destination is shaped by the operator's own configuration rather than fully attacker-controlled, significantly limiting real-world impact. No public exploit code or CISA KEV listing has been identified at time of analysis.
Open redirect in waku's `unstable_redirect()` server-side router helper allows a network attacker to redirect victims' browsers to arbitrary external domains - including phishing sites for credential harvesting and OAuth token theft - by injecting a malicious `location` string into any waku route that passes user-controlled query parameters to the function. The vulnerability affects waku 1.0.0-beta.0 across all supported runtime adapters (Node.js, Cloudflare Workers, Vercel Edge, Deno), as the reflection path in `handler.ts` is shared. A dynamic proof-of-concept was confirmed by the reporter in two independent Docker-based runs against commit 8e9f542; no vendor-released patch is confirmed at time of analysis, though a v1.0.0-beta.1 release tag appears in advisory references.
Improper authorization on GitLab EE GraphQL operations permits authenticated users holding auditor-level access to write modifications to compliance violation records - an action that role should not permit. Affected versions span all GitLab EE releases from 18.2 through the patched thresholds (18.11.7, 19.0.4, 19.1.2). No public exploit code exists and CISA KEV does not list this vulnerability; with CVSS 2.7 and PR:H, real-world impact is narrow but meaningful for organizations relying on compliance audit trails for regulatory evidence.
Unauthorized file modification in Dell PowerProtect Data Domain allows a high-privileged remote attacker to write files outside the intended restricted directory via path traversal. Affected across multiple release trains spanning versions 7.7.1.0 through 8.7, including LTS2024, LTS2025, and LTS2026 branches. Dell has published advisory DSA-2026-278 addressing this flaw; no public exploit code or active exploitation has been identified at time of analysis.
LiveQuery in Parse Server leaks unauthorized object field values to authenticated subscribers when a single save operation simultaneously modifies a sensitive field and the subscriber's ACL read access, because leave and enter events are built from the wrong object state. Affected deployments run parse-server below 8.6.83 (stable branch) or below 9.9.1-alpha.13 (v9 alpha branch) with LiveQuery enabled. The CVSS 4.0 score of 2.3 and AT:P prerequisite correctly reflect that exploitation is constrained to a specific co-mutation timing condition; no public exploit identified and no KEV listing exists at time of analysis.
Authorization bypass in Harness gitspaces endpoint (versions up to 2.28.2) permits any authenticated remote user to enumerate workspace listings beyond their authorized scope via a flaw in the `getAuthorizedSpaces` function of `app/api/controller/gitspace/list_all.go`. The confidentiality impact is limited to space listing disclosure - no integrity or availability impact is present - but publicly available exploit code (CVSS 4.0 E:P) lowers the exploitation barrier significantly. Vendor has not responded to the responsible disclosure, leaving no patch available at time of analysis.
Custom Code Guardrails in LiteLLM's AI Gateway proxy prior to 1.82.0-stable permitted privileged users with guardrail management rights to submit arbitrary Python code via the production create and update API paths, which executed unsandboxed within the proxy process. Unlike the test endpoint - which enforced sandbox controls - the production paths lacked equivalent validation, enabling the injected code to access and expose secrets, API keys, and environment variables available to the running process. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis; risk is highest in multi-tenant or multi-operator LiteLLM deployments where guardrail management rights are distributed.
Local filesystem read in LiteLLM's AI Gateway proxy prior to version 1.83.10-stable allows a proxy administrator to exfiltrate files from the server by supplying crafted oidc/file/ path references through the /health/test_connection endpoint. The vulnerability stems from unsanitized resolution of request-supplied environment and OIDC file references within litellm_params, giving a high-privileged caller a direct path to arbitrary file read. No public exploit code or active exploitation has been identified; the low CVSS 4.0 score of 2.1 reflects the high privilege bar and limited confidentiality impact.
Heap-buffer-overflow read in ImageMagick's GetPixelIndex function exposes limited heap memory contents and can cause partial availability impact in affected 6.x and 7.x branches before the patched releases. The root cause is a metadata-allocation race in OpenPixelCache, which updates image channel metadata before confirming successful pixel cache memory allocation, leaving GetPixelIndex to operate on stale channel counts. Exploitation requires high privilege access and the ability to induce memory or disk allocation failures, yielding only limited confidentiality and availability impact; no public exploit code and no CISA KEV listing are associated with this CVE.
Cross-site request forgery in Flask-MonitoringDashboard up to version 5.0.2 allows a remote unauthenticated attacker to trick an authenticated dashboard user into submitting malicious state-changing requests by luring them to a crafted page. The vulnerability (CWE-352) is limited in scope to the monitoring dashboard itself with a low integrity impact and no confidentiality or availability consequence, reflected in the CVSS 4.0 score of 2.1. Exploit details have been publicly disclosed via VulDB submissions and a GitHub issue report, but no patch has been released and the project maintainer has not yet responded to the responsible disclosure.
Command injection in bentoml OpenLLM 0.6.30 allows local low-privilege users to execute arbitrary shell commands by supplying crafted model repository directory name arguments to the `async_run_command` function in `src/openllm/common.py`. A public proof-of-concept exploit is available per the CVSS 4.0 E:P modifier and disclosure notes, though no CISA KEV listing exists and the project had not responded to responsible disclosure at the time of reporting. The CVSS 4.0 base score of 1.9 reflects a constrained real-world risk profile due to the strictly local attack vector and limited Low-rated confidentiality, integrity, and availability impact.