Unauthorized post publication in Kadence Blocks (Gutenberg Blocks with AI by Kadence WP) versions up to and including 3.5.32 allows authenticated WordPress contributors to immediately publish posts, pages, and custom post types - entirely bypassing the platform's standard contributor review workflow. The flaw stems from a misconfigured capability check in the `get_items_permission_check` permission callback on the `process_pattern` REST API endpoint (CWE-863: Incorrect Authorization). No active exploitation is confirmed via CISA KEV, no public POC has been identified, and the CVSS score of 4.3 reflects a limited integrity-only impact with no confidentiality or availability consequences.
Incorrect authorization in Snipe-IT's UsersController before version 8.6.2 allows any authenticated user holding only the users.view permission to access restricted inventory and procurement metadata - including assigned licenses, accessories, consumables, and associated cost and order data - from modules their direct permissions would otherwise deny. The flaw exists in both the show() and printInventory() controller methods, which enforce authorization only for the user-viewing scope before eagerly loading and rendering related asset relationships without further permission checks. No public exploit exists and this vulnerability is not listed in the CISA KEV catalog, but the low attack complexity and common assignment of users.view to helpdesk staff makes this a realistic insider access-control bypass in enterprise deployments.
Unauthorized schema disclosure in Grist Core prior to 1.7.15 allows any user with partial read access - explicitly including anonymous public users on publicly viewable documents - to retrieve table and column metadata for any widget by querying the GET /forms endpoint. The endpoint failed both to validate that the requested section was a form widget and to apply the document's configured access rules before returning metadata, meaning hidden schema structure (table names, column names, types) is fully exposed regardless of the restrictions in place. No public exploit has been identified and the vulnerability is not in CISA KEV; a vendor-released patch exists in version 1.7.15.
Insecure Direct Object Reference in the FlowForms - Conversational Form Builder WordPress plugin (all versions through 1.1.1) allows authenticated contributors to modify, publish, or revert any form on the site - including forms owned by administrators - by supplying an arbitrary form ID to the unvalidated REST API update_form endpoint. Wordfence reported this flaw, and a fix changeset exists in the WordPress plugin SVN repository, though an explicit patched release version is not independently confirmed. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis.
Sensitive information exposure in the Import and Export Users and Customers WordPress plugin (all versions ≤ 2.4.0) allows any authenticated subscriber-level user to enumerate and extract the post_title and raw post_content of arbitrary posts regardless of visibility status or post type. Affected content includes drafts, private posts, password-protected entries, future-scheduled posts, trashed items, and non-public custom post types such as WooCommerce orders and internal CRM records. The exploit barrier is exceptionally low: the required security nonce is leaked as inline JavaScript on any wp-admin page reachable by subscribers. No public exploit code has been identified and this vulnerability does not appear in the CISA KEV catalog at time of analysis.
Unauthorized GravityWrite disconnection in the GW AI Website Builder WordPress plugin (versions ≤ 1.0.1) is achievable by any authenticated subscriber-level user due to a missing capability check on the gwaiwebu_gravitywrite_disconnect_handler() AJAX function. The flaw allows low-privilege WordPress accounts to sever the plugin's integration with the GravityWrite AI service, degrading AI-powered site-building functionality for all users. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; impact is confined to service integrity disruption rather than data exfiltration or code execution.
Incorrect authorization enforcement in Snipe-IT's API location creation endpoint allows an authenticated low-privilege user to create a child location under a parent location belonging to a different company, bypassing the intended multi-tenant isolation boundary. The vulnerability affects all Snipe-IT versions prior to 8.6.2 when both Full Multiple Companies Support and the scope_locations_fmcs option are simultaneously enabled. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog; real-world risk is constrained by the non-default configuration prerequisites and the requirement for authenticated access.
Unauthorized modification of cookie scan schedule configuration in the GDPR Cookie Consent WordPress plugin (versions up to 4.3.6) is achievable by any authenticated subscriber-level user. The vulnerability stems from a dual failure - absent capability check and absent nonce verification - on the wp_ajax_gcc_save_schedule_scan AJAX action, allowing low-privileged users to overwrite the gdpr_scan_schedule_data option that is administratively intended to require manage_options capability. No public exploit has been identified and the flaw is not listed in CISA KEV; a patched version (4.3.7) is available via the plugin's SVN repository.
Cross-Site Request Forgery in the GoodMeet WordPress plugin (versions up to and including 1.1.8) enables unauthenticated remote attackers to wipe a site's stored Google Meet API credentials and OAuth tokens by deceiving a logged-in administrator into triggering a crafted request. The vulnerable reset_credential() function handling the wp_ajax_goodmeet_reset_google_meet_credential AJAX action checks the manage_options capability but omits mandatory WordPress nonce validation, allowing any cross-origin request to be processed as legitimate. The practical outcome is complete disabling of the site's Google Meet integration with no data disclosure; no public exploit code has been identified and the vulnerability is not listed in the CISA KEV catalog.
Cross-Site Request Forgery in the Drupal Ray Enterprise Translation contrib module lets a remote attacker forge state-changing requests that are executed with the privileges of an authenticated victim (typically a site administrator), potentially altering translation configuration and integrations. It affects module versions below 4.0.4, below 4.1.4, and below 11.0.4, and carries a vendor CVSS of 8.8. No public exploit has been identified at time of analysis and the EPSS score is very low (0.12%, 2nd percentile), indicating no observed exploitation activity.
Cookie deletion via unauthorized class-based invocation in tarteaucitron.js allows an attacker with HTML injection capability to silently delete browser cookies by placing arbitrary elements bearing the purgeBtn CSS class in a page that loads the library. The tarteaucitron.cookie.purge() function responds to any matching DOM element without verifying whether it was created by the library itself or whether the specified cookie belongs to a tarteaucitron-managed service, enabling targeted cookie removal against visitors who interact with the crafted element. No public exploit identified at time of analysis beyond the researcher-published PoC; this vulnerability is not listed in CISA KEV and EPSS data is unavailable.
Cross-board authorization bypass in Wekan prior to version 9.64 allows a low-privileged authenticated user to inject checklist data into private boards where they hold no membership. The flaw resides in Meteor's collection allow rules for Checklists and ChecklistItems, which validate write access against the source card's context but ignore the destination cardId or boardId embedded in the update modifier - enabling an attacker with write access to any one board to redirect checklist mutations into boards they are not permitted to access. No active exploitation has been identified and no public exploit code exists; a vendor-confirmed fix is available in version 9.64.
Object injection in the Drupal ECA (Event - Condition - Action) contributed module exposes sites running affected versions to limited confidentiality and integrity compromise by authenticated low-privileged users. The vulnerability stems from improperly controlled modification of dynamically-determined object attributes (CWE-915, a mass-assignment class of flaw), allowing a crafted request to inject object properties and influence internal application logic within ECA's event-driven workflow engine. No confirmed active exploitation exists, and EPSS at 0.20% (10th percentile) reflects low observed threat pressure across the landscape, though a vendor patch has been issued per the Drupal security advisory.
Missing authorization controls in the Drupal AI Agents contrib module expose protected resources to forceful browsing by authenticated low-privilege users. Affected installations span three version branches - 0.0.0 through 1.1.3, 1.2.0 through 1.2.4, and 1.3.0 - across the Drupal ecosystem. No public exploit has been identified and CISA has not added this to KEV; EPSS at 0.14% (4th percentile) and SSVC's 'none' exploitation status confirm minimal real-world threat at time of analysis.
Insufficient JWT expiration enforcement in ZITADEL's external JWT Identity Provider integration allows tokens lacking the `exp` claim to be treated as indefinitely valid, bypassing intended session lifetime controls. Versions 3.0.0-rc.1 through 3.4.11 and 4.0.0-rc.1 through 4.15.1 are affected, with the flaw residing in `internal/idp/providers/jwt/session.go`. An attacker who can obtain or craft a JWT from a configured trusted external issuer that omits the `exp` claim can maintain persistent authenticated access without re-authentication. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Insufficient session expiration in ZITADEL's external JWT Identity Provider allows arbitrarily old tokens from trusted issuers to pass authentication when the token omits the iat (issued-at) claim. ZITADEL versions prior to 3.4.12 (v3 branch) and 4.15.2 (v4 branch) are affected. An attacker holding a previously issued JWT from a trusted external IdP - specifically one lacking the iat claim - can reuse that token indefinitely, bypassing intended session expiry controls and maintaining unauthorized access. No public exploit identified at time of analysis.
Heap overflow in libarchive's PAX extended header parser allows exploitation via a maliciously crafted tar archive containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation of the affected system could result in a denial of service condition or, in more serious cases, arbitrary code execution under the privileges of the process invoking libarchive. No public exploit code or active exploitation has been confirmed at time of analysis, though a GitHub pull request (#3253) indicating an upstream fix is available suggests the issue is reproducible and patch-ready. The official CVSS score of 3.9 (Low) conflicts materially with the vendor-applied RCE tag, a discrepancy that warrants independent validation.
CSS injection via Mermaid diagram rendering in JetBrains YouTrack before version 2026.2.17012 permits authenticated low-privilege users to embed malicious CSS into diagram content that executes in the browsers of other users who view the affected page. The CVSS score of 3.5 (Low) reflects the dual gating conditions of required authentication and victim interaction, substantially constraining real-world impact to UI manipulation rather than data exfiltration or code execution. No public exploit code or active exploitation has been identified at time of analysis.
Forceful browsing exposure in Drupal's AI (Artificial Intelligence) contributed module permits high-privileged authenticated users to access protected resources without proper authorization checks, affecting versions 0.0.0-1.2.17, 1.3.0-1.3.8, and 1.4.0-1.4.3. The vulnerability stems from CWE-862 (Missing Authorization), where path-level access controls are not enforced on certain AI module endpoints, allowing an authenticated user with high privileges to traverse to unauthorized resources. No public exploit code exists, EPSS sits at 0.14% (4th percentile), and CISA SSVC confirms no active exploitation, placing this firmly in the low-urgency tier despite its network-accessible attack vector.
Server-Side Request Forgery in the Drupal OpenAI Provider module enables authenticated administrators to force the server to issue HTTP requests to attacker-controlled destinations, potentially reaching internal network resources beyond the intended API boundary. Affected versions span 0.0.0 through 1.1.1 and 1.2.0 through 1.2.2; a vendor patch is available via Drupal security advisory SA-CONTRIB-2026-053. No public exploit code exists, EPSS sits at 0.14% (4th percentile), and SSVC confirms exploitation status as none - all signals converge on a low operational priority despite the network-accessible attack vector.
Missing Authorization in Drupal's Examples for Developers module (versions 0.0.0 through 4.0.5) permits forceful browsing by an already highly-privileged authenticated attacker, exposing restricted paths with limited confidentiality and integrity impact. All available signals converge on minimal real-world risk: CVSS scores 3.3 (Low), EPSS sits at 0.14% (4th percentile), SSVC reports no known exploitation and non-automatable attack conditions, and neither active exploitation nor public proof-of-concept code has been identified. A vendor patch is available at version 4.0.6.
Incorrect authorization in the Drupal Advanced Content Feedback (admin_feedback) contributed module allows authenticated low-privilege users to perform forceful browsing, accessing restricted feedback resources without proper authorization checks. All module releases from 0.0.0 up to (but not including) 2.8.0 are affected. No public exploit code exists and no active exploitation has been identified; EPSS sits at the 4th percentile, consistent with the SSVC assessment of zero current exploitation.
Server-Side Request Forgery in Drupal Core allows authenticated low-privilege users to coerce the application server into issuing unauthorized HTTP requests to internal or restricted network destinations. All active 10.6.x and 11.x release branches are affected, along with end-of-life 11.0.x and 11.1.x branches, covering a broad swath of production Drupal deployments. No public exploit code has been identified and EPSS sits at the 3rd percentile, but the large Drupal deployment footprint elevates aggregate exposure even at low per-instance exploitation probability.
HTTP redirect handling in Apprise prior to 1.11.0 leaks user-configured secrets - including Authorization headers, bearer tokens, custom headers, and service API keys - by blindly resending them on redirected requests to attacker-controlled endpoints. Any deployment using Apprise's HTTP-based notification plugins or its HTTP attachment and config loaders (apprise/attachment/http.py, apprise/config/http.py) is affected. An on-path attacker or a compromised notification destination can silently harvest these credentials. No public exploit has been identified at time of analysis, and EPSS data is not present in the source intel, but the credential-theft impact on third-party service integrations elevates real-world risk above the Low CVSS score suggests.
Memory exhaustion in NanaZip's WebAssembly archive handler (prior to 6.5.1749.0) allows a crafted .wasm file to trigger multi-gigabyte heap allocations by supplying oversized 32-bit NameSize or Information.Size fields that are consumed without bounds validation in NanaZip.Codecs.Archive.WebAssembly.cpp. When a user opens or lists such an archive, NanaZip attempts to satisfy the inflated allocations via std::string or std::vector paths, exhausting process memory and causing a crash. No active exploitation or public exploit code has been identified at time of analysis; the impact is strictly limited to NanaZip process availability with no confidentiality or integrity consequence.
Process crash via uncaught C++ exception in NanaZip's .NET single-file bundle handler affects all versions prior to 6.5.1749.0 on Windows. The extraction buffer is sized from the bundle entry's Size field, which is validated only for sign - not against the actual file content - allowing a crafted archive to trigger an attacker-controlled allocation whose resulting std::bad_alloc or std::length_error propagates across the COM STDMETHODCALLTYPE ABI boundary and terminates the NanaZip process. Impact is limited to denial of service; no public exploit has been identified at time of analysis, and the vendor has released a fix in version 6.5.1749.0.
Memory exhaustion in NanaZip's UFS/FFS archive handler (all versions prior to 6.5.1749.0) allows a local low-privilege attacker to terminate the NanaZip process by delivering a crafted disk image that a user opens. The root cause is missing upper-bound validation of the `fs_fsize` fragment size field in the UFS superblock - unlike `fs_bsize`, which is checked against MINBSIZE, `fs_fsize` flows unchecked into indirect-block, directory, and extraction buffer allocation calculations, enabling a tiny image file to trigger multi-gigabyte heap allocation requests. No public exploit has been identified and this vulnerability is not listed in CISA KEV; the CVSS 4.0 score of 2.4 (Low) reflects the constrained local, user-interaction-required attack path with availability-only impact.
NULL pointer dereference in NanaZip's custom archive handlers crashes the application when a user tests or extracts archives of seven specific formats. All NanaZip versions prior to 6.5.1749.0 are affected; the seven vulnerable handlers cover WebAssembly, ElectronAsar, Zealfs, Romfs, Ufs, Littlefs, and DotNetSingleFile archive types. Impact is limited to a process crash (denial of service) with no confidentiality or integrity consequence; no public exploit or active exploitation has been identified at time of analysis.
Frappe framework's check_safe_sql_query function fails to block SELECT INTO OUTFILE statements, allowing authenticated low-privileged users to write arbitrary files to the server filesystem on self-hosted MySQL deployments where the database user holds the MySQL FILE privilege. Affected branches are v15 prior to 15.108.0 and v16 prior to 16.18.3; fixes are released at both version targets. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, with a CVSS 4.0 base score of 2.3 reflecting the narrow, non-default exploitation conditions captured by AT:P.
Missing authorization in zhayujie CowAgent up to version 2.1.0 allows remote attackers with low-privilege accounts to bypass access controls at the Message Endpoint defined in channel/channel.py, potentially enabling unauthorized access to or manipulation of messaging data. The CVSS 4.0 vector confirms network-accessible exploitation requiring only low privileges, with low-level confidentiality, integrity, and availability impacts on the vulnerable system. A public proof-of-concept exploit has been released per VulDB, and the project maintainer has not yet responded to the coordinated disclosure filed via GitHub issue #2874.
Cookie attribute injection in elixir-plug's Plug library allows a remote attacker who can supply values reflected into `Set-Cookie` headers to inject the `;` delimiter and override attributes such as `Domain`, `Path`, `Secure`, and `HttpOnly`. Applications calling `Plug.Conn.put_resp_cookie/4` with user-controlled data - for example, reflecting a username or preference value - are exposed to session fixation and cookie tossing across five supported release lines (0.1.0 through 1.20.2). No public exploit code or CISA KEV listing is present at time of analysis, but the attack is mechanically straightforward wherever the vulnerable code pattern exists.
SQL injection in Postgrex.Notifications' reconnect replay path allows an attacker who can supply untrusted input as a PostgreSQL LISTEN channel name to corrupt the shared notification connection, silently dropping all channel subscriptions and causing persistent denial of service of the notification subsystem. Affected versions are postgrex 0.16.0 through 0.22.2 in the Elixir ecosystem. No arbitrary SQL execution is possible due to double-quote escaping, and no public exploit or CISA KEV listing exists; the CVSS 4.0 base score of 2.1 reflects the constrained, precondition-heavy impact.
{workspace}/scripts/list_search` handler validates the token's domain and action (`scripts:read`) at the route level but omits per-row filtering against the token's resource/path segment (e.g., `scripts:read:f/allowed/*`), causing the underlying SQL query to return all non-archived workspace scripts regardless of path restrictions. Affects all Windmill deployments up to version 1.714.1; no public exploit or CISA KEV listing at time of analysis, but full reproduction steps are published in the GitHub security advisory.
Server-side request forgery in Kimai 2.56.0 allows authenticated users with write access to Markdown-rendered invoice fields to force the application server to issue outbound HTTP requests to attacker-controlled or internal network destinations. The vulnerability surfaces during invoice PDF preview and generation, where user-controlled Markdown is processed through an md2html filter and handed to mPDF, which fetches embedded image URLs server-side even with safe mode enabled. A proof-of-concept was developed and responsibly disclosed to the vendor - it is not publicly available - and no active exploitation has been confirmed; however, the attack path is mechanically simple for any user with access to customer invoice text fields such as Customer.invoiceText.
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfs_consume_frags() iptfs_consume_frags() transfers paged fragments from one socket buffer to another but fails to propagate the SKBFL_SHARED_FRAG flag. This is the same class of bug that was fixed in skb_try_coalesce() for CVE-2026-46300: when fragments backed by read-only page-cache pages are merged, the marker indicating their shared nature must be preserved so that ESP can decide correctly whether in-place encryption is safe. Apply the same two-line fix used in skb_try_coalesce() to iptfs_consume_frags().