Denial of service in stoatchat (delta) versions before 20250210-1 (0.8.2) lets a remote unauthenticated attacker exhaust server resources by abusing the 'nearby' message query route. A logic error passes a message limit of zero to the database, which MongoDB interprets as 'no limit', so a single crafted request downloads an entire channel's history; parallelized requests amplify this into resource-exhaustion DoS. No public exploit identified at time of analysis and the flaw is not in CISA KEV, but the upstream fix and a VulnCheck advisory are published.
Missing authentication in Microsoft SimpleChat (prior to 0.241.206) lets remote, unauthenticated clients invoke administrative plugin validation, health-check, and repair endpoints that were documented as protected but never enforced authentication at runtime. Any network-reachable attacker can trigger plugin instantiation, health probing, and repair actions without login or admin rights. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Reflected cross-site scripting in Emlog 2.6.13 and earlier lets a remote attacker execute arbitrary JavaScript in an authenticated administrator's backend session by luring the admin to open a crafted link that hits the user-search feature in admin/user.php. The keyword parameter is sanitized with addslashes but never HTML-escaped before it is echoed into a value attribute in admin/views/user.php, so injected markup breaks out of the attribute and runs in the admin's browser. No public exploit identified at time of analysis, and no fixed version currently exists.
Local privilege escalation in ESET Inspect Connector for Windows lets a low-privileged local user escalate to elevated (SYSTEM-level) privileges by abusing an improperly authenticated ALPC (Asynchronous Local Procedure Call) IPC channel. The affected component is the endpoint agent that links ESET Inspect (EDR) to protected Windows hosts; a non-privileged process can issue unauthenticated requests to a privileged service endpoint that fails to verify the caller. The issue was reported and fixed by ESET, is not listed in CISA KEV, and has no public exploit identified at time of analysis.
Brute-force protection bypass in Perforce Delphix Continuous Data lets remote attackers defeat the account lockout mechanism by firing concurrent authentication requests that race the failed-login counter, allowing unlimited password guessing against a targeted account. The flaw is a time-of-check/time-of-use race (CWE-307) rather than a direct code-execution bug, and no public exploit identified at time of analysis. It matters because it silently neutralizes a control administrators rely on to stop credential-stuffing and password-spraying.
Access-control bypass in Keycloak (fixed in 26.5.3) lets a disabled user account still obtain valid tokens through the JWT authorization grant preview feature. When that feature is enabled, Keycloak omits the account-enabled check during JWT authorization grant processing, so a low-privileged remote attacker who can present a valid assertion token from an external identity provider can mint a JWT for an account an administrator has explicitly disabled, regaining access to protected resources. No public exploit identified at time of analysis and it is not listed in CISA KEV.
Denial of service in NASA's Core Flight System (cFS) Health & Safety (HS) application allows a remote attacker to crash the application through a NULL pointer dereference triggered while processing a routine Housekeeping Telemetry request. All HS versions prior to v7.0.1 are affected; the crash produces a segmentation fault that halts the health-monitoring task. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but a CISA ICS advisory (ICSA-26-197-03) and vendor-tagged fix release exist.
Authentication bypass in HCL DFXServer allows remote unauthenticated attackers to reach specific API endpoints directly and perform unauthorized actions without valid credentials, because the application never verifies authentication status on those routes. The primary impact is high confidentiality exposure with limited integrity impact (CVSS 8.2), and the flaw was self-reported by HCL. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Authentication bypass in HCL DFXServer lets an unauthenticated remote attacker intercept and tamper with the server's authentication responses to be granted access as a legitimate user without presenting valid credentials. Rated CVSS 8.2 (high) with CWE-294 (Authentication Bypass by Capture-replay), the flaw exposes confidential application data to any network-reachable attacker. No public exploit identified at time of analysis and it is not listed in CISA KEV.
Missing-authorization schema tampering in ArcadeDB before 26.6.1 lets any authenticated identity - including a read-only API token that lacks the UPDATE_SCHEMA permission - mutate the database schema over the HTTP command/query endpoints. Because CVE-2026-44221's fix only added the UPDATE_SCHEMA check to LocalDocumentType.createProperty, the remaining schema mutators (DROP PROPERTY, ALTER TYPE, ALTER PROPERTY, type/bucket/alias changes) stayed unguarded, so a low-privilege user can drop properties, rename or re-parent types, and flip property constraints, corrupting the meaning of every stored record. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the vendor advisory (GHSA-vg6x-6pg9-6qwg) confirms the flaw and a fix in 26.6.1.
Authentication/access-control bypass in BigBlueButton's bbb-web component (versions prior to 3.0.21) lets remote attackers reach protected API endpoints without a valid checksum by supplying the presentationUploadExternalUrl parameter. BigBlueButton's API is normally guarded by a shared-secret checksum, so bypassing it undermines the core authorization mechanism for calls such as CreateMeeting. No public exploit identified at time of analysis, though the fixing commit is public; CVSS is 8.1 and there is no CISA KEV listing or EPSS signal in the provided data.
Session hijacking in BigBlueButton before 3.0.21 lets an authenticated conference participant predict and reuse other users' session tokens to impersonate them. The bbb-web component generated 16-character sessionToken values (and 12-character auth tokens and internal user IDs) using Apache Commons RandomStringUtils.randomAlphanumeric, a non-cryptographic PRNG, making the token space guessable to anyone who already holds a valid session. Rated CVSS 8.1 with high confidentiality and integrity impact; no public exploit identified at time of analysis.
Arbitrary file deletion in the Uncanny Automator WordPress plugin (all versions through 7.3.1.4) lets unauthenticated attackers delete any file on the server via untrusted PHP object deserialization in the fr_token function, and deleting a critical file such as wp-config.php can pivute WordPress into an installation/setup state that yields remote code execution. Exploitation is gated by a specific setup: a Forminator form must be connected to an Uncanny Automator recipe whose trigger is configured for 'Everyone', which is what exposes the deserialization sink to anonymous form submissions. A self-contained gadget chain via Action_Helpers_Email::__destruct() ships inside the plugin, so no external gadget library is needed; reported by Wordfence with no public exploit identified at time of analysis and no CISA KEV listing.
Build-time remote code execution in Nuclio (serverless/FaaS platform) versions <= 1.15.27 lets remote attackers run arbitrary OS commands as root inside the function-builder container. The Java runtime renders user-supplied runtimeAttributes.repositories values into a Groovy build.gradle file via Go's text/template using the non-escaping {{ . }} action, so an attacker can inject a closing brace to break out of the repositories {} block and append Groovy that Gradle executes during its configuration phase. Because the Dashboard API defaults to NOP (no) authentication, exploitation needs no credentials; a dynamically-verified proof-of-concept is published in the vendor advisory, though there is no public exploit identified as being used in active attacks.
Local privilege escalation in Zoom Rooms for Windows before version 7.1.0 allows an authenticated low-privileged user to elevate to higher privileges via local access, with high impact to confidentiality, integrity, and availability (CVSS 7.8). Zoom's own security team (security@zoom.us) reported the flaw, classified as improper privilege management. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Local privilege escalation in the Zoom Workplace VDI Plugin for Windows lets an authenticated local user win a time-of-check to time-of-use (TOCTOU) race during the plugin's install/uninstall routine to gain higher privileges (per CVSS, full confidentiality, integrity, and availability impact). The flaw was self-reported by Zoom (bulletin ZSB-26013) and carries a CVSS 3.1 base score of 7.8; no public exploit identified at time of analysis. Exploitation is local-only and requires the attacker to already hold a valid account on the target host.
Out-of-bounds heap write in QEMU lets a local attacker operating inside a guest virtual machine corrupt memory in the host emulator process, enabling information disclosure, data-integrity corruption, or denial of service. The flaw stems from cpu_physical_memory_map() returning a shorter buffer length than the caller assumes, so subsequent writes spill past the allocation. Rated CVSS 7.8 (CWE-787); no public exploit identified at time of analysis, but multiple distributions (Red Hat, Ubuntu, SUSE, Debian) have shipped fixes.
Local file inclusion in Emlog 2.6.13 and earlier lets an authenticated author supply a path-traversal template value that is stored unvalidated by api_controller.php and later passed to View::getView() in log_controller.php, causing an arbitrary local .php file to be included when the article is viewed. Because included PHP is executed, an attacker who can place or influence a .php file on the host can escalate this to code execution. No public exploit has been identified at time of analysis, and no fixed version currently exists.
Server-side request forgery in Stoatchat before 0.14.0 lets unauthenticated, network-accessible attackers reach internal services that a DNS-based IP blocklist was meant to protect. The url_is_blacklisted function validates only the first resolved address, while the underlying HTTP client iterates over all cached DNS addresses, so a hostname resolving to both an allowed and an internal/blocked IP slips past the check. No public exploit identified at time of analysis; the issue is fixed in the v0.14.0 release and was reported by VulnCheck.
Denial of service in the Feast Feature Server (the Python feature-store serving component, also shipped within Red Hat OpenShift AI/RHOAI) lets remote unauthenticated attackers exhaust host resources through its `/ws/chat` WebSocket endpoint. Because the endpoint accepts unlimited concurrent connections and unbounded message traffic, opening many simultaneous sockets drains memory, CPU, and file descriptors until legitimate clients are locked out. There is no public exploit identified at time of analysis and this is not listed in CISA KEV; the upstream fix in PR #192 caps connections, message size, and message rate.
Webhook token disclosure in stoatchat (the Rust 'delta' backend of the Revolt/stoatchat platform) lets any channel member holding only ViewChannel (read) permission enumerate a channel's webhooks and read their secret tokens. Because a retrieved token authorizes posting, the attacker can then inject arbitrary messages while impersonating a bot or webhook, bypassing the channel's ManageWebhooks and posting permissions. Reported by VulnCheck and fixed in 20250210-1 (0.8.2); no public exploit identified at time of analysis.
Uncontrolled memory allocation in Grafana Loki lets remote unauthenticated users issue queries with excessively large limit values, forcing the service to allocate large amounts of memory and potentially exhausting host resources. The impact is denial of service (CVSS 7.5, A:H only) and varies by deployment topology - a single-binary or under-provisioned deployment is far more exposed than a horizontally scaled microservices setup. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; note the input 'Information Disclosure' tag conflicts with the CVSS impact (C:N/I:N/A:H), which indicates an availability-only issue.
Denial of service in the h2o HTTP server (all versions prior to commit 6b5370d) allows remote unauthenticated attackers to crash the server by requesting static files whose on-stack path construction via alloca can reach ~600KB, exceeding musl libc's default 128KB pthread stack and triggering a guard-page segmentation fault. The flaw is a CWE-770 uncontrolled resource allocation issue affecting availability only (CVSS 7.5, A:H). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but exploitation is trivial where h2o is built against musl libc.
Denial of service in Quicly, the QUIC protocol library embedded in the H2O HTTP server, allows remote attackers to corrupt connection state and crash the process prior to commit 8b178e6. Quicly's packet decoder accepts Connection IDs up to 255 bytes (permitted for unknown QUIC versions) but its version-1 CID buffers are only 20 bytes, and the library - unlike its bundled CLI - never rejected over-length CIDs, letting an oversized CID overrun the buffer within its allocated chunk and trigger assertion failures. No public exploit is identified at time of analysis, and the flaw is not listed in CISA KEV.
Remote denial of service in quicly, the IETF QUIC implementation used by the H2O HTTP server, allows unauthenticated attackers to crash the process by sending more than 32KB of valid handshake messages over the CRYPTO stream within a single packet number space, tripping a reachable assertion (CWE-617). Affects all builds prior to commit 937d0e9. No public exploit identified at time of analysis and the flaw is not in CISA KEV, but the network-reachable, no-privilege nature makes it trivially triggerable once understood.
Remote code execution in Microsoft Windows Terminal allows an unauthenticated attacker to run arbitrary code by tricking a user into interacting with malicious content that triggers an integer overflow (CWE-190). The flaw carries a CVSS 7.5 rating driven by high complexity and required user interaction; no public exploit has been identified at time of analysis, and it is not listed in CISA KEV. Microsoft has released a patch through the MSRC update guide.
Remote denial of service in CoreDNS versions prior to 1.14.4 allows an unauthenticated attacker to crash the DNS server with a single 28-byte UDP datagram when the proxyproto plugin is enabled. The malformed PROXY protocol v2 header triggers a nil pointer dereference in the PacketConn.ReadFrom log path, killing the process before per-request recovery can intervene. No public exploit identified at time of analysis, though the fixing PR includes a reproducer test that encodes the exact crashing byte sequence; not listed in CISA KEV.
{file:...} expansion resolved paths without confining them to the prompt directory or allowed roots, so absolute paths, ../ traversal, or symlinks could exfiltrate secrets, config, or credentials into the loaded prompt's fields. There is no public exploit identified at time of analysis and it is not in CISA KEV; NVD scores it 7.5 (High), reflecting confidentiality-only impact.
Code injection in Microsoft Kiota's Python client generator (versions prior to 1.32.0) allows an attacker who controls an OpenAPI description to embed arbitrary Python that executes when a developer generates and imports the resulting client. The flaw stems from unsanitized x-ms-enum.values[].description strings being emitted as inline comments; embedded newlines break out of the comment and run at module scope. No public exploit identified at time of analysis, and the issue is not in CISA KEV. The assigned CVSS 3.1 base score is 7.5, though its impact metrics (C:N/I:N/A:H) understate what is functionally full code execution.
{expr}, #$var, or #@var markers are treated as live Ruby interpolation inside generated model classes. There is no public exploit identified at time of analysis and it is not in CISA KEV, but a fix is confirmed in release v1.32.0.
SQL injection in ThemeHunk's Advance Product Search - Voice & Ajax Search for WooCommerce plugin (all versions ≤ 1.4.4) lets unauthenticated attackers inject arbitrary SQL through the 's' and 'match' search parameters, enabling extraction of sensitive database contents such as user credentials and order data. The flaw stems from unescaped, unprepared query construction in the plugin's AJAX search backend and is remotely exploitable without authentication or user interaction. Reported by Wordfence; no public exploit identified at time of analysis and not listed in CISA KEV.
Denial of service in libsolv's PGP signature verification (solv_pgpvrfy) allows remote attackers to crash automated package and repository processing by supplying a crafted Ed25519 signature. The flaw is a stack-based buffer overflow (CWE-121) triggered when the EdDSA 's' MPI is copied into a fixed 64-byte stack buffer using an attacker-controlled mismatched length. It affects the libsolv dependency solver embedded in Red Hat Enterprise Linux 7/8/9/10, OpenShift, Satellite, RHUI, openSUSE/SUSE, Ubuntu and Debian; no public exploit identified at time of analysis and it is not in CISA KEV.
Authentication bypass and control-plane information disclosure in Envoy Gateway (versions >= 1.8.0-rc.0 to < 1.8.1, and all releases < 1.7.4) allows any in-cluster pod that can reach the xDS gRPC server on port 18000 to read sensitive xDS resources without valid credentials. The flaw affects only deployments running in GatewayNamespaceMode, where the JWT StreamInterceptor mishandles State-of-the-World DiscoveryRequests and no UnaryInterceptor guards the Fetch endpoints, exposing TLS private keys (SDS), clusters/endpoints, and routing configuration. No public exploit identified at time of analysis, and it is not listed in CISA KEV; CVSS is 7.4 (High).
Sensitive credential exposure in Frogman (an mwtcmi FreePBX module providing headless PBX control via MCP and an HTTP API) before 1.6.2 stores API tokens in cleartext, so any read of the oc_api_tokens database table yields fully reusable, active tokens at their assigned permission level - up to admin. Because Frogman.class.php authenticated the X-Frogman-Token header by directly comparing the presented value against the stored raw string, a leaked or read database directly hands an attacker working credentials. Rated CVSS 7.4 (high); no public exploit identified at time of analysis, and the issue is fixed in version 1.6.2.
Local privilege escalation in AutomationDirect Productivity Suite programming software stems from an out-of-bounds write (CWE-787) reachable through a crafted IOCTL request to a privileged kernel-mode component, corrupting kernel memory. An authenticated local attacker on an engineering workstation running the software can leverage the corruption to escalate to SYSTEM/kernel privileges or crash the host. No public exploit identified at time of analysis; the flaw is documented in CISA ICS advisory ICSA-26-197-04 (reported by ICS-CERT) but is not listed in CISA KEV, and no EPSS score was supplied.
Local privilege escalation in AutomationDirect Productivity Suite lets an authenticated local attacker corrupt kernel memory by issuing a crafted IOCTL request to an out-of-bounds write flaw (CWE-787). Successful exploitation can elevate privileges to SYSTEM/kernel level or crash the host running this engineering workstation software for AutomationDirect Productivity-series PLCs. Reported through CISA ICS-CERT (ICSA-26-197-04); no public exploit identified at time of analysis and no KEV/EPSS signal is present.
Improper authorization in cert-manager 1.18.0 through 1.19.5 and 1.20.0-1.20.2 lets a namespaced tenant with standard Challenge/Order create rights forge ACME Challenge resources that reference a ClusterIssuer, bypassing DNS01 solver selectors (dnsZones, dnsNames, matchLabels) so the controller uses cluster-wide DNS credentials for attacker-chosen provider settings and names. The primary consequence is disclosure of shared ClusterIssuer DNS credentials - notably acme-dns X-Api-User and X-Api-Key headers - enabling cross-tenant credential theft in multi-tenant clusters. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Local code execution in Lenovo Legion Zone and the Lenovo App Store (China-market Windows builds) allows an authenticated local user to run arbitrary code when either application is installed on a non-system partition. The flaw stems from insecure directory/file permissions (CWE-277) that a low-privileged user can abuse to plant or modify executable content later run with higher privilege. No public exploit is identified at time of analysis and it is not listed in CISA KEV; impact is confined to systems where these Chinese-market Lenovo utilities are deployed to a non-default drive.
Stored cross-site scripting in the Breakdance WordPress page-builder plugin (versions through 2.7.1) lets unauthenticated attackers inject persistent JavaScript through the 'fields' parameter, which then runs in the browser of any user who views the affected page. The flaw carries a CVSS 3.1 score of 7.2, elevated by a scope change (S:C) because the payload executes in visitors' browser sessions rather than the server context. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; Wordfence discovered and reported it.
Stored cross-site scripting in the RPB Chessboard WordPress plugin (all versions through 8.1.2) lets unauthenticated attackers plant persistent JavaScript through comment content that executes in the browser of anyone who later views the affected page. The novel aspect, per Wordfence, is that WordPress's normal save-time kses sanitization is bypassed because the payload uses only kses-allowed tags/attributes (an <a> element with title and href) and the dangerous attribute-breaking markup is assembled entirely at render time by the plugin's own comment_text filter. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the unauthenticated, no-interaction entry point makes it a practical drive-by injection risk.
Privilege escalation in SALTO ProAccess Space access-control software allows an authenticated tenant user to break out of their assigned logical partition and reach any space managed by the platform. The flaw exists specifically when the multi-tenancy / logical partition feature is in use, letting a low-privileged authorized user manipulate an object reference to act on resources belonging to other tenants. Reported through CISA ICS-CERT (ICSA-26-197-07); no public exploit identified at time of analysis and no EPSS or KEV signal is provided in the input.
Server-Side Request Forgery and arbitrary local file read in ArcadeDB before 26.6.1 let any authenticated user with SQL command/query access - not just root/administrators - abuse the SQL `IMPORT DATABASE` statement, whose source URL was passed to the importer unchecked. Because it required no administrative privileges, a low-privileged user could force the server to fetch arbitrary HTTP(S) endpoints (including cloud metadata at 169.254.169.254 and internal-only services) and ingest the responses as queryable records, or read local files such as `/etc/passwd` and credential files via `file://` paths. No public exploit identified at time of analysis; the flaw was privately reported and fixed in release 26.6.1.
Code injection in remorses/genql (the @genql/cli TypeScript GraphQL client generator) before 6.3.4 lets an actor who controls the GraphQL schema fed to genql smuggle arbitrary TypeScript/JavaScript into the generated schema.ts file, which then executes when a downstream consumer bundles and imports the client. The flaw stems from GraphQL type/field descriptions containing a `*/` sequence that breaks out of the generated JSDoc comment block. There is no public exploit identified at time of analysis and it is not in CISA KEV; the issue was responsibly disclosed (issue #197) and reported by CISA (cisa-cg), with a vendor patch in 6.3.4.
Path traversal in Manyfold's file-rename functionality (versions 0.96.0 through 0.139.x) lets an authenticated user move or write files outside the configured 3D-model library directory. The flaw stems from app/models/model_file.rb passing a user-controlled filename straight into File.join(model.path, filename) without stripping '..' sequences, giving low-privileged users write/overwrite primitives on the host filesystem. No public exploit identified at time of analysis, but the upstream fix commit and its test cases plainly demonstrate the traversal, and the issue is resolved in 0.140.0.
Build-time SSRF, remote file inclusion, and local file inclusion in Microsoft Kiota before 1.32.5 lets an attacker-controlled OpenAPI description force the `kiota generate` command to fetch arbitrary remote http(s) URLs and read local absolute or out-of-tree file paths while resolving $ref values. Because Kiota inlined those external schemas into generated clients, an attacker could exfiltrate internal endpoints or leak local file contents (e.g. REMOTE_KIOTA_PROP-style properties) into produced code. No public exploit has been identified at time of analysis; the risk is developer/CI-toolchain oriented and requires a developer to run generation against a malicious or influenced description (CVSS 7.1).
Local privilege escalation in the Windows Backup Engine affects Windows 10 (21H2, 22H2) and Windows 11 (24H2, 25H2, 26H1), where a race condition (CWE-362) lets an already-authenticated low-privileged user win a timing window to elevate to higher privileges. The CVSS 3.1 base score is 7.0 (AV:L/AC:H/PR:L), reflecting local access and high attack complexity but full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis and the CVE is not listed in CISA KEV; a vendor patch is available from Microsoft.
Local privilege escalation in certain Zoom Clients for Windows lets an authenticated local user exploit a time-of-check to time-of-use (TOCTOU) race during install/uninstall to gain higher privileges (likely SYSTEM). The flaw was reported by Zoom's own security team and is documented in bulletin ZSB-26012; no public exploit identified at time of analysis and it is not on CISA KEV. The high-complexity race window and local-access requirement temper an otherwise high-impact (C:H/I:H/A:H) issue.
Local privilege escalation to arbitrary code execution affects Lenovo App Store, a software-distribution client shipped exclusively on Lenovo devices in the Chinese market. A local authenticated user who can interact with the application can leverage its excessive privileges (CWE-250) to run arbitrary code at an elevated privilege level, with high confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so no active exploitation is confirmed.
Local code execution in Lenovo App Store (Chinese-market distribution only) lets an authenticated local user abuse a path traversal weakness to write or load files outside intended directories and run arbitrary code. The flaw was self-reported by Lenovo and carries a CVSS 4.0 base score of 7.0; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is high to confidentiality, integrity, and availability of the local system, but exploitation requires existing low-privilege local access plus user interaction.
Arbitrary file write via path traversal in Microsoft Kiota (OpenAPI HTTP client/plugin code generator) before 1.32.5 allows a malicious repository or pull request to place files outside the workspace root on a developer or CI host. The tool trusts the checked-in .kiota/workspace.json and honors attacker-controlled per-client and per-plugin outputPath values during 'kiota client generate' and 'kiota plugin generate' without validating them. No public exploit identified at time of analysis and the flaw is not in CISA KEV, but exploitation is realistic in CI/pull-request workflows since it only requires a developer to run generation against poisoned config.