2026-07-17
Session hijacking in Proxmox Virtual Environment (PVE 9.x/8.4.x) lets an authenticated user with rights to call the "vncproxy" API race the parallel "vncwebsocket" call and seize a VNC console session that a different user legitimately opened for a different VM. The flaw (CWE-362, CVSS 7.2) grants full interactive console access to another tenant's virtual machine, breaking isolation between users. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Broken object-level authorization in the Hashtopolis server web-interface chunk activity component lets any authenticated low-privilege account read all cracked hashes across the entire server, regardless of access-group membership. Affecting all versions prior to 0.14.8, the flaw exposes recovered plaintext credentials - the core sensitive output of the platform - to users who should only see their own group's data. No public exploit is identified at time of analysis, but the vendor confirmed the issue and shipped a fix in v0.14.8.
Cross-origin data exposure in the Grav API plugin (getgrav/grav-plugin-api) before 1.0.0-rc.16 stems from a hardcoded 'Access-Control-Allow-Origin: *' header returned on every response, including authenticated endpoints and preflight (OPTIONS) responses. Because the plugin authenticates via the Authorization and X-API-Token request headers rather than cookies, any malicious website scripting a leaked access token can read the response bodies of authenticated endpoints and perform write actions as that token's user. Reported by VulnCheck with no public exploit identified at time of analysis; not listed in CISA KEV.
Untrusted plugin loading in OpenClaw before 2026.5.22 lets an attacker with lower-trust caller access, or control over configured input paths, get malicious workspace plugins loaded through the setup-mode discovery process, executing or persisting actions above their intended authorization level. Exploitation is local and requires active user interaction plus a specific attack precondition (CVSS 4.0 base 7.1), and there is no public exploit identified at time of analysis. The root cause is inclusion of functionality from an untrusted control sphere (CWE-829) during setup-mode plugin discovery.
Insecure direct object reference in Chat2DB before 5.3.0 lets any authenticated non-admin user read the decrypted database credentials of datasources belonging to other users by enumerating IDs against GET /api/connection/datasource/{id}. Because the handler returns the plaintext password field and omits an ownership check, a single low-privileged account can harvest every other tenant's stored connection secrets. No public exploit has been identified at time of analysis, but exploitation is trivial and the EPSS/KEV signals were not supplied in the input.
Arbitrary file read in Sangoma Switchvox SMB Edition 8.3 (build 104997) allows an authenticated user to disclose sensitive files anywhere on the appliance filesystem. The play_file functionality trusts the user-controlled sound_path parameter and fails to validate paths, so supplying an absolute path escapes the intended sound directory. No public exploit code is identified, but a detailed technical write-up from the reporting researchers (SRA) exists, and the flaw is not listed in CISA KEV.
Unauthorized ticket data disclosure in osTicket v1.18.3 and v1.17.7 allows an authenticated low-privilege user to access tickets belonging to other users by manipulating object identifiers in the AJAX ticket-management endpoints. The flaw stems from missing per-object authorization checks (BOLA/IDOR) rather than a coding error in the request handler. It was reported by Fluid Attacks and fixed in v1.18.4/v1.17.8; no public exploit code is identified at time of analysis, though a Medium write-up and vendor advisory describe the issue.
Stored cross-site scripting in Sangoma Switchvox SMB Edition 8.3 (build 104997) lets an authenticated user inject persistent JavaScript through the voicemail notification template feature, which then executes in the browsers of other users who view the affected template. The payload is submitted via the template_text parameter to the submit_modify_voicemail_template endpoint, which fails to sanitize HTML. No public exploit identified at time of analysis, though the flaw was disclosed with a technical writeup by researchers at SRA; it is not listed in CISA KEV.
Out-of-bounds memory read in YAML::Syck's bundled libsyck C library for Perl exposes any application calling Load() or LoadFile() on untrusted YAML to a one-byte heap over-read. The root flaw (CVE-2025-11683) resided in the libsyck block-scalar lexer's newline scanning logic; the patch issued for that CVE was incomplete, leaving a second lexer path uncovered - subsequently disclosed as CVE-2026-57077. Both are resolved in YAML-Syck 1.47 (released July 13, 2026). No public exploit has been identified and the vulnerability is not listed in the CISA KEV catalog.