Skip to main content

CWE-265

Privilege Issues

9 CVEs Avg CVSS 6.7 MITRE
3
CRITICAL
1
HIGH
3
MEDIUM
2
LOW
6
POC
0
KEV

Monthly

CVE-2026-14784 MEDIUM PATCH This Month

Sandbox boundary enforcement failure in PentAGI (vxcontrol) versions up to 2.1.0 allows authenticated remote users to break Docker containment controls via the Docker API client component in `backend/pkg/docker/client.go`, enabling limited information disclosure and unauthorized low-impact modifications within the Docker environment. The CVSS 4.0 vector (PR:L, AV:N, AC:L) confirms low-privilege network-reachable exploitation with no user interaction required, though all impact metrics remain Low and no host-level breakout is indicated. No public exploit code exists and this vulnerability is not listed in CISA KEV; an upstream fix is pending as an unmerged GitHub pull request.

Information Disclosure Docker Pentagi
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.2%
CVE-2026-9368 PyPI MEDIUM POC PATCH This Month

Remote sandbox escape in NousResearch hermes-agent versions up to 2026.4.16 allows unauthenticated attackers to manipulate environment variables through the code execution tool, potentially breaking out of the intended security sandbox. The vulnerability has publicly available exploit code and the vendor has not responded to disclosure attempts, leaving systems unpatched.

Information Disclosure Hermes Agent
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-6878 PyPI LOW POC GHSA Monitor

Sandbox bypass in ByteDance verl up to version 0.7.0 allows remote attackers to achieve limited information disclosure through manipulation of the math_equal function in prime_math/grader.py. The vulnerability requires high attack complexity and has been publicly documented with exploit code available, though the vendor has not responded to early disclosure attempts.

Information Disclosure Verl
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-6224 MEDIUM POC This Month

A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javascript/src/server/Vm.js. Performing a manipulation results in sandbox issue. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Information Disclosure Plugin Workflow Javascript
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6117 LOW POC Monitor

AstrBot versions up to 4.22.1 allow authenticated remote attackers to bypass sandbox restrictions via malicious file uploads to the install-upload endpoint (install_plugin_upload function), enabling arbitrary code execution with limited information disclosure and integrity impact. The vulnerability exists in the plugin installation mechanism and has publicly available exploit code; the vendor has been notified but has not yet responded with a patch.

Information Disclosure Astrbot
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2024-2007 HIGH This Week

A vulnerability was found in OpenBMB XAgent 1.0.0. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xagent
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-5223 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in HimitZH HOJ up to 4.6-9a65e3f. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Hcode Online Judge
NVD GitHub VulDB
CVSS 3.1
9.9
EPSS
0.9%
CVE-2023-26122 npm CRITICAL POC Act Now

All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Safe Eval
NVD GitHub
CVSS 3.1
10.0
EPSS
2.1%
CVE-2020-1889 CRITICAL Act Now

A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Whatsapp Desktop
NVD
CVSS 3.1
10.0
EPSS
4.8%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Sandbox boundary enforcement failure in PentAGI (vxcontrol) versions up to 2.1.0 allows authenticated remote users to break Docker containment controls via the Docker API client component in `backend/pkg/docker/client.go`, enabling limited information disclosure and unauthorized low-impact modifications within the Docker environment. The CVSS 4.0 vector (PR:L, AV:N, AC:L) confirms low-privilege network-reachable exploitation with no user interaction required, though all impact metrics remain Low and no host-level breakout is indicated. No public exploit code exists and this vulnerability is not listed in CISA KEV; an upstream fix is pending as an unmerged GitHub pull request.

Information Disclosure Docker Pentagi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Remote sandbox escape in NousResearch hermes-agent versions up to 2026.4.16 allows unauthenticated attackers to manipulate environment variables through the code execution tool, potentially breaking out of the intended security sandbox. The vulnerability has publicly available exploit code and the vendor has not responded to disclosure attempts, leaving systems unpatched.

Information Disclosure Hermes Agent
NVD VulDB GitHub
EPSS 0% CVSS 2.9
LOW POC Monitor

Sandbox bypass in ByteDance verl up to version 0.7.0 allows remote attackers to achieve limited information disclosure through manipulation of the math_equal function in prime_math/grader.py. The vulnerability requires high attack complexity and has been publicly documented with exploit code available, though the vendor has not responded to early disclosure attempts.

Information Disclosure Verl
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javascript/src/server/Vm.js. Performing a manipulation results in sandbox issue. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Information Disclosure Plugin Workflow Javascript
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

AstrBot versions up to 4.22.1 allow authenticated remote attackers to bypass sandbox restrictions via malicious file uploads to the install-upload endpoint (install_plugin_upload function), enabling arbitrary code execution with limited information disclosure and integrity impact. The vulnerability exists in the plugin installation mechanism and has publicly available exploit code; the vendor has been notified but has not yet responded with a patch.

Information Disclosure Astrbot
NVD VulDB GitHub
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability was found in OpenBMB XAgent 1.0.0. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xagent
NVD GitHub VulDB
EPSS 1% CVSS 9.9
CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in HimitZH HOJ up to 4.6-9a65e3f. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Hcode Online Judge
NVD GitHub VulDB
EPSS 2% CVSS 10.0
CRITICAL POC Act Now

All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Safe Eval
NVD GitHub
EPSS 5% CVSS 10.0
CRITICAL Act Now

A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Whatsapp Desktop
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy