Monthly
Local code execution in Lenovo Legion Zone and the Lenovo App Store (China-market Windows builds) allows an authenticated local user to run arbitrary code when either application is installed on a non-system partition. The flaw stems from insecure directory/file permissions (CWE-277) that a low-privileged user can abuse to plant or modify executable content later run with higher privilege. No public exploit is identified at time of analysis and it is not listed in CISA KEV; impact is confined to systems where these Chinese-market Lenovo utilities are deployed to a non-default drive.
ViewComponent preview routes allow authenticated attackers to invoke inherited helper methods including render_with_template, enabling rendering of internal Rails templates and exposure of secrets, configuration, and debug data not otherwise routable. The vulnerability requires authenticated access (CVSS PR:L) and affects versions 3.0.0 through 4.8.x; it is confirmed by proof-of-concept code in the vendor repository and requires preview routes to be externally exposed.
Anonymous authorization bypass in Mendix Studio Pro (all versions up to 11.8.0 Beta) causes the Anonymous user role to silently follow standard user-inheritance rules, so an unauthenticated visitor can read every record in an entity even when no access rights are configured for that role. Demonstrated in DIVD's VerySecureApp (≤1.1.0), the flaw exposes entire datasets to anonymous callers whenever anonymous access is enabled to publish an entity publicly. There is no public exploit identified at time of analysis, EPSS is very low (0.04%), and it is not on CISA KEV, but SSVC rates technical impact as total and automatable.
Local privilege escalation in DeepCool DeepCreative software version 1.2.7 and earlier allows unauthenticated attackers to execute arbitrary code with elevated privileges through malicious file processing. The vulnerability stems from insecure permission configuration (CWE-277) requiring user interaction to open a crafted file. Public exploit research exists on GitHub (uncle-hash repository), though CISA has not confirmed active exploitation. CVSS 7.8 indicates high severity, but EPSS data unavailable; SSVC framework rates technical impact as total with no confirmed exploitation and non-automatable attack path.
macOS systems running versions prior to Tahoe 26.3 contain an improper permissions restriction that allows local applications to read sensitive user data without authorization. A threat actor with local access could exploit this vulnerability to exfiltrate protected information. A patch is currently unavailable for affected systems.
Graphics Software versions up to 25.30.1702.0 contains a vulnerability that allows attackers to an escalation of privilege (CVSS 6.7).
Arubaos contains a vulnerability that allows attackers to an authenticated malicious actor to create or modify arbitrary files and execute (CVSS 7.2).
SpiceDB is an open source database system for creating and managing security-critical application permissions. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Open OnDemand is an open-source HPC portal. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insecure inherited permissions for some Intel(R) Rapid Storage Technology Application before version 20.0.1021 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.
Local code execution in Lenovo Legion Zone and the Lenovo App Store (China-market Windows builds) allows an authenticated local user to run arbitrary code when either application is installed on a non-system partition. The flaw stems from insecure directory/file permissions (CWE-277) that a low-privileged user can abuse to plant or modify executable content later run with higher privilege. No public exploit is identified at time of analysis and it is not listed in CISA KEV; impact is confined to systems where these Chinese-market Lenovo utilities are deployed to a non-default drive.
ViewComponent preview routes allow authenticated attackers to invoke inherited helper methods including render_with_template, enabling rendering of internal Rails templates and exposure of secrets, configuration, and debug data not otherwise routable. The vulnerability requires authenticated access (CVSS PR:L) and affects versions 3.0.0 through 4.8.x; it is confirmed by proof-of-concept code in the vendor repository and requires preview routes to be externally exposed.
Anonymous authorization bypass in Mendix Studio Pro (all versions up to 11.8.0 Beta) causes the Anonymous user role to silently follow standard user-inheritance rules, so an unauthenticated visitor can read every record in an entity even when no access rights are configured for that role. Demonstrated in DIVD's VerySecureApp (≤1.1.0), the flaw exposes entire datasets to anonymous callers whenever anonymous access is enabled to publish an entity publicly. There is no public exploit identified at time of analysis, EPSS is very low (0.04%), and it is not on CISA KEV, but SSVC rates technical impact as total and automatable.
Local privilege escalation in DeepCool DeepCreative software version 1.2.7 and earlier allows unauthenticated attackers to execute arbitrary code with elevated privileges through malicious file processing. The vulnerability stems from insecure permission configuration (CWE-277) requiring user interaction to open a crafted file. Public exploit research exists on GitHub (uncle-hash repository), though CISA has not confirmed active exploitation. CVSS 7.8 indicates high severity, but EPSS data unavailable; SSVC framework rates technical impact as total with no confirmed exploitation and non-automatable attack path.
macOS systems running versions prior to Tahoe 26.3 contain an improper permissions restriction that allows local applications to read sensitive user data without authorization. A threat actor with local access could exploit this vulnerability to exfiltrate protected information. A patch is currently unavailable for affected systems.
Graphics Software versions up to 25.30.1702.0 contains a vulnerability that allows attackers to an escalation of privilege (CVSS 6.7).
Arubaos contains a vulnerability that allows attackers to an authenticated malicious actor to create or modify arbitrary files and execute (CVSS 7.2).
SpiceDB is an open source database system for creating and managing security-critical application permissions. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Open OnDemand is an open-source HPC portal. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insecure inherited permissions for some Intel(R) Rapid Storage Technology Application before version 20.0.1021 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.