Monthly
Configuration injection in F5 NGINX Ingress Controller lets an authenticated Kubernetes user with rights to create or modify Ingress CRDs or annotations smuggle arbitrary NGINX directives into the generated configuration. Because multiple user-controllable fields are written to the config without sanitization, an attacker can inject directives that create or delete files and disable services on the control plane. No public exploit identified at time of analysis; this is a control-plane-only issue with no data plane exposure, but the CVSS 4.0 score of 8.7 (High) reflects strong confidentiality and integrity impact.
Configuration injection in F5 NGINX Gateway Fabric lets an authenticated Kubernetes user who can create or modify NginxProxy or AuthenticationFilter Custom Resources inject arbitrary NGINX directives into generated data-plane configuration. The flaw lives in the control-plane config generator, which renders the serverTokens and extraAuthArgs fields into NGINX templates without escaping, so any tenant holding RBAC rights over these CRDs can rewrite the NGINX Plus config that gets deployed. There is no public exploit identified at time of analysis and EPSS is low (0.36%), but SSVC rates the technical impact as total.
parisneo/lollms-webui, in its latest version, is vulnerable to remote code execution due to an insecure dependency on llama-cpp-python version. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
llama-cpp-python is the Python bindings for llama.cpp. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the `/completions` endpoint. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Configuration injection in F5 NGINX Ingress Controller lets an authenticated Kubernetes user with rights to create or modify Ingress CRDs or annotations smuggle arbitrary NGINX directives into the generated configuration. Because multiple user-controllable fields are written to the config without sanitization, an attacker can inject directives that create or delete files and disable services on the control plane. No public exploit identified at time of analysis; this is a control-plane-only issue with no data plane exposure, but the CVSS 4.0 score of 8.7 (High) reflects strong confidentiality and integrity impact.
Configuration injection in F5 NGINX Gateway Fabric lets an authenticated Kubernetes user who can create or modify NginxProxy or AuthenticationFilter Custom Resources inject arbitrary NGINX directives into generated data-plane configuration. The flaw lives in the control-plane config generator, which renders the serverTokens and extraAuthArgs fields into NGINX templates without escaping, so any tenant holding RBAC rights over these CRDs can rewrite the NGINX Plus config that gets deployed. There is no public exploit identified at time of analysis and EPSS is low (0.36%), but SSVC rates the technical impact as total.
parisneo/lollms-webui, in its latest version, is vulnerable to remote code execution due to an insecure dependency on llama-cpp-python version. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
llama-cpp-python is the Python bindings for llama.cpp. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the `/completions` endpoint. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.