Monthly
Information disclosure in Apache Camel's camel-undertow HTTP server consumer (versions 4.0.0 through 4.21.0) exposes complete Java stack traces to unauthenticated HTTP clients whenever a route processing exception occurs, due to a misconfigured default and a code-level bypass. Unlike every other Camel HTTP server component (camel-http, camel-jetty, camel-servlet, camel-platform-http), all of which default muteException to true, camel-undertow defaulted this option to false - and for Rest DSL consumers the option was silently ignored entirely due to a hard-coded false in RestUndertowHttpBinding, meaning muteException=true gave false confidence without actual protection. No public exploit has been identified at time of analysis; however exploitation requires only the ability to send a malformed HTTP request to a reachable endpoint, making this trivially accessible to any network-level attacker.
Stack trace disclosure in Apache Camel's camel-netty-http component (versions 4.0.0-4.21.0 across three release streams) exposes full Java Throwable stack traces to unauthenticated HTTP clients whenever a route processing error occurs under the default configuration. The root cause is an insecure default: the muteException option backed by an uninitialized Java primitive boolean defaulted to false in camel-netty-http while all other Camel HTTP server components (camel-http, camel-jetty, camel-servlet, camel-platform-http) correctly default it to true. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, but the low-effort triggering condition - any malformed request that causes a route exception - makes opportunistic enumeration straightforward against exposed endpoints.
Improper error handling in Capgo's /private/accept_invitation endpoint before version 12.128.2 allows unauthenticated network attackers to trigger HTTP 500 Internal Server Error responses by submitting malformed magic_invite_string values, leaking internal processing details in violation of CWE-209. Exploitation requires no privileges or user interaction - only the publicly accessible endpoint and knowledge of its path - making any internet-exposed Capgo instance susceptible to targeted reconnaissance. No public exploit has been identified and this vulnerability is not listed in CISA KEV; the risk is constrained to information disclosure that could support a broader attack chain.
IBM watsonx.data Intelligence versions 5.2.0 through 5.3.0 leak sensitive technical information to the browser via verbose error messages, giving authenticated remote attackers a reconnaissance foothold for follow-on attacks. The flaw is rooted in CWE-209 (overly informative error generation), which can expose stack traces, internal paths, backend technology details, or configuration fragments depending on what error condition is triggered. No public exploit code has been identified and no active exploitation is confirmed; the mandatory authentication barrier (PR:L) and information-only impact limit immediate blast radius, but the data gathered can materially assist more sophisticated attacks against the same system.
The OAuth2 HTTP filter in Envoy Proxy prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1 implements AES-256-CBC encryption for the PKCE CodeVerifier cookie without any authentication tag, creating a classic padding oracle through differential HTTP responses on the /callback endpoint. An attacker who obtains the victim's encrypted CodeVerifier cookie and a stolen authorization code can recover the plaintext PKCE code_verifier in approximately 6,200 crafted requests (~100 seconds), then complete the OAuth token exchange to hijack the victim's access token. No public exploit code or CISA KEV listing has been identified at time of analysis; vendor-confirmed patches are available in all four current release branches.
Server-side request forgery and internal network enumeration in Appsmith (prior to 1.99) is enabled by the POST /api/v1/admin/send-test-email endpoint accepting attacker-controlled smtpHost and smtpPort values, which JavaMail uses to establish raw TCP connections without IP address validation - completely bypassing the application's existing WebClientUtils.IP_CHECK_FILTER. Verbatim MailException error messages are returned in API responses, enabling authenticated administrators (or attackers who have compromised admin credentials) to probe internal network topology, enumerate open ports, and harvest service banners. No public exploit identified at time of analysis; the vulnerability is fixed in version 1.99.
OAuth2 credential exposure in the jleehr/canto-saas-api PHP Composer library (versions ≤ 2.0.0) allows any party with read access to web server logs, proxy logs, APM traces, or error tracking platforms to harvest Canto app_secret, refresh_token, and authorization code values in plaintext. The library violates RFC 6749 §2.3.1 by transmitting these credentials as URL query parameters on POST requests to the Canto OAuth token endpoint, rather than in the form-encoded POST body - causing them to be recorded by default in virtually every HTTP logging layer. A second exposure path exists through failed token requests: Guzzle exception messages containing the full credential-laden URI were propagated unmodified into AuthorizationFailedException, meaning error trackers such as Sentry may also have captured these secrets. No public exploit has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Unrestricted file upload in HCL ZIE for Web (Z and I Emulator) version 16.0 allows remote attackers to upload a web shell that can yield arbitrary command execution on the server, but only when the server is configured to execute uploaded code and the file lands inside the Webroot. The CVSS 3.1 base score is 9.8, yet CISA's SSVC framework rates exploitation as 'none' and not automatable with only partial technical impact, and EPSS sits at just 0.34% (26th percentile). No public exploit is identified at time of analysis and the issue is not listed in CISA KEV.
Unauthenticated remote attackers can invoke MCP tool handlers and exfiltrate the operator's long-lived Meta Graph API access token from pipeboard-co/meta-ads-mcp through version 1.0.108 when the server is run with the streamable-HTTP transport on a network-reachable port. The AuthInjectionMiddleware silently forwards requests lacking an Authorization or X-PIPEBOARD-API-TOKEN header, tool handlers fall back to the META_ACCESS_TOKEN environment variable, and Graph API error responses echo the request URL - including the token query parameter - back to the caller. A working proof-of-concept is published in GHSA-9gw6-46qc-99vr; no public exploit identified at time of analysis as a separate weaponized tool, but the PoC is sufficient to reproduce end-to-end.
Information disclosure in Spring Web Services (Spring-WS) exposes account lifecycle state - such as locked, disabled, or expired status - to remote unauthenticated SOAP clients through verbose exception messages or callback outcomes during authentication processing. Affected are four actively maintained branches (3.1.x through 5.0.x) when the SOAP layer is integrated with Spring Security; the root cause is CWE-209, where error handling fails to normalize Spring Security's typed account-state exceptions into generic authentication failures. No public exploit code and no CISA KEV listing have been identified at time of analysis; however, the CVSS 5.3 (Medium) rating reflects genuine reconnaissance utility for account enumeration against exposed SOAP endpoints.
Information disclosure in Apache Camel's camel-undertow HTTP server consumer (versions 4.0.0 through 4.21.0) exposes complete Java stack traces to unauthenticated HTTP clients whenever a route processing exception occurs, due to a misconfigured default and a code-level bypass. Unlike every other Camel HTTP server component (camel-http, camel-jetty, camel-servlet, camel-platform-http), all of which default muteException to true, camel-undertow defaulted this option to false - and for Rest DSL consumers the option was silently ignored entirely due to a hard-coded false in RestUndertowHttpBinding, meaning muteException=true gave false confidence without actual protection. No public exploit has been identified at time of analysis; however exploitation requires only the ability to send a malformed HTTP request to a reachable endpoint, making this trivially accessible to any network-level attacker.
Stack trace disclosure in Apache Camel's camel-netty-http component (versions 4.0.0-4.21.0 across three release streams) exposes full Java Throwable stack traces to unauthenticated HTTP clients whenever a route processing error occurs under the default configuration. The root cause is an insecure default: the muteException option backed by an uninitialized Java primitive boolean defaulted to false in camel-netty-http while all other Camel HTTP server components (camel-http, camel-jetty, camel-servlet, camel-platform-http) correctly default it to true. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, but the low-effort triggering condition - any malformed request that causes a route exception - makes opportunistic enumeration straightforward against exposed endpoints.
Improper error handling in Capgo's /private/accept_invitation endpoint before version 12.128.2 allows unauthenticated network attackers to trigger HTTP 500 Internal Server Error responses by submitting malformed magic_invite_string values, leaking internal processing details in violation of CWE-209. Exploitation requires no privileges or user interaction - only the publicly accessible endpoint and knowledge of its path - making any internet-exposed Capgo instance susceptible to targeted reconnaissance. No public exploit has been identified and this vulnerability is not listed in CISA KEV; the risk is constrained to information disclosure that could support a broader attack chain.
IBM watsonx.data Intelligence versions 5.2.0 through 5.3.0 leak sensitive technical information to the browser via verbose error messages, giving authenticated remote attackers a reconnaissance foothold for follow-on attacks. The flaw is rooted in CWE-209 (overly informative error generation), which can expose stack traces, internal paths, backend technology details, or configuration fragments depending on what error condition is triggered. No public exploit code has been identified and no active exploitation is confirmed; the mandatory authentication barrier (PR:L) and information-only impact limit immediate blast radius, but the data gathered can materially assist more sophisticated attacks against the same system.
The OAuth2 HTTP filter in Envoy Proxy prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1 implements AES-256-CBC encryption for the PKCE CodeVerifier cookie without any authentication tag, creating a classic padding oracle through differential HTTP responses on the /callback endpoint. An attacker who obtains the victim's encrypted CodeVerifier cookie and a stolen authorization code can recover the plaintext PKCE code_verifier in approximately 6,200 crafted requests (~100 seconds), then complete the OAuth token exchange to hijack the victim's access token. No public exploit code or CISA KEV listing has been identified at time of analysis; vendor-confirmed patches are available in all four current release branches.
Server-side request forgery and internal network enumeration in Appsmith (prior to 1.99) is enabled by the POST /api/v1/admin/send-test-email endpoint accepting attacker-controlled smtpHost and smtpPort values, which JavaMail uses to establish raw TCP connections without IP address validation - completely bypassing the application's existing WebClientUtils.IP_CHECK_FILTER. Verbatim MailException error messages are returned in API responses, enabling authenticated administrators (or attackers who have compromised admin credentials) to probe internal network topology, enumerate open ports, and harvest service banners. No public exploit identified at time of analysis; the vulnerability is fixed in version 1.99.
OAuth2 credential exposure in the jleehr/canto-saas-api PHP Composer library (versions ≤ 2.0.0) allows any party with read access to web server logs, proxy logs, APM traces, or error tracking platforms to harvest Canto app_secret, refresh_token, and authorization code values in plaintext. The library violates RFC 6749 §2.3.1 by transmitting these credentials as URL query parameters on POST requests to the Canto OAuth token endpoint, rather than in the form-encoded POST body - causing them to be recorded by default in virtually every HTTP logging layer. A second exposure path exists through failed token requests: Guzzle exception messages containing the full credential-laden URI were propagated unmodified into AuthorizationFailedException, meaning error trackers such as Sentry may also have captured these secrets. No public exploit has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Unrestricted file upload in HCL ZIE for Web (Z and I Emulator) version 16.0 allows remote attackers to upload a web shell that can yield arbitrary command execution on the server, but only when the server is configured to execute uploaded code and the file lands inside the Webroot. The CVSS 3.1 base score is 9.8, yet CISA's SSVC framework rates exploitation as 'none' and not automatable with only partial technical impact, and EPSS sits at just 0.34% (26th percentile). No public exploit is identified at time of analysis and the issue is not listed in CISA KEV.
Unauthenticated remote attackers can invoke MCP tool handlers and exfiltrate the operator's long-lived Meta Graph API access token from pipeboard-co/meta-ads-mcp through version 1.0.108 when the server is run with the streamable-HTTP transport on a network-reachable port. The AuthInjectionMiddleware silently forwards requests lacking an Authorization or X-PIPEBOARD-API-TOKEN header, tool handlers fall back to the META_ACCESS_TOKEN environment variable, and Graph API error responses echo the request URL - including the token query parameter - back to the caller. A working proof-of-concept is published in GHSA-9gw6-46qc-99vr; no public exploit identified at time of analysis as a separate weaponized tool, but the PoC is sufficient to reproduce end-to-end.
Information disclosure in Spring Web Services (Spring-WS) exposes account lifecycle state - such as locked, disabled, or expired status - to remote unauthenticated SOAP clients through verbose exception messages or callback outcomes during authentication processing. Affected are four actively maintained branches (3.1.x through 5.0.x) when the SOAP layer is integrated with Spring Security; the root cause is CWE-209, where error handling fails to normalize Spring Security's typed account-state exceptions into generic authentication failures. No public exploit code and no CISA KEV listing have been identified at time of analysis; however, the CVSS 5.3 (Medium) rating reflects genuine reconnaissance utility for account enumeration against exposed SOAP endpoints.