Information Disclosure
Monthly
Race condition in NVIDIA GPU Display Driver for Linux allows a high-privileged local attacker to leak sensitive kernel or process memory, producing limited information disclosure alongside potential data tampering and denial of service. Affected product lines span GeForce, RTX/Quadro/NVS, and Tesla GPU families running Linux driver branches prior to 580.159.03 or 595.71.05. No public exploit code exists and this vulnerability is absent from the CISA KEV catalog; an EPSS of 0.01% (1st percentile) and SSVC classification of Exploitation: none together place it at the lowest tier of real-world exploitation priority.
HTTP request smuggling in IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5 and 9.0 allows remote unauthenticated attackers to send specially crafted requests that desynchronize front-end and back-end HTTP parsing. Successful exploitation enables cache poisoning, security control bypass, and limited disclosure or modification of data passing through the plug-in, with a CVSS 7.5 reflecting a Changed scope and high confidentiality impact. There is no public exploit identified at time of analysis, EPSS is low at 0.05% (15th percentile), and CISA SSVC marks exploitation status as none.
Local privilege escalation in NVIDIA Display Driver for Linux (GeForce, RTX/Quadro/NVS, Tesla, and Virtual GPU Manager branches) stems from an incorrect numeric type conversion (CWE-681) that produces a heap buffer overflow. A locally authenticated attacker with low privileges can trigger the flaw to achieve code execution, privilege escalation, information disclosure, data tampering, or denial of service. No public exploit identified at time of analysis, and EPSS is very low (0.01%, 1st percentile), but technical impact per SSVC is total.
Local privilege escalation and code execution in the NVIDIA Display Driver for Linux (GeForce, RTX/Quadro/NVS, Tesla, and vGPU Guest/Manager components) stems from a use-after-free memory corruption flaw (CWE-416) that a local low-privileged user can trigger to compromise the kernel-level driver. The scope-changed CVSS 8.8 score reflects that successful exploitation crosses a trust boundary, potentially yielding code execution, privilege escalation, information disclosure, data tampering, or denial of service. EPSS is 0.01% (1st percentile) and there is no public exploit identified at time of analysis, but a vendor patch is available across all affected branches.
Pre-Account Takeover in Chatwoot's OmniAuth integration affects all releases from 2.14.0 through 4.12.x, allowing an attacker who pre-registers a victim's email address to retain persistent login access after the legitimate owner authenticates via Google OAuth. The OAuth callback controller failed to invalidate attacker-set password credentials when confirming a pre-existing unconfirmed account, leaving the attacker's session viable indefinitely. No public exploit identified at time of analysis and EPSS is 0.04% (12th percentile), consistent with SSVC's 'Exploitation: none' finding, though SSVC rates technical impact as 'total' given the attacker gains full workspace access including PII, API keys, and conversation history.
Stack exhaustion in Autodesk 3ds Max 2026 and 2027 can be triggered by opening a maliciously crafted WRL (VRML) file, causing an application crash and denial-of-service condition for the affected user. Exploitation requires local access and deliberate user interaction - a victim must be socially engineered into opening the weaponized file. No active exploitation is identified; EPSS sits at 0.00% and SSVC exploitation status is confirmed none, placing real-world risk well below what the moderate CVSS score of 5.5 might initially suggest.
Transport encryption downgrade in Joomla! CMS password and username reset workflows causes reset links to be generated with plain HTTP URLs instead of HTTPS when the 'Force SSL' configuration flag is not explicitly enabled. Affected installations span Joomla! 3.9.0 through 5.4.5 and 6.0.0 through 6.1.0, exposing reset tokens to network interception. No public exploit identified at time of analysis, and EPSS scores exploitation probability at 0.02% (5th percentile) despite the 9.8 CVSS rating.
Information disclosure in Joomla! CMS arises because InputFilter::getInstance() builds its instance cache key without including a security-sensitive parameter, allowing a previously cached filter instance to be returned even when a different security posture was requested. Remote unauthenticated attackers can leverage the resulting filter mismatch to retrieve sensitive data (CVSS 7.5, C:H only). No public exploit identified at time of analysis and EPSS is 0.02% (5th percentile), indicating low predicted exploitation in the near term.
Denial of service in Algernon web server versions prior to 1.17.6 stems from a race condition in the Lua handler engine where the sync.RWMutex protecting LoadCommonFunctions is released before L.Push() and L.PCall() execute on the non-goroutine-safe gopher-lua LState. Concurrent HTTP requests corrupt the shared Lua VM state, causing server instability. No public exploit identified at time of analysis, and EPSS is very low (0.04%), but reproduction is trivial under modest load (ab -n 1000 -c 100).
Heap buffer overflow in libsolv allows local attackers to corrupt memory when a vulnerable application processes a maliciously crafted .solv repository metadata file. The flaw stems from insufficient input validation during decompression of attacker-controlled data, enabling information disclosure, control-flow alteration, or denial of service across multiple Red Hat Enterprise Linux releases and SUSE distributions. SSVC marks exploitation as PoC-level with total technical impact, while EPSS remains very low at 0.01%, indicating limited probability of widespread exploitation despite high severity.
Insecure deserialization in NVIDIA Merlin Transformers4Rec on Linux allows a local attacker to achieve code execution, data tampering, and information disclosure by tricking a user into loading a malicious serialized object. The flaw affects all Main-branch commits prior to March 11, 2026, and currently has no public exploit identified at time of analysis, with a very low EPSS score (0.02%) reflecting limited real-world activity. CISA SSVC classifies exploitation as 'none' but technical impact as 'total', placing it firmly in the supply-chain/MLOps risk category rather than a mass-exploitation threat.
Cleartext transmission of sensitive information in NVIDIA Isaac Launchable for Linux (all versions prior to 1.2) exposes credentials or other sensitive data to attackers on the same adjacent network, potentially enabling downstream code execution, privilege escalation, information disclosure, and data tampering. The flaw carries a CVSS 7.5 (High) rating, but exploitation requires adjacent-network access and high attack complexity, and there is no public exploit identified at time of analysis. EPSS is 0.00% and the issue is not on the CISA KEV list.
IBM watsonx.data (IBM Lakehouse) versions 2.2 through 2.3.1 fails to properly restrict inbound and outbound network connections, enabling authenticated low-privilege attackers to transfer or modify files without appropriate authorization controls. The vulnerability carries a CVSS score of 5.4 with network reachability and low attack complexity, though EPSS probability sits at just 0.02% (7th percentile) and SSVC assessment confirms no active exploitation. No public exploit code has been identified at time of analysis, and a vendor-released patch is available via IBM's support portal.
IBM Db2 on Linux, UNIX, and Windows - versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4, including DB2 Connect Server - writes potentially sensitive information into log files readable by local OS users, creating an insider-threat-class confidentiality exposure. The CVSS confidentiality impact is rated High (C:H), but the attack is strictly local (AV:L) and requires only a standard low-privilege OS account (PR:L), making this a post-access or insider-threat scenario rather than an internet-facing risk. No public exploit has been identified at time of analysis, EPSS sits at the 2nd percentile (0.01%), and CISA SSVC records no active exploitation - IBM has released a patch addressed in advisory https://www.ibm.com/support/pages/node/7273554.
Unvalidated jarURI handling in Apache Flink Kubernetes Operator exposes authenticated low-privilege users to server-side request forgery and arbitrary file read primitives against the operator pod. Any Kubernetes principal holding Custom Resource create permissions can submit a malicious FlinkSessionJob CR with a crafted jarURI - pointing to local filesystem paths, internal cloud metadata endpoints, link-local addresses, or any backing store reachable through Flink's pluggable filesystem layer - and retrieve that content via the submitted job. No public exploit has been identified at time of analysis, and EPSS sits at 0.01% (3rd percentile), but the confidentiality impact is rated High by NVD given the breadth of accessible internal resources.
Authenticated SQL injection in OpenKM Community Edition (≤6.3.12) and Professional Edition (≤7.1.47) lets administrative users execute arbitrary SQL against the application database through the /admin/DatabaseQuery endpoint's qs parameter. Publicly available exploit code exists (Exploit-DB 52520 and a Nuclei template from Terra System Labs), enabling dumping of password hashes from OKM_USER, permission tampering, and data destruction. EPSS is very low (0.03%) and the bug requires high privileges (PR:H), so real-world risk is bounded but meaningful for any internet-facing OpenKM instance with weak admin credentials.
Privilege escalation to cluster-wide control in KubeVirt's virt-handler component (as shipped in Red Hat OpenShift Virtualization 4) allows a namespace-scoped OpenShift user with edit permissions to hijack the virt-handler's privileged Unix socket connection via a symlink swap on a virtual machine console socket. Successful exploitation leads to interaction with arbitrary host Unix sockets, including CRI-O, enabling node takeover and cluster compromise. No public exploit identified at time of analysis, and EPSS exploitation probability is low (0.12%, 30th percentile), but CVSS is 9.9 with a scope change reflecting the host/cluster blast radius.
Unauthenticated information disclosure in Check Point Quantum Security Gateway allows remote attackers to read internal files on the appliance when the Identity Awareness blade is configured with Browser-Based Authentication. The flaw maps to CWE-98 (PHP file inclusion) and carries a CVSS 7.5 with confidentiality-only impact; EPSS is low (0.10%) and there is no public exploit identified at time of analysis, but the unauthenticated network reach against a perimeter gateway makes triage urgent for affected deployments.
Denial of service in Check Point Quantum Security Gateway allows remote unauthenticated attackers to crash the VPN processing service by sending specially crafted IKE packets over NAT-T (UDP/4500). Multiple supported releases (R81.10 and below, R81.20, R82, R82.10) are affected up to specific Jumbo Hotfix takes. No public exploit identified at time of analysis, and EPSS is low at 0.06% (17th percentile), suggesting limited near-term exploitation likelihood despite the 8.1 CVSS score.
Business logic abuse in ZTE ZXUniPOS NDS-LTE (versions V24.40.40 and V24.30.40CP02) allows a highly privileged authenticated network attacker to manipulate legitimate application functions in ways unintended by the designer, yielding limited integrity and availability degradation. The CVSS score of 3.8 (Low) combined with an EPSS exploitation probability of 0.03% (7th percentile) and SSVC exploitation status of 'none' collectively indicate minimal immediate real-world threat. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Local File Inclusion in Magentech SW Core WordPress plugin (versions through 1.7.18) allows authenticated remote attackers to coerce the application into including arbitrary PHP files via improperly validated filename input. Successful exploitation results in disclosure of sensitive server-side files and potential code execution under the web server context. No public exploit has been identified at time of analysis, and EPSS exploitation probability is low at 0.11%.
Password field masking is absent in Hitachi Ops Center Analyzer, Ops Center Analyzer viewpoint, and Hitachi Infrastructure Analytics Advisor, exposing plaintext credentials to anyone with physical or visual access to the UI. Affected components include the detail view, probe modules, and Analytics probe modules across a wide version range. No public exploit has been identified at time of analysis, and the EPSS score of 0.02% (4th percentile) reflects negligible automated exploitation probability.
Out-of-bounds read in GNU LibreDWG's read_2004_compressed_section function (src/decode.c) affects all versions through 0.14, allowing a local low-privileged attacker to crash the dwgbmp utility or any LibreDWG-based application by supplying a crafted DWG 2004 file with manipulated section address or size fields. Impact is limited to availability (application crash) with no confirmed confidentiality or integrity exposure per the CVSS 4.0 vector. A publicly available proof-of-concept DWG file exists on GitHub, but EPSS at 0.01% (2nd percentile) and no CISA KEV listing confirm this is not currently subject to widespread exploitation.
Improper type validation in fraillt bitsery's smart pointer deserialization extension exposes applications that process attacker-controlled serialized data to partial confidentiality, integrity, and availability compromise. The vulnerable function loadFromSharedState in include/bitsery/ext/std_smart_ptr.h fails to validate polymorphic type identity before performing reinterpret_cast operations, allowing a remote unauthenticated attacker to supply crafted serialized input that triggers unsafe memory access. A publicly available proof-of-concept exploit exists (GitHub gist), though EPSS remains very low at 0.07% (21st percentile) and this CVE is not listed in CISA KEV, suggesting no observed widespread exploitation at time of analysis.
Memory exhaustion in the Perl Archive::Tar module before version 3.10 lets remote attackers cause a denial of service by supplying a crafted tar archive whose per-entry header declares an arbitrarily large size, which the module trusts and uses to drive allocation before reading. The flaw is unauthenticated and network-reachable (CVSS 7.5, A:H only - no confidentiality or integrity impact) but affects only applications that parse untrusted tarballs with this module. There is no public exploit identified at time of analysis and EPSS is very low (0.02%, 4th percentile); the vendor shipped a fix in 3.10.
PIN lock bypass in SailingLab AppLock 4.3.8 for Android exposes protected applications to anyone with brief physical device access. The root cause is architectural: the lock is implemented as a screen overlay rather than through Android's secure authentication APIs, meaning the underlying apps remain accessible via exposed intent routes triggered through advertisement or browser interactions. An attacker with physical access can navigate cascading UI flows to dismiss or circumvent the overlay entirely, gaining access to locked apps such as Chrome, resulting in information disclosure and unintended privilege escalation. No public exploit is confirmed in CISA KEV, but a researcher disclosure is publicly available on GitHub, and EPSS is negligible at 0.04% (11th percentile), consistent with the physical-access-only attack vector.
PIN lock bypass in Easyelife App Lock 1.9.2 for Android allows a local attacker with physical device access to reach applications that were supposedly secured behind a PIN. The root cause is architectural: the lock is implemented as a UI overlay rather than through Android's native secure authentication APIs (BiometricPrompt, KeyguardManager), meaning it can be circumvented by triggering advertisement or browser intents that cause the app to navigate cascading activity flows, effectively routing around the overlay. EPSS is very low at 0.05% (16th percentile), no public exploit is confirmed in CISA KEV, and a researcher disclosure with likely proof-of-concept steps is publicly available on GitHub.
Out-of-bounds memory read in FastNetMon Community Edition through 1.2.9 exposes sensitive process memory and can crash the collector when processing crafted NetFlow v9 packets. The NetFlow v9 data flowset parser in src/netflow_plugin/netflow_v9_collector.cpp omits the per-iteration boundary check present in the sibling Options template branch, allowing a network-adjacent attacker who can deliver UDP NetFlow v9 packets to the collector to supply malicious template definitions that drive the parser past the end of the packet buffer. No public exploit code or confirmed active exploitation has been identified at time of analysis, but a security researcher blog post at lorikeetsecurity.com documents the code-level flaw, raising the disclosure surface.
Physical-access PIN lock bypass in AppLockZ 4.2.11 for Android exposes protected applications to unauthorized access without valid credentials. The root cause is architectural: the lock mechanism is implemented as a UI overlay rather than through Android's secure authentication APIs, leaving it vulnerable to circumvention via exposed activity routes reachable through advertisement or browser intents. An attacker with physical possession of the device can navigate cascading interface flows to evade lockscreen verification and access apps protected by AppLockZ (e.g., Chrome), resulting in information disclosure. No active exploitation is confirmed in CISA KEV, and the EPSS score of 0.04% reflects minimal real-world exploitation probability at this time.
Local symlink exploitation in FastNetMon Community Edition through 1.2.9 allows a low-privileged local attacker to overwrite arbitrary files as the process user, which is typically root. The statistics output path is hardcoded to the predictable world-accessible location /tmp/fastnetmon.dat, written via std::ios::trunc without O_NOFOLLOW or symlink validation, and the daemon sets umask to 0 at startup making all created files world-writable. A secondary chmod() bug further misapplies permissions to the wrong path. No public exploit has been identified at time of analysis and EPSS sits at the 4th percentile, but the typical root execution context makes this a reliable local privilege escalation primitive despite the moderate CVSS score.
Out-of-bounds read in FastNetMon Community Edition through 1.2.9 exposes network monitoring infrastructure to unauthenticated remote attack via malformed NetFlow v9 UDP packets. The vulnerability resides in the options template parser (process_netflow_v9_options_template()), where attacker-controlled length fields - option_scope_length and option_length - drive iteration loops with no bounds validation, enabling reads past the end of the UDP packet buffer. With a CVSS vector of AV:N/AC:L/PR:N/UI:N and SSVC automatable:yes, mass exploitation is technically feasible, though EPSS sits at 0.03% (9th percentile) and no public exploit or KEV listing has been identified at time of analysis.
Out-of-bounds read in FastNetMon Community Edition through 1.2.9 allows remote unauthenticated attackers to leak adjacent process memory by sending crafted BGP UPDATE messages containing malformed MP_REACH_NLRI IPv6 attributes. The flaw resides in decode_mp_reach_ipv6() where attacker-controlled length fields drive memcpy operations without bounds validation, and is acknowledged by an in-source TODO comment by the maintainer. No public exploit identified at time of analysis, EPSS is low (0.03%), and CISA SSVC classifies exploitation as 'none' but 'automatable: yes', meaning weaponization is technically straightforward if a threat actor invests effort.
Man-in-the-middle interception of telemetry traffic affects FastNetMon Community Edition through version 1.2.9 due to missing TLS certificate validation in outbound HTTPS connections. Network-positioned attackers can intercept, modify, or redirect telemetry data sent to community-stats.fastnetmon.com - including system fingerprints, kernel version, traffic statistics, and configuration details - and potentially serve malicious responses. EPSS is very low (0.01%), and there is no public exploit identified at time of analysis, though a technical write-up by Lorikeet Security details the root cause.
Missing Authorization in the SePay Gateway WordPress plugin (versions through 1.1.20) permits any authenticated low-privileged user to retrieve embedded sensitive data without proper access checks. The flaw is classified under CWE-862 and carries a CVSS confidentiality impact of High, meaning payment or configuration secrets stored within the plugin can be exposed to unauthorized parties. No public exploit has been identified at time of analysis, and CISA SSVC rates exploitation as none with non-automatable risk, indicating limited active threat at present.
Out-of-bounds read in GNU LibreDWG's dwggrep utility exposes heap memory when processing maliciously crafted DWG files containing LTYPE objects with unterminated wide-character dash text strings. Affected versions span 0.1 through 0.14 (CPE: cpe:2.3:a:gnu:libredwg). A local authenticated attacker can trigger partial information disclosure by supplying a crafted DWG file to the dwggrep command-line tool; a public proof-of-concept DWG payload exists, though EPSS of 0.01% (2nd percentile) and absence from CISA KEV indicate no widespread exploitation activity at time of analysis.
Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected versions, Shiro-native session manager, as well as Remember-Me manager sends JSESSIONID and rememberMe cookies without 'secure' attribute by default.
Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected versions, when a session already exists, it is not invalidated upon successful login, nor is a new session being generated with a new ID.
PuTTY's trust sigil mechanism - the application icon displayed to distinguish legitimate remote TELNET output from locally-injected spoofed content - fails to reset trust state between proxy authentication and the start of the main TELNET session in versions 0.77 through 0.83. Under CWE-451 (UI Misrepresentation of Critical Information), an attacker positioned to control or influence a TELNET proxy could present deceptive terminal content to the user bearing the trusted indicator, achieving low-integrity impact by misleading the user about the source or authenticity of displayed data. No public exploit exists, EPSS is 0.03% (9th percentile), CISA SSVC rates exploitation as none, and the overall CVSS score is 3.1 (Low), reflecting high attack complexity and narrow real-world applicability.
Double free in PuTTY's RSA key exchange implementation affects versions 0.72 through 0.83, creating a memory corruption condition that can crash the client when connecting to a server that negotiates RSA KEX. The CVSS vector (AV:N/AC:H/PR:N/UI:N/A:L) reflects a network-reachable but high-complexity trigger with only limited availability impact, consistent with a difficult-to-reproduce crash rather than reliable code execution. No active exploitation is confirmed per CISA KEV, SSVC reports exploitation status as none, and EPSS sits at 0.04% (12th percentile), indicating low real-world exploitation pressure at time of analysis.
Server-side template injection (SSTI) in Dromara lamp-cloud versions 5.6.0 through 5.6.2 exposes the Message Template Handler to remote exploitation by authenticated low-privileged users who can inject malicious Groovy expressions via the DefMsgTemplate.content parameter. The vulnerable function GroovyClassLoader.parseClass compiles and executes attacker-controlled input as Groovy code at runtime. A public proof-of-concept exploit has been disclosed on GitHub, and the vendor has not responded to the coordinated disclosure, leaving no official patch available at time of analysis.
Remote image blocking in Roundcube Webmail 1.6.x and 1.7.x can be silently bypassed by embedding a crafted CSS var() expression in an HTML email, causing the victim's browser to fetch attacker-controlled external resources despite the privacy control being active. This leads to information disclosure - including IP address leakage and email-open tracking - and potential access-control bypass. No public exploit has been identified at time of analysis and EPSS is very low (0.03%), but SSVC rates this 'Automatable: yes,' making mass-scale email tracking campaigns feasible against unpatched Roundcube deployments.
Remote image blocking bypass in Roundcube Webmail allows unauthenticated network attackers to embed HTML email image tags pointing to local or private network destinations, causing the server to fetch those resources despite the 'block remote images' policy being active. Affected versions are 1.6.14 through 1.6.15 and 1.7.0, with vendor-released patches 1.6.16 and 1.7.1 available since May 2026 per the official advisory. No public exploit has been identified at time of analysis and EPSS is very low at 0.03%, though SSVC rates technical impact as total - a notable discrepancy that warrants attention for deployments where the mail server has internal network access.
Server-Side Request Forgery and information disclosure in Roundcube Webmail 1.6.14-1.6.15 and 1.7.0 allows remote attackers to force the webmail server to fetch internal network resources by embedding malicious stylesheet links in HTML email messages. The flaw is a regression of CVE-2026-35540 caused by insufficient CSS sanitization, and while no public exploit identified at time of analysis, the EPSS score sits at a low 0.03% (9th percentile) despite the vulnerability being trivially triggerable by sending a crafted email.
Malicious JEXL expression injection in Apache Syncope's Derived Schema feature enables privileged information disclosure across administrative roles. An administrator holding entitlements over Derived Schemas can embed a crafted JEXL expression that, when evaluated in the context of another administrator's User read operation, exposes security-sensitive User attributes that would not normally be accessible. Affected versions span three release lines (3.0.x through 3.0.16, 4.0.x through 4.0.5, and 4.1.0); no active exploitation is confirmed (no CISA KEV listing) and the EPSS score of 0.02% places this in the 4th percentile for exploitation probability.
Code execution via Groovy sandbox bypass in Apache Syncope 3.0 through 3.0.16, 4.0 through 4.0.5, and 4.1.0 allows a high-privileged administrator holding Implementations entitlements to run untrusted code outside the sandbox. By placing payload logic in a Groovy class static initializer, the attacker reaches a non-sandboxed execution path, yielding full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and EPSS is very low (0.02%, 6th percentile), consistent with a privilege-gated, not mass-scanned, issue.
Weak password recovery in Tiandy Easy7 Integrated Management Platform 7.17.0 exposes the `/rest/user/updateUserPassword` API endpoint to unauthenticated remote manipulation, enabling an attacker to interfere with the password update process and achieve unauthorized integrity impact on user credentials (CWE-640). The CVSS 4.0 vector confirms unauthenticated network access with no prerequisites, and a public exploit has been disclosed via Feishu documentation. Despite the public POC, EPSS sits at 0.03% (8th percentile), indicating no widespread automated exploitation has been observed; the vendor did not respond to coordinated disclosure, leaving the flaw unpatched.
Firefox for iOS misrepresents attacker-controlled domains as trusted origins through improper rendering of right-to-left Unicode characters and internationalized domain names (IDNs) in the link preview UI surface, enabling a spoofing/phishing attack against users on any iOS version prior to 151.1. The CVSS vector (PR:N/UI:R) indicates unauthenticated network-reachable exploitation contingent on user interaction with a crafted link. EPSS at the 5th percentile and SSVC exploitation status of 'none' confirm no active exploitation or public exploit code has been identified at time of analysis, positioning this as a targeted phishing risk rather than a broad automated threat.
Credential leakage in the hackney Erlang HTTP client library (versions 3.1.1 through before 4.0.1) allows a malicious or compromised redirect target to capture Authorization, Cookie, and Proxy-Authorization headers forwarded verbatim by the HTTP/3 redirect handler. The hackney_h3.erl module, introduced for HTTP/3 support, omitted the cross-origin credential-stripping logic (maybe_strip_auth_on_redirect/2) that was added to the main hackney.erl module following CVE-2018-1000007, creating a feature-parity gap exploitable when clients use follow_redirect with HTTP/3 and credential headers. No active exploitation is confirmed (not in CISA KEV), but SSVC assessment confirms a proof-of-concept exists; EPSS is low at 0.04% (13th percentile), consistent with targeted rather than opportunistic exploitation.
Man-in-the-middle exposure in Apache Airflow's `apache-airflow-providers-google` package (versions prior to 22.0.0) stems from the `ComputeEngineSSHHook` shipping with `paramiko.AutoAddPolicy` as its default missing-host-key policy, silently trusting any SSH host key presented by a Compute Engine VM. An in-path network attacker positioned between the Airflow worker and the GCE instance can intercept or tamper with the SSH session, exposing credentials, DAG-driven commands, and transferred data. No public exploit identified at time of analysis and EPSS is very low (0.02%), but technical impact is rated total by SSVC.
Tarball unpacking in Rust's Cargo package manager fails to reject symlinks within downloaded crate archives, enabling a malicious crate hosted on a third-party registry to overwrite source files belonging to other crates in the victim's local registry cache. The attack requires no privileges on the attacker side (PR:N per CVSS 4.0) but passive user interaction (UI:P) - specifically, a developer running any Cargo command that triggers crate download and extraction. While crates.io users are explicitly unaffected (that registry enforces a server-side symlink prohibition), users of any third-party Cargo registry are at risk of supply chain source substitution; no public exploit has been identified at time of analysis, and EPSS is very low at 0.04%.
Credential leakage in Cargo's sparse index registry URL normalization affects all Cargo releases from 1.68 through 1.96. The flaw caused Cargo to incorrectly apply git-registry canonicalization rules - specifically, stripping `.git` suffixes and lowercasing GitHub paths - to sparse index protocol URLs (prefixed with `sparse+`). This allowed two distinct sparse registry URLs that differed only by a `.git` suffix to resolve to the same canonical identifier, meaning credentials configured for one registry could be transmitted to a different, attacker-controlled registry on the same domain. No public exploit identified at time of analysis; EPSS is 0.04% (12th percentile), consistent with the vendor-assessed low severity and SSVC exploitation status of none.
Resource injection in yashpokharna2555's StudentManagementSystem allows low-privileged remote attackers to manipulate the ID parameter in courseDel.php to control which course records are deleted or affected, resulting in unauthorized data integrity and availability impact. The flaw affects the specific git commit cb2f558ddf8d19396de0f92abf2d224d46a0a203 and exploit code is publicly available via a GitHub issue. No patch has been released, and the project maintainer has not responded to the disclosure.
Credential exposure in Gallagher Command Centre Service installers writes Service Account credentials into installer log files under %programdata%\Gallagher\Command Centre, allowing a local low-privileged user who can read those logs to recover the configured Service Account password. The flaw (CWE-532) affects a broad set of Gallagher Command Centre components including Command Centre Server, Active Directory Sync, Entra ID Sync, Elevator Service, Middleware Framework and others, but only when the operator deviated from the default Network Service account during install. There is no public exploit identified at time of analysis and EPSS is 0.01%, but a successful read yields high-impact credential compromise of a privileged service identity.
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap sandboxes, because MIME handlers are not intended for use by code interpreters and loaders. NOTE: some parties feel that this is not a bug to be addressed in Wine, because there is no known solution that avoids a severe loss of usability (Wine could be a binfmt-misc handler, but binfmt-misc does not exist on all platforms supported by Wine).
Cleartext credential exposure in the Besen BS20 EV Charging Station's BLE and UDP interfaces allows an adjacent-network attacker with low privileges to intercept authentication material transmitted without adequate protection. All firmware versions up to 20260426 are affected per EUVD-2026-31547 and NVD CPE data. Publicly available exploit code exists per a researcher's GitHub disclosure; however, no CISA KEV listing and an EPSS of 0.01% (3rd percentile) indicate no confirmed widespread exploitation at time of analysis.
Weak password requirements in the Bluetooth Low Energy (BLE) handler of the Besen BS20 EV Charging Station (firmware up to 20260426) expose the device to credential brute-forcing from adjacent-network attackers within Bluetooth range. The flaw, catalogued under CWE-521, results in limited confidentiality impact (VC:L in CVSS 4.0) with no integrity or availability consequences, yielding an overall CVSS 4.0 score of 1.3. Publicly available exploit code exists (E:P in CVSS vector, GitHub PoC at carfeii/besen), though EPSS sits at 0.01% (2nd percentile), and no active exploitation has been confirmed by CISA KEV. Besen acknowledged the report as of April 2026 but no patched firmware version has been released.
Cryptographic salt generation in Jasypt Spring Boot library (versions ≤3.0.5 and ≤4.0.4) uses predictable values, enabling offline password cracking attacks against encrypted configuration properties. The SimpleGCMConfig class's getSecretKeySaltGenerator function generates salts without sufficient entropy, reducing the computational cost for attackers who obtain encrypted passwords to derive plaintext through dictionary or brute-force attacks. Public exploit code exists (POC available) with EPSS indicating low probability of widespread exploitation (3.7 CVSS, AC:H). Vendor has not responded to responsible disclosure as of analysis date.
Local privilege escalation in NousResearch hermes-agent 2026.4.23 allows authenticated local users to manipulate plugin discovery logic via HERMES_ENABLE_PROJECT_PLUGINS environment variable, resulting in unauthorized information disclosure and potential integrity compromise of the CLI web-dashboard interface. Publicly available exploit code exists (EPSS data not provided, not listed in CISA KEV). The vendor did not respond to responsible disclosure attempts, leaving remediation status uncertain.
Remote sandbox escape in NousResearch hermes-agent versions up to 2026.4.16 allows unauthenticated attackers to manipulate environment variables through the code execution tool, potentially breaking out of the intended security sandbox. The vulnerability has publicly available exploit code and the vendor has not responded to disclosure attempts, leaving systems unpatched.
Uncontrolled recursion in PostCSS up to 7.1.1 allows remote attackers to trigger denial of service via crafted CSS input requiring user interaction. The vulnerability resides in the toString function of AST serialization logic (src/selectors/container.js). Publicly available exploit code exists (EPSS exploitation probability should be assessed). Vendor considers this low-risk since most users compile their own CSS rather than processing untrusted user-generated CSS, indicating limited real-world attack surface in typical deployment scenarios.
Improper output escaping in NousResearch Hermes Agent versions up to 2026.4.16 allows remote unauthenticated attackers to manipulate message formatting in Slack and Mattermost integrations, potentially leading to information disclosure and service disruption. The vulnerability is exploitable via crafted format_message arguments with low attack complexity and requires no user interaction. Public exploit code is available via GitHub Gist. The vendor did not respond to early disclosure attempts, and no patch availability is documented.
Remote injection vulnerability in NousResearch hermes-agent versions up to 2026.4.23 enables unauthenticated attackers to inject malicious payloads through the Skills Guard component's multi-word prompt handling mechanism. The vulnerability has publicly available exploit code and allows attackers to achieve limited confidentiality, integrity, and availability impacts without user interaction. Despite early vendor notification, no response or patch has been provided.
Information disclosure in NousResearch hermes-agent allows remote unauthenticated attackers to extract sensitive data via crafted requests to the Messaging Gateway Handler's environment configuration function. The vulnerability affects versions up to 2026.4.23 with publicly available exploit code demonstrating the attack. EPSS data not provided, but public POC availability increases immediate risk. Vendor has not responded to disclosure, suggesting no official patch timeline.
Information disclosure in Cal.com cal.diy up to version 4.9.4 allows remote unauthenticated attackers to access sensitive booking data through manipulation of cancelledBy/rescheduledBy parameters in the bookings single view API endpoint. The vulnerability affects the Generic React API's getServerSideProps function, enabling unauthorized retrieval of booking-related information. Public exploit code exists demonstrating the attack technique, and the vendor has not responded to coordinated disclosure attempts, leaving users at elevated risk until patches are self-applied.
D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Memory corruption and potential information disclosure in the Linux kernel networking stack (skbuff) occurs because skb_try_coalesce() fails to propagate the SKBFL_SHARED_FRAG marker when transferring paged fragments between socket buffers. The flaw breaks an invariant relied upon by IPsec ESP input processing, which may then decrypt data in-place over page-cache-backed fragments belonging to other contexts. No public exploit identified at time of analysis, EPSS sits at 0.02%, and the issue is patched across multiple stable trees.
Unauthorized order manipulation and information disclosure in the WooCommerce PayPal Payments WordPress plugin (versions through 4.0.1) allows remote unauthenticated attackers to abuse two WC-AJAX endpoints (ppc-create-order and ppc-get-order) that lack authorization checks. By chaining these endpoints, an attacker can create a PayPal order against any victim's WooCommerce order ID and then retrieve full PayPal order details including payer information and shipping data. No public exploit identified at time of analysis, but the plugin's broad e-commerce deployment and trivial attack complexity make this a credible target.
Privilege escalation in the WishList Member WordPress plugin versions up to 3.30.1 allows authenticated low-privilege users to obtain the REST API Secret Key via the unprotected 'export_settings' AJAX endpoint and leverage it to register arbitrary administrator accounts. The CVSS 8.8 (High) rating reflects full confidentiality, integrity, and availability impact, and while no public exploit is identified at time of analysis, the discovery by Wordfence - a major WordPress security vendor - typically precedes broader exploitation against the large WordPress plugin ecosystem.
Cross-tenant server telemetry disclosure in Nezha Monitoring's WebSocket endpoint allows any authenticated non-admin member to receive live infrastructure data for all servers on the platform, regardless of ownership. The dashboard's `/api/v1/ws/server` WebSocket handler (`ws.go:123-139`) uses a binary member/guest switch instead of per-object `HasPermission` checks, bypassing the object-level authorization that correctly governs the REST API. An authenticated member exploiting this can continuously stream CPU/GPU metrics, memory and disk usage, network transfer rates, agent versions, and uptime for servers belonging to other tenants. No public exploit or CISA KEV listing identified at time of analysis, though the GitHub advisory (GHSA-hvv7-hfrh-7gxj) includes a detailed static proof-of-concept.
Information disclosure in Microsoft Azure Compute Gallery permits an authenticated remote attacker to read sensitive data across tenant or resource boundaries due to improper input validation (CWE-20). The scope-changed CVSS 7.7 rating reflects cross-boundary impact, but the exploit maturity is currently unproven (E:U) and no public exploit identified at time of analysis. Microsoft has published an official fix via MSRC.
Remote code execution in Microsoft Azure Virtual Network Gateway allows an authenticated attacker with low privileges to execute arbitrary code across a network boundary due to improper input validation. The CVSS 9.9 score reflects scope-changed impact (S:C) where exploitation can compromise resources beyond the vulnerable component itself, affecting confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the high score and managed-service nature warrant priority attention.
Heap-buffer-overflow in libheif 1.21.2 and prior exposes any application parsing untrusted HEIF sequence files to an out-of-bounds read during file ingestion, with potential for heap memory disclosure or process crash. The flaw is triggered the moment a victim opens a crafted file - no additional interaction beyond file opening is required - making it a practical threat in desktop image viewers, browsers, and media pipelines that embed libheif. No public exploit has been identified at time of analysis, EPSS sits at 0.04% (11th percentile), and a vendor-released patch (v1.22.0) is available, keeping real-world exploitation risk currently assessed as low-moderate despite the memory-corruption class.
Out-of-bounds read in libheif versions 1.21.2 and prior crashes any application that parses attacker-controlled HEIF sequence files, resulting in denial of service. The defect lives in the SampleAuxInfoReader constructor, which enters its processing loop when saiz.sample_count > 0 even though stco.entry_count == 0 left the chunks vector empty; dereferencing chunks[0] then triggers the crash. No public exploit code has been identified at time of analysis, but the attack requires only that a user open or process a specially crafted HEIF file, making it relevant wherever libheif is embedded in image-handling applications (browsers, media libraries, operating-system image stacks). Vendor-released patch v1.22.0 is available.
An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full administrative control of the affected device, potentially impacting on confidentiality, integrity, and availability.
authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, authenticated non-admin users with at least one OAuth2 access token can retrieve the client_secret of confidential OAuth2 providers they have previously authenticated against, exposing sensitive information to users without the correct permissions. This logic is GET /api/v3/oauth2/access_tokens/. The API response includes a nested provider object containing client_id and client_secret for providers configured with client_type: confidential, which should not be accessible to low-privilege users. This issue has been fixed in versions 2025.12.5 and 2026.2.3.
Insecure Direct Object Reference (IDOR) in Typebot's getResultLogs API endpoint allows any authenticated user to read execution logs belonging to other workspaces by supplying an arbitrary victim resultId alongside their own authorized typebotId. The endpoint authorizes the caller by typebotId but fetches log records by resultId alone, skipping cross-ownership validation that all peer endpoints in the same router correctly enforce. Exploitation exposes sensitive runtime data including HTTP response bodies, AI model outputs, and webhook payloads. No public exploit or CISA KEV listing has been identified at time of analysis, but the straightforward nature of the IDOR - requiring only a valid session and a guessed or enumerated resultId - makes unauthorized data access realistic for any authenticated platform user.
Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user with access to a sealed entry to retrieve its sensitive data without triggering the unseal audit notification via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier
Unverified password change in Devolutions Server allows an attacker to change a user's password without providing the previous one via a crafted password change request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier
Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to administrators via a crafted export request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier
Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.
Improper certificate validation in Dell PowerFlex Manager version 4.6.2 and earlier allows an unauthenticated attacker on an adjacent network to intercept and tamper with protected communications. The flaw (CWE-295) means the product fails to adequately verify peer certificates during TLS/SSL exchanges, enabling a man-in-the-middle position to read or modify in-transit management data. No active exploitation is confirmed (not listed in CISA KEV), and no public exploit code has been identified at time of analysis.
Unprotected credential transport in syslink software AG Avantra before version 25.3.0 exposes authentication material to network-layer interception on both Linux and Windows deployments. The vulnerability, classified under CWE-523, allows a suitably positioned network adversary to capture credentials in transit, with the CVSS vector indicating high confidentiality and integrity impact upon successful exploitation. No public exploit code and no CISA KEV listing have been identified at time of analysis, and the high attack complexity and high privilege prerequisite meaningfully constrain the realistic attacker population.
Default credential exposure in syslink software AG Avantra (all versions before 25.3.0) on Linux and Windows allows a local attacker with high-privilege access to authenticate using known default passwords, achieving high confidentiality impact against monitoring data and infrastructure configurations managed by the platform. Reported by NCSC.ch and addressed in version 25.3.0, this CWE-1393 flaw represents an insider threat or post-compromise lateral movement risk for organizations running Avantra in SAP and IT operations environments. No public exploit code has been identified and the vulnerability is not listed in CISA KEV at time of analysis.
Sensitive information disclosure in syslink software AG Avantra (versions before 25.3.0) on Linux and Windows allows an attacker with high privileges and adjacent network access to harvest data written into log files, with a scope-changed impact crossing trust boundaries. The flaw is tracked as CWE-532 and rated CVSS 7.5, but no public exploit identified at time of analysis and it is not listed in CISA KEV.
Heap buffer over-read in ImageMagick's distributed pixel cache server affects all Magick.NET NuGet package variants prior to version 14.12.0. An attacker with the ability to connect to a running `magick -distribute-cache` service can trigger an out-of-bounds read (CWE-125) in the server process, resulting in high-severity confidentiality impact (memory disclosure) and availability impact (potential crash). No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the CVSS score of 5.7 reflects meaningful mitigating constraints: high attack complexity and high privileges required per the vector.
Information disclosure in Magick.NET's distributed pixel cache server exposes sensitive pixel data due to the absence of a challenge-response authentication model on the cache service. All Magick.NET NuGet packages (Q16, Q16-HDRI, and OpenMP variants across AnyCPU, x64, x86, arm64 architectures) prior to version 14.12.0 are affected. A highly privileged local attacker meeting the high-complexity conditions of this vulnerability could read pixel cache contents belonging to other processes, leaking potentially sensitive image data. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Session replay weakness in syslink software AG's Avantra monitoring platform (versions before 25.3.1) on Linux and Windows allows remote attackers to reuse captured session identifiers because sessions are not properly expired. With CVSS 9.6 and scope change, an attacker who obtains a valid session ID can impersonate users and pivot into systems Avantra manages; no public exploit identified at time of analysis.
File descriptor hijacking in ImageMagick's distributed pixel cache server (magick -distribute-cache) exposes sensitive data via a race condition exploitable by a privileged local attacker. Affected are all Magick.NET NuGet packages across Q16, Q16-HDRI, OpenMP, and ARM64 variants prior to version 14.12.0. Successful exploitation yields high-confidentiality impact - an attacker can read file descriptors belonging to the server process - though no public exploit code exists and this is not currently listed in the CISA KEV catalog.
Incorrect Privilege Assignment in Dell PowerFlex Manager version 4.6.2 and earlier (both Appliance and Rack form factors) allows a low-privileged local attacker to escalate their privileges, impacting confidentiality, integrity, and availability at a low level each (CVSS 5.3 Medium, CWE-266). Dell has published dual advisories (DSA-2025-434 and DSA-2025-435) addressing the Appliance and Rack variants respectively. No public exploit code and no active exploitation have been identified at time of analysis.
Race condition in NVIDIA GPU Display Driver for Linux allows a high-privileged local attacker to leak sensitive kernel or process memory, producing limited information disclosure alongside potential data tampering and denial of service. Affected product lines span GeForce, RTX/Quadro/NVS, and Tesla GPU families running Linux driver branches prior to 580.159.03 or 595.71.05. No public exploit code exists and this vulnerability is absent from the CISA KEV catalog; an EPSS of 0.01% (1st percentile) and SSVC classification of Exploitation: none together place it at the lowest tier of real-world exploitation priority.
HTTP request smuggling in IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5 and 9.0 allows remote unauthenticated attackers to send specially crafted requests that desynchronize front-end and back-end HTTP parsing. Successful exploitation enables cache poisoning, security control bypass, and limited disclosure or modification of data passing through the plug-in, with a CVSS 7.5 reflecting a Changed scope and high confidentiality impact. There is no public exploit identified at time of analysis, EPSS is low at 0.05% (15th percentile), and CISA SSVC marks exploitation status as none.
Local privilege escalation in NVIDIA Display Driver for Linux (GeForce, RTX/Quadro/NVS, Tesla, and Virtual GPU Manager branches) stems from an incorrect numeric type conversion (CWE-681) that produces a heap buffer overflow. A locally authenticated attacker with low privileges can trigger the flaw to achieve code execution, privilege escalation, information disclosure, data tampering, or denial of service. No public exploit identified at time of analysis, and EPSS is very low (0.01%, 1st percentile), but technical impact per SSVC is total.
Local privilege escalation and code execution in the NVIDIA Display Driver for Linux (GeForce, RTX/Quadro/NVS, Tesla, and vGPU Guest/Manager components) stems from a use-after-free memory corruption flaw (CWE-416) that a local low-privileged user can trigger to compromise the kernel-level driver. The scope-changed CVSS 8.8 score reflects that successful exploitation crosses a trust boundary, potentially yielding code execution, privilege escalation, information disclosure, data tampering, or denial of service. EPSS is 0.01% (1st percentile) and there is no public exploit identified at time of analysis, but a vendor patch is available across all affected branches.
Pre-Account Takeover in Chatwoot's OmniAuth integration affects all releases from 2.14.0 through 4.12.x, allowing an attacker who pre-registers a victim's email address to retain persistent login access after the legitimate owner authenticates via Google OAuth. The OAuth callback controller failed to invalidate attacker-set password credentials when confirming a pre-existing unconfirmed account, leaving the attacker's session viable indefinitely. No public exploit identified at time of analysis and EPSS is 0.04% (12th percentile), consistent with SSVC's 'Exploitation: none' finding, though SSVC rates technical impact as 'total' given the attacker gains full workspace access including PII, API keys, and conversation history.
Stack exhaustion in Autodesk 3ds Max 2026 and 2027 can be triggered by opening a maliciously crafted WRL (VRML) file, causing an application crash and denial-of-service condition for the affected user. Exploitation requires local access and deliberate user interaction - a victim must be socially engineered into opening the weaponized file. No active exploitation is identified; EPSS sits at 0.00% and SSVC exploitation status is confirmed none, placing real-world risk well below what the moderate CVSS score of 5.5 might initially suggest.
Transport encryption downgrade in Joomla! CMS password and username reset workflows causes reset links to be generated with plain HTTP URLs instead of HTTPS when the 'Force SSL' configuration flag is not explicitly enabled. Affected installations span Joomla! 3.9.0 through 5.4.5 and 6.0.0 through 6.1.0, exposing reset tokens to network interception. No public exploit identified at time of analysis, and EPSS scores exploitation probability at 0.02% (5th percentile) despite the 9.8 CVSS rating.
Information disclosure in Joomla! CMS arises because InputFilter::getInstance() builds its instance cache key without including a security-sensitive parameter, allowing a previously cached filter instance to be returned even when a different security posture was requested. Remote unauthenticated attackers can leverage the resulting filter mismatch to retrieve sensitive data (CVSS 7.5, C:H only). No public exploit identified at time of analysis and EPSS is 0.02% (5th percentile), indicating low predicted exploitation in the near term.
Denial of service in Algernon web server versions prior to 1.17.6 stems from a race condition in the Lua handler engine where the sync.RWMutex protecting LoadCommonFunctions is released before L.Push() and L.PCall() execute on the non-goroutine-safe gopher-lua LState. Concurrent HTTP requests corrupt the shared Lua VM state, causing server instability. No public exploit identified at time of analysis, and EPSS is very low (0.04%), but reproduction is trivial under modest load (ab -n 1000 -c 100).
Heap buffer overflow in libsolv allows local attackers to corrupt memory when a vulnerable application processes a maliciously crafted .solv repository metadata file. The flaw stems from insufficient input validation during decompression of attacker-controlled data, enabling information disclosure, control-flow alteration, or denial of service across multiple Red Hat Enterprise Linux releases and SUSE distributions. SSVC marks exploitation as PoC-level with total technical impact, while EPSS remains very low at 0.01%, indicating limited probability of widespread exploitation despite high severity.
Insecure deserialization in NVIDIA Merlin Transformers4Rec on Linux allows a local attacker to achieve code execution, data tampering, and information disclosure by tricking a user into loading a malicious serialized object. The flaw affects all Main-branch commits prior to March 11, 2026, and currently has no public exploit identified at time of analysis, with a very low EPSS score (0.02%) reflecting limited real-world activity. CISA SSVC classifies exploitation as 'none' but technical impact as 'total', placing it firmly in the supply-chain/MLOps risk category rather than a mass-exploitation threat.
Cleartext transmission of sensitive information in NVIDIA Isaac Launchable for Linux (all versions prior to 1.2) exposes credentials or other sensitive data to attackers on the same adjacent network, potentially enabling downstream code execution, privilege escalation, information disclosure, and data tampering. The flaw carries a CVSS 7.5 (High) rating, but exploitation requires adjacent-network access and high attack complexity, and there is no public exploit identified at time of analysis. EPSS is 0.00% and the issue is not on the CISA KEV list.
IBM watsonx.data (IBM Lakehouse) versions 2.2 through 2.3.1 fails to properly restrict inbound and outbound network connections, enabling authenticated low-privilege attackers to transfer or modify files without appropriate authorization controls. The vulnerability carries a CVSS score of 5.4 with network reachability and low attack complexity, though EPSS probability sits at just 0.02% (7th percentile) and SSVC assessment confirms no active exploitation. No public exploit code has been identified at time of analysis, and a vendor-released patch is available via IBM's support portal.
IBM Db2 on Linux, UNIX, and Windows - versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4, including DB2 Connect Server - writes potentially sensitive information into log files readable by local OS users, creating an insider-threat-class confidentiality exposure. The CVSS confidentiality impact is rated High (C:H), but the attack is strictly local (AV:L) and requires only a standard low-privilege OS account (PR:L), making this a post-access or insider-threat scenario rather than an internet-facing risk. No public exploit has been identified at time of analysis, EPSS sits at the 2nd percentile (0.01%), and CISA SSVC records no active exploitation - IBM has released a patch addressed in advisory https://www.ibm.com/support/pages/node/7273554.
Unvalidated jarURI handling in Apache Flink Kubernetes Operator exposes authenticated low-privilege users to server-side request forgery and arbitrary file read primitives against the operator pod. Any Kubernetes principal holding Custom Resource create permissions can submit a malicious FlinkSessionJob CR with a crafted jarURI - pointing to local filesystem paths, internal cloud metadata endpoints, link-local addresses, or any backing store reachable through Flink's pluggable filesystem layer - and retrieve that content via the submitted job. No public exploit has been identified at time of analysis, and EPSS sits at 0.01% (3rd percentile), but the confidentiality impact is rated High by NVD given the breadth of accessible internal resources.
Authenticated SQL injection in OpenKM Community Edition (≤6.3.12) and Professional Edition (≤7.1.47) lets administrative users execute arbitrary SQL against the application database through the /admin/DatabaseQuery endpoint's qs parameter. Publicly available exploit code exists (Exploit-DB 52520 and a Nuclei template from Terra System Labs), enabling dumping of password hashes from OKM_USER, permission tampering, and data destruction. EPSS is very low (0.03%) and the bug requires high privileges (PR:H), so real-world risk is bounded but meaningful for any internet-facing OpenKM instance with weak admin credentials.
Privilege escalation to cluster-wide control in KubeVirt's virt-handler component (as shipped in Red Hat OpenShift Virtualization 4) allows a namespace-scoped OpenShift user with edit permissions to hijack the virt-handler's privileged Unix socket connection via a symlink swap on a virtual machine console socket. Successful exploitation leads to interaction with arbitrary host Unix sockets, including CRI-O, enabling node takeover and cluster compromise. No public exploit identified at time of analysis, and EPSS exploitation probability is low (0.12%, 30th percentile), but CVSS is 9.9 with a scope change reflecting the host/cluster blast radius.
Unauthenticated information disclosure in Check Point Quantum Security Gateway allows remote attackers to read internal files on the appliance when the Identity Awareness blade is configured with Browser-Based Authentication. The flaw maps to CWE-98 (PHP file inclusion) and carries a CVSS 7.5 with confidentiality-only impact; EPSS is low (0.10%) and there is no public exploit identified at time of analysis, but the unauthenticated network reach against a perimeter gateway makes triage urgent for affected deployments.
Denial of service in Check Point Quantum Security Gateway allows remote unauthenticated attackers to crash the VPN processing service by sending specially crafted IKE packets over NAT-T (UDP/4500). Multiple supported releases (R81.10 and below, R81.20, R82, R82.10) are affected up to specific Jumbo Hotfix takes. No public exploit identified at time of analysis, and EPSS is low at 0.06% (17th percentile), suggesting limited near-term exploitation likelihood despite the 8.1 CVSS score.
Business logic abuse in ZTE ZXUniPOS NDS-LTE (versions V24.40.40 and V24.30.40CP02) allows a highly privileged authenticated network attacker to manipulate legitimate application functions in ways unintended by the designer, yielding limited integrity and availability degradation. The CVSS score of 3.8 (Low) combined with an EPSS exploitation probability of 0.03% (7th percentile) and SSVC exploitation status of 'none' collectively indicate minimal immediate real-world threat. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Local File Inclusion in Magentech SW Core WordPress plugin (versions through 1.7.18) allows authenticated remote attackers to coerce the application into including arbitrary PHP files via improperly validated filename input. Successful exploitation results in disclosure of sensitive server-side files and potential code execution under the web server context. No public exploit has been identified at time of analysis, and EPSS exploitation probability is low at 0.11%.
Password field masking is absent in Hitachi Ops Center Analyzer, Ops Center Analyzer viewpoint, and Hitachi Infrastructure Analytics Advisor, exposing plaintext credentials to anyone with physical or visual access to the UI. Affected components include the detail view, probe modules, and Analytics probe modules across a wide version range. No public exploit has been identified at time of analysis, and the EPSS score of 0.02% (4th percentile) reflects negligible automated exploitation probability.
Out-of-bounds read in GNU LibreDWG's read_2004_compressed_section function (src/decode.c) affects all versions through 0.14, allowing a local low-privileged attacker to crash the dwgbmp utility or any LibreDWG-based application by supplying a crafted DWG 2004 file with manipulated section address or size fields. Impact is limited to availability (application crash) with no confirmed confidentiality or integrity exposure per the CVSS 4.0 vector. A publicly available proof-of-concept DWG file exists on GitHub, but EPSS at 0.01% (2nd percentile) and no CISA KEV listing confirm this is not currently subject to widespread exploitation.
Improper type validation in fraillt bitsery's smart pointer deserialization extension exposes applications that process attacker-controlled serialized data to partial confidentiality, integrity, and availability compromise. The vulnerable function loadFromSharedState in include/bitsery/ext/std_smart_ptr.h fails to validate polymorphic type identity before performing reinterpret_cast operations, allowing a remote unauthenticated attacker to supply crafted serialized input that triggers unsafe memory access. A publicly available proof-of-concept exploit exists (GitHub gist), though EPSS remains very low at 0.07% (21st percentile) and this CVE is not listed in CISA KEV, suggesting no observed widespread exploitation at time of analysis.
Memory exhaustion in the Perl Archive::Tar module before version 3.10 lets remote attackers cause a denial of service by supplying a crafted tar archive whose per-entry header declares an arbitrarily large size, which the module trusts and uses to drive allocation before reading. The flaw is unauthenticated and network-reachable (CVSS 7.5, A:H only - no confidentiality or integrity impact) but affects only applications that parse untrusted tarballs with this module. There is no public exploit identified at time of analysis and EPSS is very low (0.02%, 4th percentile); the vendor shipped a fix in 3.10.
PIN lock bypass in SailingLab AppLock 4.3.8 for Android exposes protected applications to anyone with brief physical device access. The root cause is architectural: the lock is implemented as a screen overlay rather than through Android's secure authentication APIs, meaning the underlying apps remain accessible via exposed intent routes triggered through advertisement or browser interactions. An attacker with physical access can navigate cascading UI flows to dismiss or circumvent the overlay entirely, gaining access to locked apps such as Chrome, resulting in information disclosure and unintended privilege escalation. No public exploit is confirmed in CISA KEV, but a researcher disclosure is publicly available on GitHub, and EPSS is negligible at 0.04% (11th percentile), consistent with the physical-access-only attack vector.
PIN lock bypass in Easyelife App Lock 1.9.2 for Android allows a local attacker with physical device access to reach applications that were supposedly secured behind a PIN. The root cause is architectural: the lock is implemented as a UI overlay rather than through Android's native secure authentication APIs (BiometricPrompt, KeyguardManager), meaning it can be circumvented by triggering advertisement or browser intents that cause the app to navigate cascading activity flows, effectively routing around the overlay. EPSS is very low at 0.05% (16th percentile), no public exploit is confirmed in CISA KEV, and a researcher disclosure with likely proof-of-concept steps is publicly available on GitHub.
Out-of-bounds memory read in FastNetMon Community Edition through 1.2.9 exposes sensitive process memory and can crash the collector when processing crafted NetFlow v9 packets. The NetFlow v9 data flowset parser in src/netflow_plugin/netflow_v9_collector.cpp omits the per-iteration boundary check present in the sibling Options template branch, allowing a network-adjacent attacker who can deliver UDP NetFlow v9 packets to the collector to supply malicious template definitions that drive the parser past the end of the packet buffer. No public exploit code or confirmed active exploitation has been identified at time of analysis, but a security researcher blog post at lorikeetsecurity.com documents the code-level flaw, raising the disclosure surface.
Physical-access PIN lock bypass in AppLockZ 4.2.11 for Android exposes protected applications to unauthorized access without valid credentials. The root cause is architectural: the lock mechanism is implemented as a UI overlay rather than through Android's secure authentication APIs, leaving it vulnerable to circumvention via exposed activity routes reachable through advertisement or browser intents. An attacker with physical possession of the device can navigate cascading interface flows to evade lockscreen verification and access apps protected by AppLockZ (e.g., Chrome), resulting in information disclosure. No active exploitation is confirmed in CISA KEV, and the EPSS score of 0.04% reflects minimal real-world exploitation probability at this time.
Local symlink exploitation in FastNetMon Community Edition through 1.2.9 allows a low-privileged local attacker to overwrite arbitrary files as the process user, which is typically root. The statistics output path is hardcoded to the predictable world-accessible location /tmp/fastnetmon.dat, written via std::ios::trunc without O_NOFOLLOW or symlink validation, and the daemon sets umask to 0 at startup making all created files world-writable. A secondary chmod() bug further misapplies permissions to the wrong path. No public exploit has been identified at time of analysis and EPSS sits at the 4th percentile, but the typical root execution context makes this a reliable local privilege escalation primitive despite the moderate CVSS score.
Out-of-bounds read in FastNetMon Community Edition through 1.2.9 exposes network monitoring infrastructure to unauthenticated remote attack via malformed NetFlow v9 UDP packets. The vulnerability resides in the options template parser (process_netflow_v9_options_template()), where attacker-controlled length fields - option_scope_length and option_length - drive iteration loops with no bounds validation, enabling reads past the end of the UDP packet buffer. With a CVSS vector of AV:N/AC:L/PR:N/UI:N and SSVC automatable:yes, mass exploitation is technically feasible, though EPSS sits at 0.03% (9th percentile) and no public exploit or KEV listing has been identified at time of analysis.
Out-of-bounds read in FastNetMon Community Edition through 1.2.9 allows remote unauthenticated attackers to leak adjacent process memory by sending crafted BGP UPDATE messages containing malformed MP_REACH_NLRI IPv6 attributes. The flaw resides in decode_mp_reach_ipv6() where attacker-controlled length fields drive memcpy operations without bounds validation, and is acknowledged by an in-source TODO comment by the maintainer. No public exploit identified at time of analysis, EPSS is low (0.03%), and CISA SSVC classifies exploitation as 'none' but 'automatable: yes', meaning weaponization is technically straightforward if a threat actor invests effort.
Man-in-the-middle interception of telemetry traffic affects FastNetMon Community Edition through version 1.2.9 due to missing TLS certificate validation in outbound HTTPS connections. Network-positioned attackers can intercept, modify, or redirect telemetry data sent to community-stats.fastnetmon.com - including system fingerprints, kernel version, traffic statistics, and configuration details - and potentially serve malicious responses. EPSS is very low (0.01%), and there is no public exploit identified at time of analysis, though a technical write-up by Lorikeet Security details the root cause.
Missing Authorization in the SePay Gateway WordPress plugin (versions through 1.1.20) permits any authenticated low-privileged user to retrieve embedded sensitive data without proper access checks. The flaw is classified under CWE-862 and carries a CVSS confidentiality impact of High, meaning payment or configuration secrets stored within the plugin can be exposed to unauthorized parties. No public exploit has been identified at time of analysis, and CISA SSVC rates exploitation as none with non-automatable risk, indicating limited active threat at present.
Out-of-bounds read in GNU LibreDWG's dwggrep utility exposes heap memory when processing maliciously crafted DWG files containing LTYPE objects with unterminated wide-character dash text strings. Affected versions span 0.1 through 0.14 (CPE: cpe:2.3:a:gnu:libredwg). A local authenticated attacker can trigger partial information disclosure by supplying a crafted DWG file to the dwggrep command-line tool; a public proof-of-concept DWG payload exists, though EPSS of 0.01% (2nd percentile) and absence from CISA KEV indicate no widespread exploitation activity at time of analysis.
Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected versions, Shiro-native session manager, as well as Remember-Me manager sends JSESSIONID and rememberMe cookies without 'secure' attribute by default.
Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected versions, when a session already exists, it is not invalidated upon successful login, nor is a new session being generated with a new ID.
PuTTY's trust sigil mechanism - the application icon displayed to distinguish legitimate remote TELNET output from locally-injected spoofed content - fails to reset trust state between proxy authentication and the start of the main TELNET session in versions 0.77 through 0.83. Under CWE-451 (UI Misrepresentation of Critical Information), an attacker positioned to control or influence a TELNET proxy could present deceptive terminal content to the user bearing the trusted indicator, achieving low-integrity impact by misleading the user about the source or authenticity of displayed data. No public exploit exists, EPSS is 0.03% (9th percentile), CISA SSVC rates exploitation as none, and the overall CVSS score is 3.1 (Low), reflecting high attack complexity and narrow real-world applicability.
Double free in PuTTY's RSA key exchange implementation affects versions 0.72 through 0.83, creating a memory corruption condition that can crash the client when connecting to a server that negotiates RSA KEX. The CVSS vector (AV:N/AC:H/PR:N/UI:N/A:L) reflects a network-reachable but high-complexity trigger with only limited availability impact, consistent with a difficult-to-reproduce crash rather than reliable code execution. No active exploitation is confirmed per CISA KEV, SSVC reports exploitation status as none, and EPSS sits at 0.04% (12th percentile), indicating low real-world exploitation pressure at time of analysis.
Server-side template injection (SSTI) in Dromara lamp-cloud versions 5.6.0 through 5.6.2 exposes the Message Template Handler to remote exploitation by authenticated low-privileged users who can inject malicious Groovy expressions via the DefMsgTemplate.content parameter. The vulnerable function GroovyClassLoader.parseClass compiles and executes attacker-controlled input as Groovy code at runtime. A public proof-of-concept exploit has been disclosed on GitHub, and the vendor has not responded to the coordinated disclosure, leaving no official patch available at time of analysis.
Remote image blocking in Roundcube Webmail 1.6.x and 1.7.x can be silently bypassed by embedding a crafted CSS var() expression in an HTML email, causing the victim's browser to fetch attacker-controlled external resources despite the privacy control being active. This leads to information disclosure - including IP address leakage and email-open tracking - and potential access-control bypass. No public exploit has been identified at time of analysis and EPSS is very low (0.03%), but SSVC rates this 'Automatable: yes,' making mass-scale email tracking campaigns feasible against unpatched Roundcube deployments.
Remote image blocking bypass in Roundcube Webmail allows unauthenticated network attackers to embed HTML email image tags pointing to local or private network destinations, causing the server to fetch those resources despite the 'block remote images' policy being active. Affected versions are 1.6.14 through 1.6.15 and 1.7.0, with vendor-released patches 1.6.16 and 1.7.1 available since May 2026 per the official advisory. No public exploit has been identified at time of analysis and EPSS is very low at 0.03%, though SSVC rates technical impact as total - a notable discrepancy that warrants attention for deployments where the mail server has internal network access.
Server-Side Request Forgery and information disclosure in Roundcube Webmail 1.6.14-1.6.15 and 1.7.0 allows remote attackers to force the webmail server to fetch internal network resources by embedding malicious stylesheet links in HTML email messages. The flaw is a regression of CVE-2026-35540 caused by insufficient CSS sanitization, and while no public exploit identified at time of analysis, the EPSS score sits at a low 0.03% (9th percentile) despite the vulnerability being trivially triggerable by sending a crafted email.
Malicious JEXL expression injection in Apache Syncope's Derived Schema feature enables privileged information disclosure across administrative roles. An administrator holding entitlements over Derived Schemas can embed a crafted JEXL expression that, when evaluated in the context of another administrator's User read operation, exposes security-sensitive User attributes that would not normally be accessible. Affected versions span three release lines (3.0.x through 3.0.16, 4.0.x through 4.0.5, and 4.1.0); no active exploitation is confirmed (no CISA KEV listing) and the EPSS score of 0.02% places this in the 4th percentile for exploitation probability.
Code execution via Groovy sandbox bypass in Apache Syncope 3.0 through 3.0.16, 4.0 through 4.0.5, and 4.1.0 allows a high-privileged administrator holding Implementations entitlements to run untrusted code outside the sandbox. By placing payload logic in a Groovy class static initializer, the attacker reaches a non-sandboxed execution path, yielding full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and EPSS is very low (0.02%, 6th percentile), consistent with a privilege-gated, not mass-scanned, issue.
Weak password recovery in Tiandy Easy7 Integrated Management Platform 7.17.0 exposes the `/rest/user/updateUserPassword` API endpoint to unauthenticated remote manipulation, enabling an attacker to interfere with the password update process and achieve unauthorized integrity impact on user credentials (CWE-640). The CVSS 4.0 vector confirms unauthenticated network access with no prerequisites, and a public exploit has been disclosed via Feishu documentation. Despite the public POC, EPSS sits at 0.03% (8th percentile), indicating no widespread automated exploitation has been observed; the vendor did not respond to coordinated disclosure, leaving the flaw unpatched.
Firefox for iOS misrepresents attacker-controlled domains as trusted origins through improper rendering of right-to-left Unicode characters and internationalized domain names (IDNs) in the link preview UI surface, enabling a spoofing/phishing attack against users on any iOS version prior to 151.1. The CVSS vector (PR:N/UI:R) indicates unauthenticated network-reachable exploitation contingent on user interaction with a crafted link. EPSS at the 5th percentile and SSVC exploitation status of 'none' confirm no active exploitation or public exploit code has been identified at time of analysis, positioning this as a targeted phishing risk rather than a broad automated threat.
Credential leakage in the hackney Erlang HTTP client library (versions 3.1.1 through before 4.0.1) allows a malicious or compromised redirect target to capture Authorization, Cookie, and Proxy-Authorization headers forwarded verbatim by the HTTP/3 redirect handler. The hackney_h3.erl module, introduced for HTTP/3 support, omitted the cross-origin credential-stripping logic (maybe_strip_auth_on_redirect/2) that was added to the main hackney.erl module following CVE-2018-1000007, creating a feature-parity gap exploitable when clients use follow_redirect with HTTP/3 and credential headers. No active exploitation is confirmed (not in CISA KEV), but SSVC assessment confirms a proof-of-concept exists; EPSS is low at 0.04% (13th percentile), consistent with targeted rather than opportunistic exploitation.
Man-in-the-middle exposure in Apache Airflow's `apache-airflow-providers-google` package (versions prior to 22.0.0) stems from the `ComputeEngineSSHHook` shipping with `paramiko.AutoAddPolicy` as its default missing-host-key policy, silently trusting any SSH host key presented by a Compute Engine VM. An in-path network attacker positioned between the Airflow worker and the GCE instance can intercept or tamper with the SSH session, exposing credentials, DAG-driven commands, and transferred data. No public exploit identified at time of analysis and EPSS is very low (0.02%), but technical impact is rated total by SSVC.
Tarball unpacking in Rust's Cargo package manager fails to reject symlinks within downloaded crate archives, enabling a malicious crate hosted on a third-party registry to overwrite source files belonging to other crates in the victim's local registry cache. The attack requires no privileges on the attacker side (PR:N per CVSS 4.0) but passive user interaction (UI:P) - specifically, a developer running any Cargo command that triggers crate download and extraction. While crates.io users are explicitly unaffected (that registry enforces a server-side symlink prohibition), users of any third-party Cargo registry are at risk of supply chain source substitution; no public exploit has been identified at time of analysis, and EPSS is very low at 0.04%.
Credential leakage in Cargo's sparse index registry URL normalization affects all Cargo releases from 1.68 through 1.96. The flaw caused Cargo to incorrectly apply git-registry canonicalization rules - specifically, stripping `.git` suffixes and lowercasing GitHub paths - to sparse index protocol URLs (prefixed with `sparse+`). This allowed two distinct sparse registry URLs that differed only by a `.git` suffix to resolve to the same canonical identifier, meaning credentials configured for one registry could be transmitted to a different, attacker-controlled registry on the same domain. No public exploit identified at time of analysis; EPSS is 0.04% (12th percentile), consistent with the vendor-assessed low severity and SSVC exploitation status of none.
Resource injection in yashpokharna2555's StudentManagementSystem allows low-privileged remote attackers to manipulate the ID parameter in courseDel.php to control which course records are deleted or affected, resulting in unauthorized data integrity and availability impact. The flaw affects the specific git commit cb2f558ddf8d19396de0f92abf2d224d46a0a203 and exploit code is publicly available via a GitHub issue. No patch has been released, and the project maintainer has not responded to the disclosure.
Credential exposure in Gallagher Command Centre Service installers writes Service Account credentials into installer log files under %programdata%\Gallagher\Command Centre, allowing a local low-privileged user who can read those logs to recover the configured Service Account password. The flaw (CWE-532) affects a broad set of Gallagher Command Centre components including Command Centre Server, Active Directory Sync, Entra ID Sync, Elevator Service, Middleware Framework and others, but only when the operator deviated from the default Network Service account during install. There is no public exploit identified at time of analysis and EPSS is 0.01%, but a successful read yields high-impact credential compromise of a privileged service identity.
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap sandboxes, because MIME handlers are not intended for use by code interpreters and loaders. NOTE: some parties feel that this is not a bug to be addressed in Wine, because there is no known solution that avoids a severe loss of usability (Wine could be a binfmt-misc handler, but binfmt-misc does not exist on all platforms supported by Wine).
Cleartext credential exposure in the Besen BS20 EV Charging Station's BLE and UDP interfaces allows an adjacent-network attacker with low privileges to intercept authentication material transmitted without adequate protection. All firmware versions up to 20260426 are affected per EUVD-2026-31547 and NVD CPE data. Publicly available exploit code exists per a researcher's GitHub disclosure; however, no CISA KEV listing and an EPSS of 0.01% (3rd percentile) indicate no confirmed widespread exploitation at time of analysis.
Weak password requirements in the Bluetooth Low Energy (BLE) handler of the Besen BS20 EV Charging Station (firmware up to 20260426) expose the device to credential brute-forcing from adjacent-network attackers within Bluetooth range. The flaw, catalogued under CWE-521, results in limited confidentiality impact (VC:L in CVSS 4.0) with no integrity or availability consequences, yielding an overall CVSS 4.0 score of 1.3. Publicly available exploit code exists (E:P in CVSS vector, GitHub PoC at carfeii/besen), though EPSS sits at 0.01% (2nd percentile), and no active exploitation has been confirmed by CISA KEV. Besen acknowledged the report as of April 2026 but no patched firmware version has been released.
Cryptographic salt generation in Jasypt Spring Boot library (versions ≤3.0.5 and ≤4.0.4) uses predictable values, enabling offline password cracking attacks against encrypted configuration properties. The SimpleGCMConfig class's getSecretKeySaltGenerator function generates salts without sufficient entropy, reducing the computational cost for attackers who obtain encrypted passwords to derive plaintext through dictionary or brute-force attacks. Public exploit code exists (POC available) with EPSS indicating low probability of widespread exploitation (3.7 CVSS, AC:H). Vendor has not responded to responsible disclosure as of analysis date.
Local privilege escalation in NousResearch hermes-agent 2026.4.23 allows authenticated local users to manipulate plugin discovery logic via HERMES_ENABLE_PROJECT_PLUGINS environment variable, resulting in unauthorized information disclosure and potential integrity compromise of the CLI web-dashboard interface. Publicly available exploit code exists (EPSS data not provided, not listed in CISA KEV). The vendor did not respond to responsible disclosure attempts, leaving remediation status uncertain.
Remote sandbox escape in NousResearch hermes-agent versions up to 2026.4.16 allows unauthenticated attackers to manipulate environment variables through the code execution tool, potentially breaking out of the intended security sandbox. The vulnerability has publicly available exploit code and the vendor has not responded to disclosure attempts, leaving systems unpatched.
Uncontrolled recursion in PostCSS up to 7.1.1 allows remote attackers to trigger denial of service via crafted CSS input requiring user interaction. The vulnerability resides in the toString function of AST serialization logic (src/selectors/container.js). Publicly available exploit code exists (EPSS exploitation probability should be assessed). Vendor considers this low-risk since most users compile their own CSS rather than processing untrusted user-generated CSS, indicating limited real-world attack surface in typical deployment scenarios.
Improper output escaping in NousResearch Hermes Agent versions up to 2026.4.16 allows remote unauthenticated attackers to manipulate message formatting in Slack and Mattermost integrations, potentially leading to information disclosure and service disruption. The vulnerability is exploitable via crafted format_message arguments with low attack complexity and requires no user interaction. Public exploit code is available via GitHub Gist. The vendor did not respond to early disclosure attempts, and no patch availability is documented.
Remote injection vulnerability in NousResearch hermes-agent versions up to 2026.4.23 enables unauthenticated attackers to inject malicious payloads through the Skills Guard component's multi-word prompt handling mechanism. The vulnerability has publicly available exploit code and allows attackers to achieve limited confidentiality, integrity, and availability impacts without user interaction. Despite early vendor notification, no response or patch has been provided.
Information disclosure in NousResearch hermes-agent allows remote unauthenticated attackers to extract sensitive data via crafted requests to the Messaging Gateway Handler's environment configuration function. The vulnerability affects versions up to 2026.4.23 with publicly available exploit code demonstrating the attack. EPSS data not provided, but public POC availability increases immediate risk. Vendor has not responded to disclosure, suggesting no official patch timeline.
Information disclosure in Cal.com cal.diy up to version 4.9.4 allows remote unauthenticated attackers to access sensitive booking data through manipulation of cancelledBy/rescheduledBy parameters in the bookings single view API endpoint. The vulnerability affects the Generic React API's getServerSideProps function, enabling unauthorized retrieval of booking-related information. Public exploit code exists demonstrating the attack technique, and the vendor has not responded to coordinated disclosure attempts, leaving users at elevated risk until patches are self-applied.
D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Memory corruption and potential information disclosure in the Linux kernel networking stack (skbuff) occurs because skb_try_coalesce() fails to propagate the SKBFL_SHARED_FRAG marker when transferring paged fragments between socket buffers. The flaw breaks an invariant relied upon by IPsec ESP input processing, which may then decrypt data in-place over page-cache-backed fragments belonging to other contexts. No public exploit identified at time of analysis, EPSS sits at 0.02%, and the issue is patched across multiple stable trees.
Unauthorized order manipulation and information disclosure in the WooCommerce PayPal Payments WordPress plugin (versions through 4.0.1) allows remote unauthenticated attackers to abuse two WC-AJAX endpoints (ppc-create-order and ppc-get-order) that lack authorization checks. By chaining these endpoints, an attacker can create a PayPal order against any victim's WooCommerce order ID and then retrieve full PayPal order details including payer information and shipping data. No public exploit identified at time of analysis, but the plugin's broad e-commerce deployment and trivial attack complexity make this a credible target.
Privilege escalation in the WishList Member WordPress plugin versions up to 3.30.1 allows authenticated low-privilege users to obtain the REST API Secret Key via the unprotected 'export_settings' AJAX endpoint and leverage it to register arbitrary administrator accounts. The CVSS 8.8 (High) rating reflects full confidentiality, integrity, and availability impact, and while no public exploit is identified at time of analysis, the discovery by Wordfence - a major WordPress security vendor - typically precedes broader exploitation against the large WordPress plugin ecosystem.
Cross-tenant server telemetry disclosure in Nezha Monitoring's WebSocket endpoint allows any authenticated non-admin member to receive live infrastructure data for all servers on the platform, regardless of ownership. The dashboard's `/api/v1/ws/server` WebSocket handler (`ws.go:123-139`) uses a binary member/guest switch instead of per-object `HasPermission` checks, bypassing the object-level authorization that correctly governs the REST API. An authenticated member exploiting this can continuously stream CPU/GPU metrics, memory and disk usage, network transfer rates, agent versions, and uptime for servers belonging to other tenants. No public exploit or CISA KEV listing identified at time of analysis, though the GitHub advisory (GHSA-hvv7-hfrh-7gxj) includes a detailed static proof-of-concept.
Information disclosure in Microsoft Azure Compute Gallery permits an authenticated remote attacker to read sensitive data across tenant or resource boundaries due to improper input validation (CWE-20). The scope-changed CVSS 7.7 rating reflects cross-boundary impact, but the exploit maturity is currently unproven (E:U) and no public exploit identified at time of analysis. Microsoft has published an official fix via MSRC.
Remote code execution in Microsoft Azure Virtual Network Gateway allows an authenticated attacker with low privileges to execute arbitrary code across a network boundary due to improper input validation. The CVSS 9.9 score reflects scope-changed impact (S:C) where exploitation can compromise resources beyond the vulnerable component itself, affecting confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the high score and managed-service nature warrant priority attention.
Heap-buffer-overflow in libheif 1.21.2 and prior exposes any application parsing untrusted HEIF sequence files to an out-of-bounds read during file ingestion, with potential for heap memory disclosure or process crash. The flaw is triggered the moment a victim opens a crafted file - no additional interaction beyond file opening is required - making it a practical threat in desktop image viewers, browsers, and media pipelines that embed libheif. No public exploit has been identified at time of analysis, EPSS sits at 0.04% (11th percentile), and a vendor-released patch (v1.22.0) is available, keeping real-world exploitation risk currently assessed as low-moderate despite the memory-corruption class.
Out-of-bounds read in libheif versions 1.21.2 and prior crashes any application that parses attacker-controlled HEIF sequence files, resulting in denial of service. The defect lives in the SampleAuxInfoReader constructor, which enters its processing loop when saiz.sample_count > 0 even though stco.entry_count == 0 left the chunks vector empty; dereferencing chunks[0] then triggers the crash. No public exploit code has been identified at time of analysis, but the attack requires only that a user open or process a specially crafted HEIF file, making it relevant wherever libheif is embedded in image-handling applications (browsers, media libraries, operating-system image stacks). Vendor-released patch v1.22.0 is available.
An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full administrative control of the affected device, potentially impacting on confidentiality, integrity, and availability.
authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, authenticated non-admin users with at least one OAuth2 access token can retrieve the client_secret of confidential OAuth2 providers they have previously authenticated against, exposing sensitive information to users without the correct permissions. This logic is GET /api/v3/oauth2/access_tokens/. The API response includes a nested provider object containing client_id and client_secret for providers configured with client_type: confidential, which should not be accessible to low-privilege users. This issue has been fixed in versions 2025.12.5 and 2026.2.3.
Insecure Direct Object Reference (IDOR) in Typebot's getResultLogs API endpoint allows any authenticated user to read execution logs belonging to other workspaces by supplying an arbitrary victim resultId alongside their own authorized typebotId. The endpoint authorizes the caller by typebotId but fetches log records by resultId alone, skipping cross-ownership validation that all peer endpoints in the same router correctly enforce. Exploitation exposes sensitive runtime data including HTTP response bodies, AI model outputs, and webhook payloads. No public exploit or CISA KEV listing has been identified at time of analysis, but the straightforward nature of the IDOR - requiring only a valid session and a guessed or enumerated resultId - makes unauthorized data access realistic for any authenticated platform user.
Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user with access to a sealed entry to retrieve its sensitive data without triggering the unseal audit notification via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier
Unverified password change in Devolutions Server allows an attacker to change a user's password without providing the previous one via a crafted password change request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier
Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to administrators via a crafted export request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier
Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.
Improper certificate validation in Dell PowerFlex Manager version 4.6.2 and earlier allows an unauthenticated attacker on an adjacent network to intercept and tamper with protected communications. The flaw (CWE-295) means the product fails to adequately verify peer certificates during TLS/SSL exchanges, enabling a man-in-the-middle position to read or modify in-transit management data. No active exploitation is confirmed (not listed in CISA KEV), and no public exploit code has been identified at time of analysis.
Unprotected credential transport in syslink software AG Avantra before version 25.3.0 exposes authentication material to network-layer interception on both Linux and Windows deployments. The vulnerability, classified under CWE-523, allows a suitably positioned network adversary to capture credentials in transit, with the CVSS vector indicating high confidentiality and integrity impact upon successful exploitation. No public exploit code and no CISA KEV listing have been identified at time of analysis, and the high attack complexity and high privilege prerequisite meaningfully constrain the realistic attacker population.
Default credential exposure in syslink software AG Avantra (all versions before 25.3.0) on Linux and Windows allows a local attacker with high-privilege access to authenticate using known default passwords, achieving high confidentiality impact against monitoring data and infrastructure configurations managed by the platform. Reported by NCSC.ch and addressed in version 25.3.0, this CWE-1393 flaw represents an insider threat or post-compromise lateral movement risk for organizations running Avantra in SAP and IT operations environments. No public exploit code has been identified and the vulnerability is not listed in CISA KEV at time of analysis.
Sensitive information disclosure in syslink software AG Avantra (versions before 25.3.0) on Linux and Windows allows an attacker with high privileges and adjacent network access to harvest data written into log files, with a scope-changed impact crossing trust boundaries. The flaw is tracked as CWE-532 and rated CVSS 7.5, but no public exploit identified at time of analysis and it is not listed in CISA KEV.
Heap buffer over-read in ImageMagick's distributed pixel cache server affects all Magick.NET NuGet package variants prior to version 14.12.0. An attacker with the ability to connect to a running `magick -distribute-cache` service can trigger an out-of-bounds read (CWE-125) in the server process, resulting in high-severity confidentiality impact (memory disclosure) and availability impact (potential crash). No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the CVSS score of 5.7 reflects meaningful mitigating constraints: high attack complexity and high privileges required per the vector.
Information disclosure in Magick.NET's distributed pixel cache server exposes sensitive pixel data due to the absence of a challenge-response authentication model on the cache service. All Magick.NET NuGet packages (Q16, Q16-HDRI, and OpenMP variants across AnyCPU, x64, x86, arm64 architectures) prior to version 14.12.0 are affected. A highly privileged local attacker meeting the high-complexity conditions of this vulnerability could read pixel cache contents belonging to other processes, leaking potentially sensitive image data. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Session replay weakness in syslink software AG's Avantra monitoring platform (versions before 25.3.1) on Linux and Windows allows remote attackers to reuse captured session identifiers because sessions are not properly expired. With CVSS 9.6 and scope change, an attacker who obtains a valid session ID can impersonate users and pivot into systems Avantra manages; no public exploit identified at time of analysis.
File descriptor hijacking in ImageMagick's distributed pixel cache server (magick -distribute-cache) exposes sensitive data via a race condition exploitable by a privileged local attacker. Affected are all Magick.NET NuGet packages across Q16, Q16-HDRI, OpenMP, and ARM64 variants prior to version 14.12.0. Successful exploitation yields high-confidentiality impact - an attacker can read file descriptors belonging to the server process - though no public exploit code exists and this is not currently listed in the CISA KEV catalog.
Incorrect Privilege Assignment in Dell PowerFlex Manager version 4.6.2 and earlier (both Appliance and Rack form factors) allows a low-privileged local attacker to escalate their privileges, impacting confidentiality, integrity, and availability at a low level each (CVSS 5.3 Medium, CWE-266). Dell has published dual advisories (DSA-2025-434 and DSA-2025-435) addressing the Appliance and Rack variants respectively. No public exploit code and no active exploitation have been identified at time of analysis.