Information Disclosure
Monthly
Unauthorized information disclosure in Hoppscotch prior to 2026.6.0 exposes mock servers linked to private collections to the public internet without authentication. The mock server creation logic in mock-server.service.ts silently drops the caller-supplied isPublic flag, while the Prisma schema defaults isPublic to true, so servers intended to be private are created as public. An unauthenticated remote attacker who reaches the mock endpoint can retrieve sensitive API data (schemas, example payloads, headers) the owner assumed was private; no public exploit was identified at time of analysis and the flaw is not in CISA KEV.
Root-level device takeover affects the Allwinner H616-based TV98 Android TV Box, which ships to production with the Android Debug Bridge (ADB) daemon enabled and reachable over the network (TCP/5555). A network attacker can send an ADB authorization request, and if the victim accepts the RSA key confirmation prompt on the device, the attacker obtains a root shell. Classified under CWE-489 (leftover debug functionality), there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though the attack is trivial once a user approves the pairing.
{id}/members endpoint returns full UserModelResponse objects, inadvertently exposing toolServers API keys and webhook configuration belonging to other channel members. No public exploit is identified at time of analysis, but the low exploitation complexity and high value of the exposed credentials (tool server keys enable lateral access to integrated AI tooling infrastructure) elevate practical risk above what the 6.0 CVSS score alone suggests.
Session revocation bypass in Open WebUI 0.9.0 through 0.9.x (deployments configured with Redis) lets a holder of a revoked JWT keep authenticating realtime Socket.IO connections. The flaw stems from first-message authentication for Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket calling decode_token without the Redis-backed is_valid_token revocation check, so logout, forced-logout, or token invalidation does not sever active realtime access. No public exploit is identified at time of analysis and it is not listed in CISA KEV; the fix is version 0.10.0.
Cache key misconfiguration in Open WebUI versions 0.6.27 through 0.9.x leaks permission-filtered model lists across authenticated users during the aiocache TTL window. The flaw exists in both the OpenAI and Ollama router handlers, where a lambda was incorrectly passed as the cache key instead of a per-user key_builder, collapsing all users into a single shared cache entry. An authenticated attacker on a shared instance can receive a different user's model list - revealing which AI models that user has access to - with no public exploit identified at time of analysis and a vendor-released patch available in v0.10.0.
Temporary connection denial-of-service in the RTSP service of the MERCURY MIPC252W IP camera (firmware v1.0.5 Build 230306 Rel.79931n) lets an unauthenticated remote attacker wedge an individual TCP connection by sending an RTSP request that declares a Content-Length but includes no message body. The malformed parser enters a body-waiting state and silently swallows all further data on that socket until a server-side timeout closes it. Despite an NVD CVSS of 9.8 and an 'Information Disclosure' tag, the described behavior is a single-connection availability nuisance with no confidentiality or integrity impact; no public exploit is identified at time of analysis and EPSS is low at 0.18% (8th percentile).
Timing-based account enumeration in Open WebUI prior to 0.10.0 exposes whether any given email address is registered on a self-hosted AI instance. The /api/v1/auths/signin endpoint only invokes bcrypt password verification when a matching email record exists, making registered-account login attempts measurably slower than attempts against unregistered emails - a classic CWE-208 timing oracle. Unauthenticated remote attackers can exploit this discrepancy at scale to harvest valid account emails, which can then fuel credential stuffing or targeted phishing. No public exploit code or CISA KEV listing has been identified, and the vendor has released a fix in v0.10.0.
Credential disclosure in n8n workflow automation (versions prior to 1.123.61, 2.27.4, and 2.28.1) allows an authenticated member holding use-only editor access to a shared workflow to read credential-populated HTTP headers via the $request object inside an HTTP Request node's pagination expression, then exfiltrate the secret through returned item data. This defeats n8n's credential-hiding model, which is supposed to prevent low-privilege collaborators from seeing the underlying secret values. No public exploit identified at time of analysis, and it is not listed in CISA KEV; the EPSS/POC signals were not provided.
Privilege escalation via prototype pollution in n8n workflow automation lets an authenticated low-privilege user (holding the default workflow:create permission) corrupt Object.prototype through a crafted workflow saved, updated, or imported via the workflow API. Once polluted, subsequent unauthenticated requests are evaluated as a privileged user, exposing internal user and project listing endpoints. This is an information-disclosure and access-control flaw with no public exploit identified at time of analysis; CVSS 4.0 base score is 7.1.
Credential secret exfiltration in n8n (self-hosted workflow automation) prior to 2.27.4 and 2.28.1 lets a low-privilege member with use-only access to a shared credential leak that secret to an attacker-controlled server. The AI Agents feature fails to enforce the 'Allowed HTTP Request Domains' restriction when an MCP tool is aimed at an arbitrary URL, so the guardrail meant to keep secrets in-bounds is bypassed. No public exploit identified at time of analysis; risk is elevated because the abuse comes from an already-authorized internal user rather than an outside attacker.
Denial of service in Cesanta Mongoose before 7.22 lets a remote, unauthenticated attacker crash any TLS service (HTTPS, MQTTS, or WSS) built on the MG_TLS_BUILTIN stack by sending a single crafted TLS ClientHello whose session_id_len byte is used as an unvalidated buffer index, triggering an out-of-bounds read. The flaw sits in the built-in TLS server handshake function mg_tls_server_recv_hello() and requires no authentication or user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the trigger is trivial and the issue was disclosed by VulnCheck.
Guest-to-host privilege escalation in varstored, the Xapi (XenServer/XCP-ng/Citrix Hypervisor) toolstack daemon that services UEFI variable requests for VMs, allows a malicious guest to corrupt control flow in the host-side process. Missing compiler barriers on a buffer shared with in-guest OVMF create a time-of-check/time-of-use race (CWE-367) that, in default builds, lets the attacker control an index into a jump table - yielding attacker-influenced execution in the toolstack. Tracked as Xen Security Advisory XSA-478 with a CVSS 4.0 base score of 9.4; no public exploit identified at time of analysis and not listed in CISA KEV.
Denial-of-service and database-corruption in Xen's XAPI toolstack (the XenAPI management layer used by XCP-ng and Citrix/XenServer Hypervisor) lets clients that submit object updates crash the database event thread or write strings that permanently prevent the database from loading. Three distinct input-validation defects are covered by XSA-474: notifications built from unsanitised input, a UTF-8 encoder that follows Unicode 3.0 while dependent libraries enforce the stricter 3.1 spec, and a total absence of sanitisation for Map/Set object updates. No public exploit has been identified at time of analysis and it is not on CISA KEV; the CVSS 4.0 base score is 9.4.
Prototype pollution in the enquirer npm package (versions up to 2.4.1) allows remote authenticated attackers to manipulate JavaScript Object.prototype attributes by injecting a crafted value into the question.name argument of the Enquirer.set() function. The vulnerability carries a low CVSS 4.0 score of 2.1, reflecting limited integrity-only impact scoped to the vulnerable system with no confidentiality or availability consequence. Publicly available exploit code exists via GitHub issue #487, though no active exploitation has been confirmed in CISA KEV.
{bookID}/notes carries no authentication middleware, and supplying ?deleted=true causes the service to invoke GORM's Unscoped() while retaining the is_public=true authorization branch, allowing any network-accessible actor to retrieve titles, slugs, and timestamps of notes an owner deliberately deleted from a public book. No active exploitation is confirmed (not listed in CISA KEV), though a fully functional proof of concept is embedded in the vendor advisory, and exploitation requires only a single crafted HTTP GET request.
Resource identifier manipulation in macrozheng mall up to 1.0.3 allows authenticated remote attackers to access or affect return-application records belonging to other users by substituting arbitrary orderId values in POST requests to /returnApply/create. The flaw is classified as CWE-99 (Improper Control of Resource Identifiers), consistent with an Insecure Direct Object Reference (IDOR) pattern in the Portal Endpoint. A public exploit is available, and the vendor deleted the corresponding GitHub issue without comment, raising concerns about coordinated disclosure and patch status.
Cross-tenant data exfiltration in Google Cloud Apigee (versions prior to 2026-06-12) is possible via improper input validation in the BigQuery Data Access Object (DAO) component. An authenticated attacker with high-privilege access can craft requests that bypass tenant isolation boundaries, accessing confidential data belonging to other Apigee tenants on Google Cloud Platform. Google patched this server-side on June 12, 2026 with no customer action required; no public exploit or CISA KEV listing has been identified at time of analysis.
Remote code execution in Xerte Online Tools (versions before 3.14.6 and before 3.15.5) allows an attacker with access to the tools server settings to repoint the configured antivirus scanner binary path to a PHP interpreter, so that subsequently uploaded PHP content is passed to that interpreter and executed on the server. The input CVSS scores this 9.8 (unauthenticated network vector), but the described attack path hinges on modifying server-side settings, which typically requires administrative access — a contradiction worth flagging. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; a vendor patch is available.
Out-of-bounds read in GPAC MP4Box version 26.03-DEV allows local low-privileged attackers to cause a low-severity availability impact by supplying a crafted input that manipulates the `num_langs` argument in the `vobsub_read_idx` function of `vobsub.c`. A proof-of-concept exploit has been publicly disclosed via GitHub issue #3611 and the CVSS 4.0 E:P modifier confirms its availability. Two upstream commits have been applied to address the flaw, though no standalone patched release version has been independently confirmed.
Out-of-bounds read and reachable assertion vulnerabilities in Samsung's open-source Escargot JavaScript engine allow a local attacker to cause a denial of service and limited data manipulation by supplying crafted JavaScript input. All versions prior to commit 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c are affected, with the primary real-world impact being an availability loss (crash) and low-confidence integrity effect. No public exploit code or CISA KEV listing has been identified at time of analysis.
Type confusion (CWE-843) in Samsung's open-source Escargot JavaScript engine enables pointer manipulation, leading to high-impact availability disruption and limited integrity compromise when processing malicious JavaScript. All Escargot versions prior to commit 779f6bedf58f334dec64b0a51ebb724b4708b84a are affected, with particular relevance to Samsung embedded and smart appliance ecosystems where this engine is deployed. No public exploit has been identified at time of analysis, and an upstream fix is available via GitHub PR #1580, though a formally versioned release has not been independently confirmed.
Out-of-bounds read and write vulnerabilities in Samsung's open-source Escargot JavaScript engine allow a local attacker to cause memory corruption leading to high availability impact and limited integrity compromise. All Escargot versions prior to commit 779f6bedf58f334dec64b0a51ebb724b4708b84a are affected, with the engine's primary deployment in Samsung TV appliance and IoT platforms. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in CISA KEV; however, the CVSS-assigned high availability impact and the buffer overflow primitive make crash-based denial-of-service the primary realistic threat.
Sensitive configuration data and credentials are exposed in API responses within HCL DevOps Deploy / HCL Launch, affecting all maintained version branches from 7.3 through 8.2.1.0. Any authenticated user with low-privilege access can retrieve secrets through standard API interactions, creating a stepping-stone for lateral movement or privilege escalation across connected deployment targets. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in CISA KEV, but real-world risk is elevated because CI/CD platforms routinely store high-value credentials for downstream infrastructure.
Sensitive-information disclosure in HCL DevOps Deploy (formerly UrbanCode Deploy) versions 8.1 through 8.1.2.6 and 8.2 through 8.2.1.0 stems from an overly permissive Cross-Origin Resource Sharing (CORS) policy that fails to restrict allowed origins to trusted domains. Because the application accepts or reflects arbitrary origins, an attacker-controlled web page can issue cross-origin credentialed requests against an authenticated user's session to read protected data and invoke privileged actions. There is no public exploit identified at time of analysis, EPSS is low (0.23%, 13th percentile), and CISA SSVC rates exploitation as none.
Sensitive information disclosure in HCL DevOps Deploy / HCL Launch exposes credentials or operational data stored in application log files to any local user who can read those files. Affected across four major release branches (7.3, 8.0, 8.1, and 8.2), the vulnerability stems from CWE-532, where the application writes sensitive material into logs without adequate sanitization or access restriction. No public exploit code has been identified at time of analysis, and the flaw is not listed in the CISA KEV catalog, but the high confidentiality impact (C:H) and zero-privilege local access condition elevate real-world concern in multi-tenant or shared-host deployments.
Privilege escalation via configuration synchronization in Nozomi Networks Guardian and Central Management Console (CMC) lets an authenticated low-privilege user push administrative CLI commands to managed Arc sensors, because those sensors incorrectly inherit CLI permissions during sync. Successful abuse alters device configuration and can degrade or disable sensor availability, undermining OT/ICS monitoring integrity. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; risk is elevated by the network-reachable, low-privilege (PR:L) attack path against a security-critical appliance.
Stored HTML injection in Nozomi Networks Guardian and CMC (N2OS) allows authenticated administrators to embed malicious HTML into configuration data rendered in the Diagram tab and Graph view, enabling phishing and open redirect attacks against other authenticated users who view the affected pages. The vulnerability originates from a shared input validation function applied across multiple input vectors in N2OS that is insufficiently restrictive, permitting certain HTML tags to persist. Full XSS exploitation and direct information disclosure are explicitly constrained by existing input validation and a Content Security Policy, limiting realistic attacker impact to social engineering vectors. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis.
Privilege escalation in VMware Pinniped's Kubernetes authentication layer allows an attacker who already controls Active Directory group distinguished names to gain elevated Kubernetes RBAC permissions beyond their legitimate entitlements. The flaw affects Pinniped v0.11.0 through v0.46.0 when the Supervisor is configured with an ActiveDirectoryIdentityProvider and a specific empty groupName attribute, and only when an attacker simultaneously holds write access to AD group entries and valid AD user credentials. No public exploit code exists and this is not listed in CISA KEV; the vendor CVSS score of 3.8 (Low) reflects the highly constrained exploitation prerequisites.
Sensitive information exposure in the Backup and Staging by WP Time Capsule WordPress plugin (all versions through 1.22.26) allows authenticated attackers with subscriber-level access to download a previously admin-decrypted SQL database backup via the unprotected `download_recent_decrypted_file_wptc` endpoint. The downloaded backup typically contains WordPress password hashes, user credentials, and site configuration data stored in the `recent_decrypted_file` plugin option. No public exploit code exists at time of analysis, but the vulnerability is conditionally exploitable wherever subscriber-level user registration is enabled and an administrator has recently used the plugin's decrypt function.
Local File Inclusion in the WPFunnels WordPress plugin (all versions through 3.12.7) allows authenticated administrators to include and execute arbitrary PHP files on the server via the unsanitized `logKey` parameter, yielding full remote code execution when combined with file upload capability. The attack requires administrator-level WordPress credentials and high complexity - specifically the ability to place a PHP file on the server - materially limiting the exploitable population. No public exploit code or CISA KEV listing has been identified at time of analysis, placing this in a routine-patching priority tier despite its severe potential impact.
Adversary-in-the-middle credential theft and privilege escalation affects Cloud Foundry UAA (User Account and Authentication server) prior to v78.13.0 and cf-deployment prior to v56.2.0, where LDAP StartTLS unconditionally disables TLS hostname verification. An attacker positioned on the network path between UAA and its LDAP directory can present any certificate issued by any trusted CA to impersonate the directory, harvesting the LDAP bind password plus every end-user password submitted during simple-bind authentication and injecting forged group memberships that grant attacker-controlled admin scopes. There is no public exploit identified at time of analysis, no CISA KEV listing, and EPSS was not provided, but the CVSS 4.0 base score is 9.3 (Critical).
Predictable SSH credential generation in Cloud Foundry's bosh-windows-stemcell-builder (versions prior to v2019.98) lets attackers brute-force the SSH login on TCP/22 because the GenerateRandomPassword function relies on a cryptographically weak random number generator, drastically shrinking the effective password keyspace. Any Windows stemcell built with an affected release ships with a guessable administrative password, so an attacker who can reach port 22 of a deployed VM can recover interactive access and full control. No public exploit code has been identified at time of analysis and the issue is not listed in CISA KEV.
Local privilege escalation in BOSH-Ecosystem bosh-windows-stemcell-builder (versions prior to v2019.98) lets a low-privilege authenticated Windows user overwrite the BOSH agent executables at C:\bosh\service_wrapper.exe or C:\bosh\bosh-agent.exe, which then run as NT AUTHORITY\SYSTEM on the next service restart or reboot, yielding full host control. The weakness stems from overly permissive filesystem ACLs applied by BOSH.Utils.psm1 when the stemcell is built. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Cookie forgery in WP Support Plus Responsive Ticket System (WordPress plugin ≤9.1.2) allows unauthenticated network attackers to impersonate any guest ticket owner by crafting an unsigned guest-session cookie containing the victim's email address, then reading, replying to, and closing that user's support tickets. The plugin fails to sign or verify its guest-session cookie, making the trust boundary between guest sessions trivially bypassable. A publicly available proof-of-concept exists per WPScan; EPSS is low at 0.14% (3rd percentile), suggesting limited observed exploitation despite automation feasibility confirmed by SSVC.
Unauthenticated personal data exfiltration in WP DSGVO Tools (GDPR) WordPress plugin before 3.1.40 allows any remote attacker to download the full GDPR personal data export of any user, customer, or commenter by supplying only their email address. The plugin's data subject access request (DSAR) immediate-processing path omits an authorization check, converting a legally mandated privacy feature into a privacy breach vector. A publicly available POC exploit exists, SSVC confirms the attack is automatable, and a vendor patch has been released at version 3.1.40.
Information disclosure in the Everest Forms WordPress plugin before 3.5.0 allows unauthenticated remote attackers to download other users' form submissions. The plugin generates temporary CSV files during email-notification processing but fails to reliably delete them, leaving them publicly accessible in the wp-content uploads directory under predictable, enumerable filenames. Publicly available exploit code exists and the flaw is automatable per CISA SSVC, though EPSS remains low at 0.14%; not listed in CISA KEV.
Insufficient data exists to characterize CVE-2026-55063 meaningfully. The sole intelligence signal is a vendor tag of 'ubuntu', suggesting the affected product may reside in the Ubuntu ecosystem, but no description, CVSS vector, CWE classification, or advisory has been provided. No impact, attack vector, affected versions, or exploitation conditions can be determined from the available data. Security teams should treat this record as unresolved until a vendor advisory or NVD enrichment is available.
CVE-2026-45096 has been assigned and attributed to Ubuntu (vendor source) but no description, CVSS score, vector, or CWE data is available at time of analysis. The vulnerability cannot be characterized beyond its association with the Ubuntu vendor track. Security teams should treat this as a placeholder record requiring active monitoring for descriptor updates from Canonical or NVD before any triage or remediation action can be taken.
CVE-2026-55645 is associated with Ubuntu based on vendor reporting, but no description, CVSS score, vector, or CWE data is available at time of analysis. The nature, impact, and scope of this vulnerability cannot be characterized from the provided intelligence. Security teams should consult the Ubuntu Security Notices (USN) portal directly for authoritative details as this advisory matures.
Insufficient data exists to characterize CVE-2026-53588 meaningfully. The only available intelligence signal is attribution to the Ubuntu vendor source; no description, CVSS vector, CWE classification, or reference URLs were provided in the input. Security teams cannot assess impact, affected versions, or exploitability from the current data. Monitor Ubuntu Security Notices (USN) and the NVD entry for this CVE as details are published.
Arbitrary symlink creation in the decompress npm package before 4.2.2 lets an attacker who supplies a crafted archive plant symlinks pointing outside the extraction directory, leading to information disclosure when the host application reads the extracted contents. The flaw stems from a symlink entry's linkname being passed straight to fs.symlink() without validation, while the existing anti-symlink guard only protects regular file entries. No public exploit has been identified at time of analysis, EPSS risk is low (0.17%, 6th percentile), and it is not listed in CISA KEV.
CVE-2026-55626 has no publicly available description, CVSS score, CWE classification, or technical detail at this time. The sole intelligence signal is attribution to 'vendor:ubuntu', indicating that Ubuntu/Canonical has reported or is associated with this vulnerability. No impact, attack vector, affected version range, or exploitation status can be determined from the available data. No public exploit identified at time of analysis.
Insufficient data exists to characterize CVE-2026-53589 beyond its association with Ubuntu as the reporting vendor. No description, CVSS score, CWE, CPE strings, references, EPSS score, KEV status, or patch information were provided in the intelligence feed. A meaningful impact statement cannot be synthesized from the available data without risking fabrication.
CVE-2026-49861 is a vulnerability reported via Ubuntu vendor channels for which no description, CVSS score, CWE classification, or technical detail is currently available in the provided intelligence data. The affected component, attack vector, and impact cannot be characterized from available sources. Security teams should monitor the Ubuntu Security Notices (USN) portal and the NVD entry for this CVE for updated technical details before attempting triage or remediation.
CVE-2026-45098 has no publicly available description, CVSS score, CWE classification, or technical details at time of analysis. The sole intelligence signal is a vendor:ubuntu source attribution, which may indicate the vulnerability was reported through Ubuntu's security tracker or affects an Ubuntu-packaged component. No impact, affected versions, attack vector, or exploitation status can be determined from available data.
CVE-2026-54538 is attributed to Ubuntu as the reporting vendor, but no description, CVSS score, vector, CWE classification, or supplementary intelligence is available at time of analysis. The vulnerability type, affected component, and impact cannot be characterized from the provided data. No determination of severity, exploitability, or affected versions is possible without additional vendor or NVD data.
CVE-2026-55238 has insufficient public data to characterize at time of analysis. The sole intelligence source is a Ubuntu vendor report, with no description, no CVSS scoring, no CWE classification, and no advisory content available. Security teams should treat this as an unverified, uncharacterized vulnerability pending vendor disclosure. No exploitation status, affected product details, or impact scope can be determined from available data.
CVE-2026-44178 affects Ubuntu (reported by the Ubuntu vendor) but no description, CVSS score, vector, or CWE data is available in the provided intelligence. The vulnerability details, impact scope, and exploitation conditions cannot be characterized without a description. This record should be treated as incomplete pending enrichment from NVD, Ubuntu Security Notices (USN), or CISA.
CVE-2026-45095 has no public description, CVSS score, CWE classification, or technical details available at time of analysis. The sole intelligence signal is a vendor report attributed to Ubuntu, indicating the CVE may affect software distributed through or by Canonical's Ubuntu platform. No impact, affected versions, exploitation status, or vulnerability class can be determined from available data. Security teams should monitor NVD, Ubuntu Security Notices (USN), and CISA for updates as this record is populated.
Insufficient intelligence data exists to characterize CVE-2026-42218 beyond its association with the Ubuntu vendor source. No description, CVSS vector, CWE classification, or additional references were provided, making a substantive impact assessment impossible. Security teams should query Ubuntu Security Notices (USN) or the Ubuntu CVE Tracker directly for authoritative details on affected packages and severity.
CVE-2026-41252 has been reported via the Ubuntu vendor channel, but no description, CVSS score, CWE classification, CPE data, or advisory references are available at this time. The affected product, vulnerability class, and impact cannot be determined from the provided intelligence. No exploitation status, patch availability, or technical details have been disclosed.
CVE-2026-57157 has no published description, CVSS score, or CWE at time of analysis. The sole intelligence signal is a vendor report attributed to Ubuntu, indicating the vulnerability may affect a package in the Ubuntu ecosystem. No impact, affected versions, attack vector, or exploitation details can be determined from the available data. This analysis cannot characterize the vulnerability beyond acknowledging its existence and Ubuntu provenance.
Insufficient public data exists to characterize CVE-2026-45092 with analytical confidence. The only intelligence signal available is a vendor report attributed to Ubuntu; no description, CVSS vector, CWE, CPE, EPSS score, KEV status, or reference URLs were supplied. No public exploit has been identified at time of analysis. This record should be treated as a placeholder requiring enrichment before any prioritization decision is made.
CVE-2026-44978 has insufficient public data to characterize at this time. The only confirmed intelligence source is a Ubuntu vendor report, but no description, CVSS metrics, CWE classification, or affected product details are available in the current dataset. Security teams should treat this as an unresolved entry requiring further data gathering before risk assessment or remediation decisions can be made.
CVE-2026-41521 is reported by Ubuntu (vendor source) but no description, CVSS score, vector, CWE, or any technical detail is available in the provided intelligence data. The affected component, vulnerability class, and impact are entirely unknown at this time. No assessment of attacker capability or affected user population is possible without additional data.
Insufficient data exists to characterize CVE-2026-55639 with confidence. The sole intelligence signal is a vendor source tag of 'ubuntu', suggesting the affected product is within the Ubuntu ecosystem, but no description, CVSS vector, CWE classification, or advisory text was provided. The vulnerability's impact, attack vector, and affected versions remain entirely uncharacterized from the available data.
CVE-2026-58385 is reported by Ubuntu as the sole intelligence source, but no description, CVSS score, CWE classification, or technical detail is available at this time. The affected product is inferred to be Ubuntu Linux or a component distributed through Ubuntu, but the vulnerability type, impact, and affected versions cannot be determined from the provided data. No meaningful synthesis is possible without a CVE description or supplementary intelligence.
CVE-2026-45094 has been reported by Ubuntu (vendor source) but no description, CVSS score, vector, or CWE data is available at time of analysis. The affected product or package within the Ubuntu ecosystem cannot be determined from available data. No impact, attack vector, or severity assessment can be made without a description or supporting intelligence.
Denial-of-service in the RTSP service of the Tenda CP3 V3.0 IP camera (firmware V31.1.9.91) lets remote unauthenticated attackers abruptly reset the streaming TCP connection by sending an RTSP request with an oversized field value. Rather than replying with an RFC 2326-compliant error, the service tears the connection down with a RST packet, indicating unsafe input handling in the RTSP parser that can disrupt video streaming. A public research report documenting the flaw exists on GitHub, but there is no CISA KEV listing and no confirmed active exploitation.
Insufficient data exists to characterize CVE-2026-45097 at this time. The only available intelligence signal is a vendor attribution to Ubuntu, with no description, CVSS score, CWE classification, or references provided. No independent synthesis is possible without a vulnerability description, affected version range, or technical details.
Arbitrary hardlink creation in the decompress npm package (before version 4.2.2) enables read disclosure and overwrite of any file accessible on the same filesystem as the extraction directory. When a victim extracts an attacker-crafted archive, the library passes the hardlink target path (x.linkname) directly to Node.js fs.link() without any path sanitization, allowing a hardlink inside the extraction directory to point at any file the process has access to. No CISA KEV listing exists and EPSS stands at 0.17% (7th percentile), reflecting low observed exploitation; however, the provided CVSS I:N metric conflicts with the description's explicit mention of file-overwrite capability, and in automated CI/CD pipelines the user-interaction barrier is effectively eliminated.
CVE-2026-58382 is associated with Ubuntu vendor reporting but contains no description, CVSS data, CWE classification, or technical detail in the available intelligence sources. No impact, affected component, or attack surface can be determined from the provided data. Analysis cannot be completed without additional source material from the vendor advisory or NVD entry.
CVE-2026-45093 is a vulnerability reported by Ubuntu with no description, CVSS score, vector, or CWE available at time of analysis. The affected product, impact class, and exploitation conditions are entirely unknown from provided intelligence. No meaningful risk characterization is possible without additional vendor disclosure.
CVE-2026-55564 has been reported by Ubuntu but carries no publicly available description, CVSS score, vector, or CWE classification at time of analysis. The affected product, vulnerability class, and impact scope are entirely unconfirmed from available intelligence. No assessment of attacker capability or victim exposure is possible without a description or vendor advisory detailing the flaw.
CVE-2026-58387 is attributed to Ubuntu (vendor source) but no description, CVSS score, CWE classification, or technical details are available in the provided intelligence data. The nature, impact, and exploitability of this vulnerability cannot be characterized at this time. No assessment of attacker capability, affected versions, or real-world risk is possible without additional data.
Insufficient data exists to characterize CVE-2026-57158 meaningfully. The CVE description is absent, no CVSS vector or score has been published, and the only available intelligence signal is a single vendor source tag ('vendor:ubuntu'). No impact, attack vector, or affected component can be determined from the provided data. Security teams should treat this as an unresolved entry requiring direct vendor advisory lookup before any risk decision is made.
CVE-2026-53590 has been reported by Ubuntu but contains no publicly available description, CVSS scoring, CWE classification, or technical detail at the time of this analysis. The absence of all structured vulnerability data - description, vector, severity, and CWE - makes it impossible to characterize the impact, affected component, or exploitation conditions. No public exploit has been identified, and no KEV listing exists. Security teams should monitor the Ubuntu Security Notices (USN) portal for updated advisories.
Insufficient data exists to characterize CVE-2026-49863 meaningfully. The only available intelligence signal is a reporter attribution of 'vendor:ubuntu', suggesting the vulnerability affects a package or component within the Ubuntu ecosystem. No description, CVSS vector, CWE classification, affected version range, or exploitation status has been provided, making substantive analysis impossible at this time.
Insufficient data exists to characterize CVE-2026-58388 beyond its Ubuntu vendor attribution. No description, CVSS vector, CWE classification, affected version range, or technical detail was provided in the intelligence feed. The only confirmed data point is that Ubuntu (Canonical) reported or acknowledged this CVE. No impact, attack vector, or exploitation conditions can be stated without fabricating information.
CVE-2026-58383 is a vulnerability reported by Ubuntu with no public description, CVSS score, CWE classification, or technical detail available at time of analysis. The affected component, impact, and exploitation conditions are entirely unknown from the provided data. No meaningful synthesis is possible beyond the vendor attribution to Ubuntu.
CVE-2026-49862 cannot be meaningfully summarized - the description field is absent and no technical intelligence is available beyond a vendor attribution to Ubuntu. No CVSS score, CWE classification, affected product details, or advisory references were provided in the input data. Security teams should consult the Ubuntu Security Notices (USN) portal and the NVD entry directly before making any risk decisions.
CVE-2026-58386 is reported by Ubuntu with no description, CVSS score, CWE classification, or additional intelligence available at time of analysis. The affected product, vulnerability class, and impact cannot be determined from the provided data. Security teams should consult Ubuntu Security Notices (USN) directly for authoritative details on this CVE.
Cross-origin WebSocket hijacking in the Cline Hub dashboard server (the process started by `cline dashboard`) before version 3.0.30 lets a malicious website drive an active local Cline session. Because the /browser WebSocket endpoint does not validate the Origin header and isAuthorizedBrowserRequest() trusts any request when ROOM_SECRET is unset on a 127.0.0.1 bind, any site a victim visits can send desktopCommand frames to read workspace state, alter MCP and provider/model settings, and-when a provider or model is configured-invoke command execution on the developer's machine. There is no public exploit identified at time of analysis and it is not in CISA KEV; the flaw is a classic origin-validation gap (CWE-346) fixed in 3.0.30.
Sandbox escape in Google Chrome on Windows prior to 150.0.7871.115 allows an attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page, chaining a codec input-validation flaw into higher-privileged host-process compromise. The bug is rated High by Chromium and carries a CVSS 8.3 with a scope-changing vector reflecting the sandbox-boundary crossing. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Sandbox escape in Google Chrome's GetUserMedia (WebRTC media capture) implementation allows an attacker who has already compromised the renderer process to break out of the browser sandbox by exploiting a race condition via a crafted HTML page, affecting all desktop Chrome builds prior to 150.0.7871.115. Rated High by Chromium and scored CVSS 8.3, this is a second-stage exploitation primitive typically chained after an initial renderer RCE; no public exploit identified at time of analysis and it is not listed in CISA KEV. A vendor patch is available in the 150.0.7871.115 Stable channel release.
Heap corruption in Google Chrome's Codecs component allows a remote attacker to trigger out-of-bounds read and write operations by luring a victim to open or play a crafted video file, affecting all desktop builds prior to 150.0.7871.115. Rated High by Chromium and CVSS 8.8, it requires user interaction (viewing malicious media) but no privileges, and combines information disclosure with potential memory corruption that could lead to code execution. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Uninitialized memory use in Chrome's ANGLE graphics layer exposes potentially sensitive process memory contents to remote attackers across all desktop Chrome versions prior to 150.0.7871.115. The flaw is triggered by a crafted HTML page requiring user interaction, limiting automated mass exploitation - consistent with SSVC classifying it as non-automatable with partial technical impact. No public exploit code exists and EPSS sits at 0.18% (7th percentile), but Chrome's ubiquitous deployment footprint and the high confidentiality impact still justify prompt patching.
Information disclosure in Wireshark's BLF file parser affects versions 4.6.0-4.6.6 and 4.4.0-4.4.16, stemming from use of an uninitialized variable (CWE-457) that may expose portions of process memory when parsing a crafted BLF file. Exploitation is constrained by a local attack vector, high attack complexity, and mandatory user interaction - a victim must actively open a malicious file. With a CVSS score of 2.5, no CISA KEV listing, and no public exploit identified at time of analysis, this is a low-priority finding with a narrow, socially-engineered attack surface.
Certificate revocation bypass in etcd affects clusters running versions before 3.5.32 and before 3.6.13 that are configured with --listen-client-http-urls to serve HTTP and gRPC client traffic on separate listeners. In that split-listener mode the --client-crl-file Certificate Revocation List is silently ignored on the gRPC listener, so a client presenting a certificate the operator has explicitly revoked can still complete mutual-TLS authentication and gain full read/write access to the key-value store. There is no public exploit identified at time of analysis and EPSS is low (0.36%), but the technical impact is total for anyone relying on CRL-based deauthorization.
Wasmtime's WASI filesystem implementation allows a sandboxed WebAssembly guest to overwrite host files that were intentionally exposed as read-only preopens. The wasmtime-wasi component checks directory-level permissions during hard-link creation (path_link) and rename (path_rename) operations but fails to verify that the source and destination preopens carry matching FilePerms flags - meaning FilePerms::READ enforcement is bypassed at the operation level. Affected versions span multiple major release trains (prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1); no public exploit code or CISA KEV listing is present at time of analysis, but the scope change from guest sandbox to host filesystem makes this a meaningful sandbox-escape class defect.
LiveQuery in Parse Server leaks unauthorized object field values to authenticated subscribers when a single save operation simultaneously modifies a sensitive field and the subscriber's ACL read access, because leave and enter events are built from the wrong object state. Affected deployments run parse-server below 8.6.83 (stable branch) or below 9.9.1-alpha.13 (v9 alpha branch) with LiveQuery enabled. The CVSS 4.0 score of 2.3 and AT:P prerequisite correctly reflect that exploitation is constrained to a specific co-mutation timing condition; no public exploit identified and no KEV listing exists at time of analysis.
Denial of service in Parse Server (versions prior to 8.6.82 and 9.9.1-alpha.12) allows remote attackers to hang the Node.js event loop by submitting deeply nested $or, $and, or $nor query operators through the REST API or LiveQuery interface, triggering exponential-time processing in the internal query-traversal helper. Because the vulnerable code path is reachable without authentication and consumes CPU without bound, a single crafted request can render the backend unresponsive to all clients. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in the Elysia TypeScript web framework (versions prior to 1.4.29) lets remote unauthenticated attackers exhaust server CPU by submitting multipart/form-data requests containing many unique key-value pairs. Elysia's form-data normalization uses getAll in a way that scales quadratically with the number of fields, so a single crafted request can consume disproportionate processing time and stall the event loop. A public technical write-up demonstrating the quadratic behavior exists, but there is no evidence of active exploitation; EPSS was not provided.
Credential disclosure in GitLab Enterprise Edition allows an authenticated maintainer-role user to retrieve another user's stored credentials through insufficient authorization controls. All GitLab EE versions from 9.5 through the patched releases (18.11.7, 19.0.4, and 19.1.2) are affected, representing a broad historical exposure window spanning multiple major releases. No public exploit identified at time of analysis; the vulnerability was disclosed via HackerOne responsible disclosure (report 3720483), and GitLab has issued patched versions.
Content spoofing in GitLab CE/EE versions 16.5 through 18.x, 19.0, and 19.1 allows authenticated users to construct repositories where the web interface renders content that diverges from the actual downloadable source, exploiting improper Git reference name resolution (CWE-706). The CVSS score of 3.5 (Low) reflects the authentication requirement (PR:L), mandatory viewer interaction (UI:R), and limited integrity-only impact with no confidentiality or availability consequences. No public exploit code or CISA KEV listing has been identified at time of analysis, placing real-world risk firmly in the low tier despite the broad version range affected.
Broken object-level authorization in the nl-portal-backend-libraries GraphQL API exposes sensitive personal data belonging to arbitrary users to any authenticated caller. Two resolvers - document content retrieval (all published versions of nl.nl-portal:documenten-api since 0.2.2.RELEASE, 2023) and the besluiten (decisions) module (nl.nl-portal:besluiten 1.5.0-3.0.0) - were declared without a CommonGroundAuthentication parameter, causing the Spring framework to never bind the authenticated principal into the call path and leaving ownership checks impossible at the resolver level. The two endpoints chain naturally: an attacker enumerates decision records and their attached document IDs via the besluit queries, then exfiltrates raw document content through the document endpoint; decisions frequently contain government benefit, permit, and objection rulings, giving the exposure high real-world sensitivity. No public exploit has been identified at time of analysis, and this was discovered during a structured penetration testing engagement in May 2026.
Differential extraction in async-tar 0.6.0 enables content-smuggling attacks against scan-then-extract pipelines: an attacker who controls the bytes of a tar stream can construct an archive that GNU-tar-based AV scanners see as a single benign blob while async-tar writes a distinct executable payload to disk that the scanner never inspected. The root cause is in poll_next_raw (src/archive.rs), which mis-applies a buffered PAX local-extension size record to an intermediary GNU longname (L) header rather than restricting the override to the following file entry, desyncing the stream cursor from any POSIX-correct parser. No public exploitation in the wild or CISA KEV listing has been identified, but a fully functional proof-of-concept with verbatim captured output is included in the advisory, demonstrating the complete x → L → file smuggling sequence.
Sensitive file exfiltration in Composio SDK (the @composio/cli package) before 0.2.32-beta.283 lets attackers steal credential files by abusing a missing path-safety check in the readFileFromDisk function of tool-file-uploads.ts. Because the assertSafeFileUploadPath guard is absent, an attacker who can influence the agent's prompt can manipulate file_uploadable parameters to point at arbitrary paths such as ~/.ssh private keys, causing the CLI to upload those files to attacker-controlled storage. There is no public exploit identified at time of analysis, but the upstream fix, issue, and pull request are all public, which lowers the bar for reproduction.
Container-to-host sandbox escape in HashiCorp Nomad and Nomad Enterprise lets an authenticated job submitter using the Docker task driver bind-mount an arbitrary host path into their container even when volume bind mounts are administratively disabled, enabling read and write access to files on the underlying host. The scope-changing flaw (CVSS 3.1 8.7) affects the Community and Enterprise editions and is fixed in Nomad 2.0.4 (CE), and Enterprise 2.0.4, 1.11.8, and 1.10.14. There is no public exploit identified at time of analysis and it is not on CISA KEV.
Path redirection via the writeToFile template helper in consul-template before 0.42.1 allows a local low-privileged attacker to redirect template output outside the intended destination directory or overwrite existing files on the filesystem. Because consul-template routinely renders sensitive secrets from HashiCorp Vault, Consul, and AWS Secrets Manager into local files, successful exploitation can expose those secrets by redirecting writes to attacker-readable locations. No public exploit code or CISA KEV listing is associated with this vulnerability at time of analysis.
Unauthorized information disclosure in Hoppscotch prior to 2026.6.0 exposes mock servers linked to private collections to the public internet without authentication. The mock server creation logic in mock-server.service.ts silently drops the caller-supplied isPublic flag, while the Prisma schema defaults isPublic to true, so servers intended to be private are created as public. An unauthenticated remote attacker who reaches the mock endpoint can retrieve sensitive API data (schemas, example payloads, headers) the owner assumed was private; no public exploit was identified at time of analysis and the flaw is not in CISA KEV.
Root-level device takeover affects the Allwinner H616-based TV98 Android TV Box, which ships to production with the Android Debug Bridge (ADB) daemon enabled and reachable over the network (TCP/5555). A network attacker can send an ADB authorization request, and if the victim accepts the RSA key confirmation prompt on the device, the attacker obtains a root shell. Classified under CWE-489 (leftover debug functionality), there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though the attack is trivial once a user approves the pairing.
{id}/members endpoint returns full UserModelResponse objects, inadvertently exposing toolServers API keys and webhook configuration belonging to other channel members. No public exploit is identified at time of analysis, but the low exploitation complexity and high value of the exposed credentials (tool server keys enable lateral access to integrated AI tooling infrastructure) elevate practical risk above what the 6.0 CVSS score alone suggests.
Session revocation bypass in Open WebUI 0.9.0 through 0.9.x (deployments configured with Redis) lets a holder of a revoked JWT keep authenticating realtime Socket.IO connections. The flaw stems from first-message authentication for Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket calling decode_token without the Redis-backed is_valid_token revocation check, so logout, forced-logout, or token invalidation does not sever active realtime access. No public exploit is identified at time of analysis and it is not listed in CISA KEV; the fix is version 0.10.0.
Cache key misconfiguration in Open WebUI versions 0.6.27 through 0.9.x leaks permission-filtered model lists across authenticated users during the aiocache TTL window. The flaw exists in both the OpenAI and Ollama router handlers, where a lambda was incorrectly passed as the cache key instead of a per-user key_builder, collapsing all users into a single shared cache entry. An authenticated attacker on a shared instance can receive a different user's model list - revealing which AI models that user has access to - with no public exploit identified at time of analysis and a vendor-released patch available in v0.10.0.
Temporary connection denial-of-service in the RTSP service of the MERCURY MIPC252W IP camera (firmware v1.0.5 Build 230306 Rel.79931n) lets an unauthenticated remote attacker wedge an individual TCP connection by sending an RTSP request that declares a Content-Length but includes no message body. The malformed parser enters a body-waiting state and silently swallows all further data on that socket until a server-side timeout closes it. Despite an NVD CVSS of 9.8 and an 'Information Disclosure' tag, the described behavior is a single-connection availability nuisance with no confidentiality or integrity impact; no public exploit is identified at time of analysis and EPSS is low at 0.18% (8th percentile).
Timing-based account enumeration in Open WebUI prior to 0.10.0 exposes whether any given email address is registered on a self-hosted AI instance. The /api/v1/auths/signin endpoint only invokes bcrypt password verification when a matching email record exists, making registered-account login attempts measurably slower than attempts against unregistered emails - a classic CWE-208 timing oracle. Unauthenticated remote attackers can exploit this discrepancy at scale to harvest valid account emails, which can then fuel credential stuffing or targeted phishing. No public exploit code or CISA KEV listing has been identified, and the vendor has released a fix in v0.10.0.
Credential disclosure in n8n workflow automation (versions prior to 1.123.61, 2.27.4, and 2.28.1) allows an authenticated member holding use-only editor access to a shared workflow to read credential-populated HTTP headers via the $request object inside an HTTP Request node's pagination expression, then exfiltrate the secret through returned item data. This defeats n8n's credential-hiding model, which is supposed to prevent low-privilege collaborators from seeing the underlying secret values. No public exploit identified at time of analysis, and it is not listed in CISA KEV; the EPSS/POC signals were not provided.
Privilege escalation via prototype pollution in n8n workflow automation lets an authenticated low-privilege user (holding the default workflow:create permission) corrupt Object.prototype through a crafted workflow saved, updated, or imported via the workflow API. Once polluted, subsequent unauthenticated requests are evaluated as a privileged user, exposing internal user and project listing endpoints. This is an information-disclosure and access-control flaw with no public exploit identified at time of analysis; CVSS 4.0 base score is 7.1.
Credential secret exfiltration in n8n (self-hosted workflow automation) prior to 2.27.4 and 2.28.1 lets a low-privilege member with use-only access to a shared credential leak that secret to an attacker-controlled server. The AI Agents feature fails to enforce the 'Allowed HTTP Request Domains' restriction when an MCP tool is aimed at an arbitrary URL, so the guardrail meant to keep secrets in-bounds is bypassed. No public exploit identified at time of analysis; risk is elevated because the abuse comes from an already-authorized internal user rather than an outside attacker.
Denial of service in Cesanta Mongoose before 7.22 lets a remote, unauthenticated attacker crash any TLS service (HTTPS, MQTTS, or WSS) built on the MG_TLS_BUILTIN stack by sending a single crafted TLS ClientHello whose session_id_len byte is used as an unvalidated buffer index, triggering an out-of-bounds read. The flaw sits in the built-in TLS server handshake function mg_tls_server_recv_hello() and requires no authentication or user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the trigger is trivial and the issue was disclosed by VulnCheck.
Guest-to-host privilege escalation in varstored, the Xapi (XenServer/XCP-ng/Citrix Hypervisor) toolstack daemon that services UEFI variable requests for VMs, allows a malicious guest to corrupt control flow in the host-side process. Missing compiler barriers on a buffer shared with in-guest OVMF create a time-of-check/time-of-use race (CWE-367) that, in default builds, lets the attacker control an index into a jump table - yielding attacker-influenced execution in the toolstack. Tracked as Xen Security Advisory XSA-478 with a CVSS 4.0 base score of 9.4; no public exploit identified at time of analysis and not listed in CISA KEV.
Denial-of-service and database-corruption in Xen's XAPI toolstack (the XenAPI management layer used by XCP-ng and Citrix/XenServer Hypervisor) lets clients that submit object updates crash the database event thread or write strings that permanently prevent the database from loading. Three distinct input-validation defects are covered by XSA-474: notifications built from unsanitised input, a UTF-8 encoder that follows Unicode 3.0 while dependent libraries enforce the stricter 3.1 spec, and a total absence of sanitisation for Map/Set object updates. No public exploit has been identified at time of analysis and it is not on CISA KEV; the CVSS 4.0 base score is 9.4.
Prototype pollution in the enquirer npm package (versions up to 2.4.1) allows remote authenticated attackers to manipulate JavaScript Object.prototype attributes by injecting a crafted value into the question.name argument of the Enquirer.set() function. The vulnerability carries a low CVSS 4.0 score of 2.1, reflecting limited integrity-only impact scoped to the vulnerable system with no confidentiality or availability consequence. Publicly available exploit code exists via GitHub issue #487, though no active exploitation has been confirmed in CISA KEV.
{bookID}/notes carries no authentication middleware, and supplying ?deleted=true causes the service to invoke GORM's Unscoped() while retaining the is_public=true authorization branch, allowing any network-accessible actor to retrieve titles, slugs, and timestamps of notes an owner deliberately deleted from a public book. No active exploitation is confirmed (not listed in CISA KEV), though a fully functional proof of concept is embedded in the vendor advisory, and exploitation requires only a single crafted HTTP GET request.
Resource identifier manipulation in macrozheng mall up to 1.0.3 allows authenticated remote attackers to access or affect return-application records belonging to other users by substituting arbitrary orderId values in POST requests to /returnApply/create. The flaw is classified as CWE-99 (Improper Control of Resource Identifiers), consistent with an Insecure Direct Object Reference (IDOR) pattern in the Portal Endpoint. A public exploit is available, and the vendor deleted the corresponding GitHub issue without comment, raising concerns about coordinated disclosure and patch status.
Cross-tenant data exfiltration in Google Cloud Apigee (versions prior to 2026-06-12) is possible via improper input validation in the BigQuery Data Access Object (DAO) component. An authenticated attacker with high-privilege access can craft requests that bypass tenant isolation boundaries, accessing confidential data belonging to other Apigee tenants on Google Cloud Platform. Google patched this server-side on June 12, 2026 with no customer action required; no public exploit or CISA KEV listing has been identified at time of analysis.
Remote code execution in Xerte Online Tools (versions before 3.14.6 and before 3.15.5) allows an attacker with access to the tools server settings to repoint the configured antivirus scanner binary path to a PHP interpreter, so that subsequently uploaded PHP content is passed to that interpreter and executed on the server. The input CVSS scores this 9.8 (unauthenticated network vector), but the described attack path hinges on modifying server-side settings, which typically requires administrative access — a contradiction worth flagging. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; a vendor patch is available.
Out-of-bounds read in GPAC MP4Box version 26.03-DEV allows local low-privileged attackers to cause a low-severity availability impact by supplying a crafted input that manipulates the `num_langs` argument in the `vobsub_read_idx` function of `vobsub.c`. A proof-of-concept exploit has been publicly disclosed via GitHub issue #3611 and the CVSS 4.0 E:P modifier confirms its availability. Two upstream commits have been applied to address the flaw, though no standalone patched release version has been independently confirmed.
Out-of-bounds read and reachable assertion vulnerabilities in Samsung's open-source Escargot JavaScript engine allow a local attacker to cause a denial of service and limited data manipulation by supplying crafted JavaScript input. All versions prior to commit 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c are affected, with the primary real-world impact being an availability loss (crash) and low-confidence integrity effect. No public exploit code or CISA KEV listing has been identified at time of analysis.
Type confusion (CWE-843) in Samsung's open-source Escargot JavaScript engine enables pointer manipulation, leading to high-impact availability disruption and limited integrity compromise when processing malicious JavaScript. All Escargot versions prior to commit 779f6bedf58f334dec64b0a51ebb724b4708b84a are affected, with particular relevance to Samsung embedded and smart appliance ecosystems where this engine is deployed. No public exploit has been identified at time of analysis, and an upstream fix is available via GitHub PR #1580, though a formally versioned release has not been independently confirmed.
Out-of-bounds read and write vulnerabilities in Samsung's open-source Escargot JavaScript engine allow a local attacker to cause memory corruption leading to high availability impact and limited integrity compromise. All Escargot versions prior to commit 779f6bedf58f334dec64b0a51ebb724b4708b84a are affected, with the engine's primary deployment in Samsung TV appliance and IoT platforms. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in CISA KEV; however, the CVSS-assigned high availability impact and the buffer overflow primitive make crash-based denial-of-service the primary realistic threat.
Sensitive configuration data and credentials are exposed in API responses within HCL DevOps Deploy / HCL Launch, affecting all maintained version branches from 7.3 through 8.2.1.0. Any authenticated user with low-privilege access can retrieve secrets through standard API interactions, creating a stepping-stone for lateral movement or privilege escalation across connected deployment targets. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in CISA KEV, but real-world risk is elevated because CI/CD platforms routinely store high-value credentials for downstream infrastructure.
Sensitive-information disclosure in HCL DevOps Deploy (formerly UrbanCode Deploy) versions 8.1 through 8.1.2.6 and 8.2 through 8.2.1.0 stems from an overly permissive Cross-Origin Resource Sharing (CORS) policy that fails to restrict allowed origins to trusted domains. Because the application accepts or reflects arbitrary origins, an attacker-controlled web page can issue cross-origin credentialed requests against an authenticated user's session to read protected data and invoke privileged actions. There is no public exploit identified at time of analysis, EPSS is low (0.23%, 13th percentile), and CISA SSVC rates exploitation as none.
Sensitive information disclosure in HCL DevOps Deploy / HCL Launch exposes credentials or operational data stored in application log files to any local user who can read those files. Affected across four major release branches (7.3, 8.0, 8.1, and 8.2), the vulnerability stems from CWE-532, where the application writes sensitive material into logs without adequate sanitization or access restriction. No public exploit code has been identified at time of analysis, and the flaw is not listed in the CISA KEV catalog, but the high confidentiality impact (C:H) and zero-privilege local access condition elevate real-world concern in multi-tenant or shared-host deployments.
Privilege escalation via configuration synchronization in Nozomi Networks Guardian and Central Management Console (CMC) lets an authenticated low-privilege user push administrative CLI commands to managed Arc sensors, because those sensors incorrectly inherit CLI permissions during sync. Successful abuse alters device configuration and can degrade or disable sensor availability, undermining OT/ICS monitoring integrity. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; risk is elevated by the network-reachable, low-privilege (PR:L) attack path against a security-critical appliance.
Stored HTML injection in Nozomi Networks Guardian and CMC (N2OS) allows authenticated administrators to embed malicious HTML into configuration data rendered in the Diagram tab and Graph view, enabling phishing and open redirect attacks against other authenticated users who view the affected pages. The vulnerability originates from a shared input validation function applied across multiple input vectors in N2OS that is insufficiently restrictive, permitting certain HTML tags to persist. Full XSS exploitation and direct information disclosure are explicitly constrained by existing input validation and a Content Security Policy, limiting realistic attacker impact to social engineering vectors. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis.
Privilege escalation in VMware Pinniped's Kubernetes authentication layer allows an attacker who already controls Active Directory group distinguished names to gain elevated Kubernetes RBAC permissions beyond their legitimate entitlements. The flaw affects Pinniped v0.11.0 through v0.46.0 when the Supervisor is configured with an ActiveDirectoryIdentityProvider and a specific empty groupName attribute, and only when an attacker simultaneously holds write access to AD group entries and valid AD user credentials. No public exploit code exists and this is not listed in CISA KEV; the vendor CVSS score of 3.8 (Low) reflects the highly constrained exploitation prerequisites.
Sensitive information exposure in the Backup and Staging by WP Time Capsule WordPress plugin (all versions through 1.22.26) allows authenticated attackers with subscriber-level access to download a previously admin-decrypted SQL database backup via the unprotected `download_recent_decrypted_file_wptc` endpoint. The downloaded backup typically contains WordPress password hashes, user credentials, and site configuration data stored in the `recent_decrypted_file` plugin option. No public exploit code exists at time of analysis, but the vulnerability is conditionally exploitable wherever subscriber-level user registration is enabled and an administrator has recently used the plugin's decrypt function.
Local File Inclusion in the WPFunnels WordPress plugin (all versions through 3.12.7) allows authenticated administrators to include and execute arbitrary PHP files on the server via the unsanitized `logKey` parameter, yielding full remote code execution when combined with file upload capability. The attack requires administrator-level WordPress credentials and high complexity - specifically the ability to place a PHP file on the server - materially limiting the exploitable population. No public exploit code or CISA KEV listing has been identified at time of analysis, placing this in a routine-patching priority tier despite its severe potential impact.
Adversary-in-the-middle credential theft and privilege escalation affects Cloud Foundry UAA (User Account and Authentication server) prior to v78.13.0 and cf-deployment prior to v56.2.0, where LDAP StartTLS unconditionally disables TLS hostname verification. An attacker positioned on the network path between UAA and its LDAP directory can present any certificate issued by any trusted CA to impersonate the directory, harvesting the LDAP bind password plus every end-user password submitted during simple-bind authentication and injecting forged group memberships that grant attacker-controlled admin scopes. There is no public exploit identified at time of analysis, no CISA KEV listing, and EPSS was not provided, but the CVSS 4.0 base score is 9.3 (Critical).
Predictable SSH credential generation in Cloud Foundry's bosh-windows-stemcell-builder (versions prior to v2019.98) lets attackers brute-force the SSH login on TCP/22 because the GenerateRandomPassword function relies on a cryptographically weak random number generator, drastically shrinking the effective password keyspace. Any Windows stemcell built with an affected release ships with a guessable administrative password, so an attacker who can reach port 22 of a deployed VM can recover interactive access and full control. No public exploit code has been identified at time of analysis and the issue is not listed in CISA KEV.
Local privilege escalation in BOSH-Ecosystem bosh-windows-stemcell-builder (versions prior to v2019.98) lets a low-privilege authenticated Windows user overwrite the BOSH agent executables at C:\bosh\service_wrapper.exe or C:\bosh\bosh-agent.exe, which then run as NT AUTHORITY\SYSTEM on the next service restart or reboot, yielding full host control. The weakness stems from overly permissive filesystem ACLs applied by BOSH.Utils.psm1 when the stemcell is built. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Cookie forgery in WP Support Plus Responsive Ticket System (WordPress plugin ≤9.1.2) allows unauthenticated network attackers to impersonate any guest ticket owner by crafting an unsigned guest-session cookie containing the victim's email address, then reading, replying to, and closing that user's support tickets. The plugin fails to sign or verify its guest-session cookie, making the trust boundary between guest sessions trivially bypassable. A publicly available proof-of-concept exists per WPScan; EPSS is low at 0.14% (3rd percentile), suggesting limited observed exploitation despite automation feasibility confirmed by SSVC.
Unauthenticated personal data exfiltration in WP DSGVO Tools (GDPR) WordPress plugin before 3.1.40 allows any remote attacker to download the full GDPR personal data export of any user, customer, or commenter by supplying only their email address. The plugin's data subject access request (DSAR) immediate-processing path omits an authorization check, converting a legally mandated privacy feature into a privacy breach vector. A publicly available POC exploit exists, SSVC confirms the attack is automatable, and a vendor patch has been released at version 3.1.40.
Information disclosure in the Everest Forms WordPress plugin before 3.5.0 allows unauthenticated remote attackers to download other users' form submissions. The plugin generates temporary CSV files during email-notification processing but fails to reliably delete them, leaving them publicly accessible in the wp-content uploads directory under predictable, enumerable filenames. Publicly available exploit code exists and the flaw is automatable per CISA SSVC, though EPSS remains low at 0.14%; not listed in CISA KEV.
Insufficient data exists to characterize CVE-2026-55063 meaningfully. The sole intelligence signal is a vendor tag of 'ubuntu', suggesting the affected product may reside in the Ubuntu ecosystem, but no description, CVSS vector, CWE classification, or advisory has been provided. No impact, attack vector, affected versions, or exploitation conditions can be determined from the available data. Security teams should treat this record as unresolved until a vendor advisory or NVD enrichment is available.
CVE-2026-45096 has been assigned and attributed to Ubuntu (vendor source) but no description, CVSS score, vector, or CWE data is available at time of analysis. The vulnerability cannot be characterized beyond its association with the Ubuntu vendor track. Security teams should treat this as a placeholder record requiring active monitoring for descriptor updates from Canonical or NVD before any triage or remediation action can be taken.
CVE-2026-55645 is associated with Ubuntu based on vendor reporting, but no description, CVSS score, vector, or CWE data is available at time of analysis. The nature, impact, and scope of this vulnerability cannot be characterized from the provided intelligence. Security teams should consult the Ubuntu Security Notices (USN) portal directly for authoritative details as this advisory matures.
Insufficient data exists to characterize CVE-2026-53588 meaningfully. The only available intelligence signal is attribution to the Ubuntu vendor source; no description, CVSS vector, CWE classification, or reference URLs were provided in the input. Security teams cannot assess impact, affected versions, or exploitability from the current data. Monitor Ubuntu Security Notices (USN) and the NVD entry for this CVE as details are published.
Arbitrary symlink creation in the decompress npm package before 4.2.2 lets an attacker who supplies a crafted archive plant symlinks pointing outside the extraction directory, leading to information disclosure when the host application reads the extracted contents. The flaw stems from a symlink entry's linkname being passed straight to fs.symlink() without validation, while the existing anti-symlink guard only protects regular file entries. No public exploit has been identified at time of analysis, EPSS risk is low (0.17%, 6th percentile), and it is not listed in CISA KEV.
CVE-2026-55626 has no publicly available description, CVSS score, CWE classification, or technical detail at this time. The sole intelligence signal is attribution to 'vendor:ubuntu', indicating that Ubuntu/Canonical has reported or is associated with this vulnerability. No impact, attack vector, affected version range, or exploitation status can be determined from the available data. No public exploit identified at time of analysis.
Insufficient data exists to characterize CVE-2026-53589 beyond its association with Ubuntu as the reporting vendor. No description, CVSS score, CWE, CPE strings, references, EPSS score, KEV status, or patch information were provided in the intelligence feed. A meaningful impact statement cannot be synthesized from the available data without risking fabrication.
CVE-2026-49861 is a vulnerability reported via Ubuntu vendor channels for which no description, CVSS score, CWE classification, or technical detail is currently available in the provided intelligence data. The affected component, attack vector, and impact cannot be characterized from available sources. Security teams should monitor the Ubuntu Security Notices (USN) portal and the NVD entry for this CVE for updated technical details before attempting triage or remediation.
CVE-2026-45098 has no publicly available description, CVSS score, CWE classification, or technical details at time of analysis. The sole intelligence signal is a vendor:ubuntu source attribution, which may indicate the vulnerability was reported through Ubuntu's security tracker or affects an Ubuntu-packaged component. No impact, affected versions, attack vector, or exploitation status can be determined from available data.
CVE-2026-54538 is attributed to Ubuntu as the reporting vendor, but no description, CVSS score, vector, CWE classification, or supplementary intelligence is available at time of analysis. The vulnerability type, affected component, and impact cannot be characterized from the provided data. No determination of severity, exploitability, or affected versions is possible without additional vendor or NVD data.
CVE-2026-55238 has insufficient public data to characterize at time of analysis. The sole intelligence source is a Ubuntu vendor report, with no description, no CVSS scoring, no CWE classification, and no advisory content available. Security teams should treat this as an unverified, uncharacterized vulnerability pending vendor disclosure. No exploitation status, affected product details, or impact scope can be determined from available data.
CVE-2026-44178 affects Ubuntu (reported by the Ubuntu vendor) but no description, CVSS score, vector, or CWE data is available in the provided intelligence. The vulnerability details, impact scope, and exploitation conditions cannot be characterized without a description. This record should be treated as incomplete pending enrichment from NVD, Ubuntu Security Notices (USN), or CISA.
CVE-2026-45095 has no public description, CVSS score, CWE classification, or technical details available at time of analysis. The sole intelligence signal is a vendor report attributed to Ubuntu, indicating the CVE may affect software distributed through or by Canonical's Ubuntu platform. No impact, affected versions, exploitation status, or vulnerability class can be determined from available data. Security teams should monitor NVD, Ubuntu Security Notices (USN), and CISA for updates as this record is populated.
Insufficient intelligence data exists to characterize CVE-2026-42218 beyond its association with the Ubuntu vendor source. No description, CVSS vector, CWE classification, or additional references were provided, making a substantive impact assessment impossible. Security teams should query Ubuntu Security Notices (USN) or the Ubuntu CVE Tracker directly for authoritative details on affected packages and severity.
CVE-2026-41252 has been reported via the Ubuntu vendor channel, but no description, CVSS score, CWE classification, CPE data, or advisory references are available at this time. The affected product, vulnerability class, and impact cannot be determined from the provided intelligence. No exploitation status, patch availability, or technical details have been disclosed.
CVE-2026-57157 has no published description, CVSS score, or CWE at time of analysis. The sole intelligence signal is a vendor report attributed to Ubuntu, indicating the vulnerability may affect a package in the Ubuntu ecosystem. No impact, affected versions, attack vector, or exploitation details can be determined from the available data. This analysis cannot characterize the vulnerability beyond acknowledging its existence and Ubuntu provenance.
Insufficient public data exists to characterize CVE-2026-45092 with analytical confidence. The only intelligence signal available is a vendor report attributed to Ubuntu; no description, CVSS vector, CWE, CPE, EPSS score, KEV status, or reference URLs were supplied. No public exploit has been identified at time of analysis. This record should be treated as a placeholder requiring enrichment before any prioritization decision is made.
CVE-2026-44978 has insufficient public data to characterize at this time. The only confirmed intelligence source is a Ubuntu vendor report, but no description, CVSS metrics, CWE classification, or affected product details are available in the current dataset. Security teams should treat this as an unresolved entry requiring further data gathering before risk assessment or remediation decisions can be made.
CVE-2026-41521 is reported by Ubuntu (vendor source) but no description, CVSS score, vector, CWE, or any technical detail is available in the provided intelligence data. The affected component, vulnerability class, and impact are entirely unknown at this time. No assessment of attacker capability or affected user population is possible without additional data.
Insufficient data exists to characterize CVE-2026-55639 with confidence. The sole intelligence signal is a vendor source tag of 'ubuntu', suggesting the affected product is within the Ubuntu ecosystem, but no description, CVSS vector, CWE classification, or advisory text was provided. The vulnerability's impact, attack vector, and affected versions remain entirely uncharacterized from the available data.
CVE-2026-58385 is reported by Ubuntu as the sole intelligence source, but no description, CVSS score, CWE classification, or technical detail is available at this time. The affected product is inferred to be Ubuntu Linux or a component distributed through Ubuntu, but the vulnerability type, impact, and affected versions cannot be determined from the provided data. No meaningful synthesis is possible without a CVE description or supplementary intelligence.
CVE-2026-45094 has been reported by Ubuntu (vendor source) but no description, CVSS score, vector, or CWE data is available at time of analysis. The affected product or package within the Ubuntu ecosystem cannot be determined from available data. No impact, attack vector, or severity assessment can be made without a description or supporting intelligence.
Denial-of-service in the RTSP service of the Tenda CP3 V3.0 IP camera (firmware V31.1.9.91) lets remote unauthenticated attackers abruptly reset the streaming TCP connection by sending an RTSP request with an oversized field value. Rather than replying with an RFC 2326-compliant error, the service tears the connection down with a RST packet, indicating unsafe input handling in the RTSP parser that can disrupt video streaming. A public research report documenting the flaw exists on GitHub, but there is no CISA KEV listing and no confirmed active exploitation.
Insufficient data exists to characterize CVE-2026-45097 at this time. The only available intelligence signal is a vendor attribution to Ubuntu, with no description, CVSS score, CWE classification, or references provided. No independent synthesis is possible without a vulnerability description, affected version range, or technical details.
Arbitrary hardlink creation in the decompress npm package (before version 4.2.2) enables read disclosure and overwrite of any file accessible on the same filesystem as the extraction directory. When a victim extracts an attacker-crafted archive, the library passes the hardlink target path (x.linkname) directly to Node.js fs.link() without any path sanitization, allowing a hardlink inside the extraction directory to point at any file the process has access to. No CISA KEV listing exists and EPSS stands at 0.17% (7th percentile), reflecting low observed exploitation; however, the provided CVSS I:N metric conflicts with the description's explicit mention of file-overwrite capability, and in automated CI/CD pipelines the user-interaction barrier is effectively eliminated.
CVE-2026-58382 is associated with Ubuntu vendor reporting but contains no description, CVSS data, CWE classification, or technical detail in the available intelligence sources. No impact, affected component, or attack surface can be determined from the provided data. Analysis cannot be completed without additional source material from the vendor advisory or NVD entry.
CVE-2026-45093 is a vulnerability reported by Ubuntu with no description, CVSS score, vector, or CWE available at time of analysis. The affected product, impact class, and exploitation conditions are entirely unknown from provided intelligence. No meaningful risk characterization is possible without additional vendor disclosure.
CVE-2026-55564 has been reported by Ubuntu but carries no publicly available description, CVSS score, vector, or CWE classification at time of analysis. The affected product, vulnerability class, and impact scope are entirely unconfirmed from available intelligence. No assessment of attacker capability or victim exposure is possible without a description or vendor advisory detailing the flaw.
CVE-2026-58387 is attributed to Ubuntu (vendor source) but no description, CVSS score, CWE classification, or technical details are available in the provided intelligence data. The nature, impact, and exploitability of this vulnerability cannot be characterized at this time. No assessment of attacker capability, affected versions, or real-world risk is possible without additional data.
Insufficient data exists to characterize CVE-2026-57158 meaningfully. The CVE description is absent, no CVSS vector or score has been published, and the only available intelligence signal is a single vendor source tag ('vendor:ubuntu'). No impact, attack vector, or affected component can be determined from the provided data. Security teams should treat this as an unresolved entry requiring direct vendor advisory lookup before any risk decision is made.
CVE-2026-53590 has been reported by Ubuntu but contains no publicly available description, CVSS scoring, CWE classification, or technical detail at the time of this analysis. The absence of all structured vulnerability data - description, vector, severity, and CWE - makes it impossible to characterize the impact, affected component, or exploitation conditions. No public exploit has been identified, and no KEV listing exists. Security teams should monitor the Ubuntu Security Notices (USN) portal for updated advisories.
Insufficient data exists to characterize CVE-2026-49863 meaningfully. The only available intelligence signal is a reporter attribution of 'vendor:ubuntu', suggesting the vulnerability affects a package or component within the Ubuntu ecosystem. No description, CVSS vector, CWE classification, affected version range, or exploitation status has been provided, making substantive analysis impossible at this time.
Insufficient data exists to characterize CVE-2026-58388 beyond its Ubuntu vendor attribution. No description, CVSS vector, CWE classification, affected version range, or technical detail was provided in the intelligence feed. The only confirmed data point is that Ubuntu (Canonical) reported or acknowledged this CVE. No impact, attack vector, or exploitation conditions can be stated without fabricating information.
CVE-2026-58383 is a vulnerability reported by Ubuntu with no public description, CVSS score, CWE classification, or technical detail available at time of analysis. The affected component, impact, and exploitation conditions are entirely unknown from the provided data. No meaningful synthesis is possible beyond the vendor attribution to Ubuntu.
CVE-2026-49862 cannot be meaningfully summarized - the description field is absent and no technical intelligence is available beyond a vendor attribution to Ubuntu. No CVSS score, CWE classification, affected product details, or advisory references were provided in the input data. Security teams should consult the Ubuntu Security Notices (USN) portal and the NVD entry directly before making any risk decisions.
CVE-2026-58386 is reported by Ubuntu with no description, CVSS score, CWE classification, or additional intelligence available at time of analysis. The affected product, vulnerability class, and impact cannot be determined from the provided data. Security teams should consult Ubuntu Security Notices (USN) directly for authoritative details on this CVE.
Cross-origin WebSocket hijacking in the Cline Hub dashboard server (the process started by `cline dashboard`) before version 3.0.30 lets a malicious website drive an active local Cline session. Because the /browser WebSocket endpoint does not validate the Origin header and isAuthorizedBrowserRequest() trusts any request when ROOM_SECRET is unset on a 127.0.0.1 bind, any site a victim visits can send desktopCommand frames to read workspace state, alter MCP and provider/model settings, and-when a provider or model is configured-invoke command execution on the developer's machine. There is no public exploit identified at time of analysis and it is not in CISA KEV; the flaw is a classic origin-validation gap (CWE-346) fixed in 3.0.30.
Sandbox escape in Google Chrome on Windows prior to 150.0.7871.115 allows an attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page, chaining a codec input-validation flaw into higher-privileged host-process compromise. The bug is rated High by Chromium and carries a CVSS 8.3 with a scope-changing vector reflecting the sandbox-boundary crossing. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Sandbox escape in Google Chrome's GetUserMedia (WebRTC media capture) implementation allows an attacker who has already compromised the renderer process to break out of the browser sandbox by exploiting a race condition via a crafted HTML page, affecting all desktop Chrome builds prior to 150.0.7871.115. Rated High by Chromium and scored CVSS 8.3, this is a second-stage exploitation primitive typically chained after an initial renderer RCE; no public exploit identified at time of analysis and it is not listed in CISA KEV. A vendor patch is available in the 150.0.7871.115 Stable channel release.
Heap corruption in Google Chrome's Codecs component allows a remote attacker to trigger out-of-bounds read and write operations by luring a victim to open or play a crafted video file, affecting all desktop builds prior to 150.0.7871.115. Rated High by Chromium and CVSS 8.8, it requires user interaction (viewing malicious media) but no privileges, and combines information disclosure with potential memory corruption that could lead to code execution. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Uninitialized memory use in Chrome's ANGLE graphics layer exposes potentially sensitive process memory contents to remote attackers across all desktop Chrome versions prior to 150.0.7871.115. The flaw is triggered by a crafted HTML page requiring user interaction, limiting automated mass exploitation - consistent with SSVC classifying it as non-automatable with partial technical impact. No public exploit code exists and EPSS sits at 0.18% (7th percentile), but Chrome's ubiquitous deployment footprint and the high confidentiality impact still justify prompt patching.
Information disclosure in Wireshark's BLF file parser affects versions 4.6.0-4.6.6 and 4.4.0-4.4.16, stemming from use of an uninitialized variable (CWE-457) that may expose portions of process memory when parsing a crafted BLF file. Exploitation is constrained by a local attack vector, high attack complexity, and mandatory user interaction - a victim must actively open a malicious file. With a CVSS score of 2.5, no CISA KEV listing, and no public exploit identified at time of analysis, this is a low-priority finding with a narrow, socially-engineered attack surface.
Certificate revocation bypass in etcd affects clusters running versions before 3.5.32 and before 3.6.13 that are configured with --listen-client-http-urls to serve HTTP and gRPC client traffic on separate listeners. In that split-listener mode the --client-crl-file Certificate Revocation List is silently ignored on the gRPC listener, so a client presenting a certificate the operator has explicitly revoked can still complete mutual-TLS authentication and gain full read/write access to the key-value store. There is no public exploit identified at time of analysis and EPSS is low (0.36%), but the technical impact is total for anyone relying on CRL-based deauthorization.
Wasmtime's WASI filesystem implementation allows a sandboxed WebAssembly guest to overwrite host files that were intentionally exposed as read-only preopens. The wasmtime-wasi component checks directory-level permissions during hard-link creation (path_link) and rename (path_rename) operations but fails to verify that the source and destination preopens carry matching FilePerms flags - meaning FilePerms::READ enforcement is bypassed at the operation level. Affected versions span multiple major release trains (prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1); no public exploit code or CISA KEV listing is present at time of analysis, but the scope change from guest sandbox to host filesystem makes this a meaningful sandbox-escape class defect.
LiveQuery in Parse Server leaks unauthorized object field values to authenticated subscribers when a single save operation simultaneously modifies a sensitive field and the subscriber's ACL read access, because leave and enter events are built from the wrong object state. Affected deployments run parse-server below 8.6.83 (stable branch) or below 9.9.1-alpha.13 (v9 alpha branch) with LiveQuery enabled. The CVSS 4.0 score of 2.3 and AT:P prerequisite correctly reflect that exploitation is constrained to a specific co-mutation timing condition; no public exploit identified and no KEV listing exists at time of analysis.
Denial of service in Parse Server (versions prior to 8.6.82 and 9.9.1-alpha.12) allows remote attackers to hang the Node.js event loop by submitting deeply nested $or, $and, or $nor query operators through the REST API or LiveQuery interface, triggering exponential-time processing in the internal query-traversal helper. Because the vulnerable code path is reachable without authentication and consumes CPU without bound, a single crafted request can render the backend unresponsive to all clients. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in the Elysia TypeScript web framework (versions prior to 1.4.29) lets remote unauthenticated attackers exhaust server CPU by submitting multipart/form-data requests containing many unique key-value pairs. Elysia's form-data normalization uses getAll in a way that scales quadratically with the number of fields, so a single crafted request can consume disproportionate processing time and stall the event loop. A public technical write-up demonstrating the quadratic behavior exists, but there is no evidence of active exploitation; EPSS was not provided.
Credential disclosure in GitLab Enterprise Edition allows an authenticated maintainer-role user to retrieve another user's stored credentials through insufficient authorization controls. All GitLab EE versions from 9.5 through the patched releases (18.11.7, 19.0.4, and 19.1.2) are affected, representing a broad historical exposure window spanning multiple major releases. No public exploit identified at time of analysis; the vulnerability was disclosed via HackerOne responsible disclosure (report 3720483), and GitLab has issued patched versions.
Content spoofing in GitLab CE/EE versions 16.5 through 18.x, 19.0, and 19.1 allows authenticated users to construct repositories where the web interface renders content that diverges from the actual downloadable source, exploiting improper Git reference name resolution (CWE-706). The CVSS score of 3.5 (Low) reflects the authentication requirement (PR:L), mandatory viewer interaction (UI:R), and limited integrity-only impact with no confidentiality or availability consequences. No public exploit code or CISA KEV listing has been identified at time of analysis, placing real-world risk firmly in the low tier despite the broad version range affected.
Broken object-level authorization in the nl-portal-backend-libraries GraphQL API exposes sensitive personal data belonging to arbitrary users to any authenticated caller. Two resolvers - document content retrieval (all published versions of nl.nl-portal:documenten-api since 0.2.2.RELEASE, 2023) and the besluiten (decisions) module (nl.nl-portal:besluiten 1.5.0-3.0.0) - were declared without a CommonGroundAuthentication parameter, causing the Spring framework to never bind the authenticated principal into the call path and leaving ownership checks impossible at the resolver level. The two endpoints chain naturally: an attacker enumerates decision records and their attached document IDs via the besluit queries, then exfiltrates raw document content through the document endpoint; decisions frequently contain government benefit, permit, and objection rulings, giving the exposure high real-world sensitivity. No public exploit has been identified at time of analysis, and this was discovered during a structured penetration testing engagement in May 2026.
Differential extraction in async-tar 0.6.0 enables content-smuggling attacks against scan-then-extract pipelines: an attacker who controls the bytes of a tar stream can construct an archive that GNU-tar-based AV scanners see as a single benign blob while async-tar writes a distinct executable payload to disk that the scanner never inspected. The root cause is in poll_next_raw (src/archive.rs), which mis-applies a buffered PAX local-extension size record to an intermediary GNU longname (L) header rather than restricting the override to the following file entry, desyncing the stream cursor from any POSIX-correct parser. No public exploitation in the wild or CISA KEV listing has been identified, but a fully functional proof-of-concept with verbatim captured output is included in the advisory, demonstrating the complete x → L → file smuggling sequence.
Sensitive file exfiltration in Composio SDK (the @composio/cli package) before 0.2.32-beta.283 lets attackers steal credential files by abusing a missing path-safety check in the readFileFromDisk function of tool-file-uploads.ts. Because the assertSafeFileUploadPath guard is absent, an attacker who can influence the agent's prompt can manipulate file_uploadable parameters to point at arbitrary paths such as ~/.ssh private keys, causing the CLI to upload those files to attacker-controlled storage. There is no public exploit identified at time of analysis, but the upstream fix, issue, and pull request are all public, which lowers the bar for reproduction.
Container-to-host sandbox escape in HashiCorp Nomad and Nomad Enterprise lets an authenticated job submitter using the Docker task driver bind-mount an arbitrary host path into their container even when volume bind mounts are administratively disabled, enabling read and write access to files on the underlying host. The scope-changing flaw (CVSS 3.1 8.7) affects the Community and Enterprise editions and is fixed in Nomad 2.0.4 (CE), and Enterprise 2.0.4, 1.11.8, and 1.10.14. There is no public exploit identified at time of analysis and it is not on CISA KEV.
Path redirection via the writeToFile template helper in consul-template before 0.42.1 allows a local low-privileged attacker to redirect template output outside the intended destination directory or overwrite existing files on the filesystem. Because consul-template routinely renders sensitive secrets from HashiCorp Vault, Consul, and AWS Secrets Manager into local files, successful exploitation can expose those secrets by redirecting writes to attacker-readable locations. No public exploit code or CISA KEV listing is associated with this vulnerability at time of analysis.