N A
Monthly
LiteLLM 1.18.10 contains a remote code execution vulnerability in its MCP server creation functionality. The application allows users to add MCP servers via a JSON configuration specifying arbitrary command and args values. LiteLLM executes these values on the host without validation, enabling attackers to run arbitrary operating system commands. Successful exploitation may result in remote code execution with the privileges of the LiteLLM process.
Symlink-following file overwrite in Microsoft AVML (Acquire Volatile Memory for Linux) before 0.17.0 lets a local attacker who can pre-plant a symlink at AVML's output path cause the tool to truncate and overwrite the symlink's target when it opens the file with O_TRUNC. Because the destructive open happens before input validation completes ('truncation-before-validation'), the target file is clobbered even for otherwise-invalid runs. No public exploit is confirmed, though a researcher gist accompanies the disclosure; the flaw is fixed in v0.17.0 by adding the O_NOFOLLOW open flag.
A heap overflow in the evalcommand() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input.
An issue in Open Source GPT Researcher v3.3.7 allows attackers to execute arbitrary commands on a victim system via user interaction with a crafted HTML page.
A stack overflow in the evaluate() function (editors/awk.c) of BusyBox commit 371fe9 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AWK script.
Buffer Overflow vulnerability in Tenda AC10 v3 (firmware V03.03.16.09) allows attackers to cause a permanent Denial of Service (DoS) or potentially execute remote code via the /cgi-bin/UploadCfg endpoint
xszyou Fay 4.3.1 contains a remote code execution vulnerability in its MCP STDIO server management and command execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and parameters, resulting in execution of arbitrary commands on the server. Successful exploitation allows arbitrary command execution within the context of the Fay service.
Cross Site Scripting vulnerability in xxl-job-admin v.3.0.0 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request containing a malicious script
A Cross-Site Request Forgery (CSRF) vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive request mapping
A heap overflow in the ifsbreakup() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input.
An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nni_qos_db_set function in broker_tcp.c component
Dulwich through 1.1.0 was found to be missing SSH host key verification in contrib/paramiko_vendor.py.
A use-after-free in the awk_sub() function (editors/awk.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AWK script.
Stored XSS in osTicket's Agent and Admin panel allows any authenticated user with ticket-submission privileges to inject persistent JavaScript that executes in privileged staff browser sessions. Affected versions span two release branches: 1.10 through 1.17.7 and 1.18.0 through 1.18.3. No public exploit identified at time of analysis per KEV, but publicly available exploit code exists on GitHub (WesWrench/CVE-2026-36214), and the CVSS scope-change rating (S:C) reflects that successful exploitation compromises Agent or Admin sessions rather than the attacker's own context.
Denial of service in aMule 2.3.3 lets a remote eD2k server crash the client by sending a malformed OP_SERVERMESSAGE packet that overflows a stack buffer (CWE-121). The flaw is triggered client-side when parsing server-supplied message data, so any hostile or spoofed server the client connects to can terminate the application. No public exploit has been identified at time of analysis, and the issue is documented only as an upstream bug report (amule GitHub issue #445), not a released patch.
SQL injection in Shenzhou Shihan Video Conference System v1.0 lets a remote, unauthenticated attacker inject arbitrary SQL through the /user/getUserLogin endpoint, enabling full database compromise and, per the MITRE report, arbitrary code execution. The flaw is network-reachable against default installs with no authentication or user interaction (CVSS 9.8). No CISA KEV listing exists and EPSS is low (0.27%, 18th percentile); disclosure references (a GitHub CVE issue and a cnblogs write-up) suggest public exploitation details circulate, though weaponized exploit code was not independently confirmed in this analysis.
Remote memory corruption in the OpENer EtherNet/IP stack (2.3.0 master branch up to commit 76b95cf) stems from an integer underflow while parsing connected explicit messages via the SendUnitData encapsulation command, allowing network attackers to corrupt memory on the target device. The CVSS 3.1 score of 9.8 (AV:N/PR:N) indicates unauthenticated remote exploitation with full confidentiality, integrity, and availability impact. A public gist by researcher MrAlaskan and a filed GitHub issue accompany the disclosure, so publicly available exploit code exists, though EPSS is low (0.15%, 5th percentile) and it is not on the CISA KEV list.
Privilege escalation in D-Link DIR-1253 firmware v1.0.1.250923.142435 stems from improper handling of the /etc/shadow file - the store of hashed local credentials - letting an attacker obtain or elevate to root-level access on the device. Publicly available exploit code exists (referenced via the zuh.re/codeberg advisory), but there is no public exploit identified as actively exploited and the CVE is not on the CISA KEV list. The published CVSS of 9.8 (AV:N) appears optimistic given that the core issue centers on a local system credential file, so the true remote-unauthenticated reach should be verified against the vendor advisory.
Server-Side Request Forgery in LogicalDOC Enterprise versions up to and including 9.1.1 lets a remote, unauthenticated attacker abuse the ShareFileCallback servlet to coerce the server into issuing HTTP requests to an attacker-chosen host. Because no credentials are required and the flaw is network-reachable, it can be used to probe internal networks, reach otherwise-firewalled services, and potentially retrieve cloud metadata. A public technical disclosure exists (netero1010 Vulnerability-Disclosure repository); there is no public exploit identified as being used in active attacks and it is not listed in CISA KEV.
OpENer 2.3.0 (commit 76b95cf) has an out-of-bounds read issue in CIP message parsing when handling malformed explicit requests with a forged EPath size. An attacker can send a valid ENIP SendRRData frame carrying a very short CIP payload whose path_size field claims that many more path words are present than are actually available. Because the parser trusts the attacker-controlled path_size and continues decoding path segments without a remaining-length boundary, it reads beyond the end of the stack receive buffer.
Stack buffer overflow in the OpENer EtherNet/IP stack (version 2.3.0, commit 76b95cf) lets remote attackers corrupt memory by sending a crafted CIP network packet whose length field is truncated into a negative value, bypassing bounds checks in DecodePaddedEPath. The CVSS vector (AV:N/PR:N/UI:N) indicates unauthenticated remote reachability with high confidentiality and availability impact; no public exploit is identified at time of analysis (not in CISA KEV), though a referenced gist and GitHub issue suggest researcher analysis and possible proof-of-concept material exist. As an OT/ICS protocol stack, exploitation would most plausibly cause denial of service or memory disclosure on embedded industrial devices.
A Denial of Service (DoS) vulnerability exists in the receive loop of libmodbus 3.1.12 when running on Windows. The issue stems from improper timeout management during network read operations.
Denial of service in MikroTik RouterOS 7.21.x (before 7.21.4) and 7.22.x (before 7.22.2) allows a remote unauthenticated attacker to crash the core inter-process communication layer by triggering an integer overflow in the unflatten() function of the bundled libumsg.so library. Successfully exploiting it disrupts device availability without touching data confidentiality or integrity. There is no public exploit identified at time of analysis, though a third-party research blog documents the underlying integer overflow; EPSS is low at 0.20% (10th percentile).
Out-of-bounds read in the EIPStackGroup OpENer EtherNet/IP stack (version 2.3.0, commit 76b95cf) lets a remote unauthenticated attacker send a crafted ENIP frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request that drives the Connection Manager parser to read past the supplied request buffer, exposing adjacent memory or crashing the stack. Per the CVSS vector (AV:N/AC:L/PR:N/UI:N) it is reachable over the network with no authentication and low complexity, yielding high confidentiality and availability impact. No CISA KEV listing and no EPSS were supplied; no active exploitation is confirmed, though a referenced public gist appears to document the flaw and may contain proof-of-concept material.
Sensitive information disclosure in OpenBMB XAgent v1.0.0 and earlier allows remote unauthenticated attackers to read arbitrary files on the server by abusing a path traversal flaw in the file() endpoint of XAgentServer's workspace router. The user-controllable 'filename' parameter is concatenated into a file path without validation, so a crafted request escapes the intended workspace directory. SSVC lists exploitation as proof-of-concept and automatable=yes; publicly available exploit code exists via a referenced gist, though this is not confirmed as actively exploited in the wild.
Access-control bypass in EIPStackGroup OpENer 2.3.0 (commit 76b95cf) lets any unauthenticated network attacker hijack another client's EtherNet/IP encapsulation session by replaying a valid session_handle, because the stack validates the handle against a global session list but never binds it to the originating TCP socket. Affected industrial devices running this open-source stack can have their EtherNet/IP command channel abused for read/write operations under another client's authority. No CISA KEV listing exists, but a researcher gist referenced in the advisory appears to publish exploit details, and the CVSS 9.1 rating reflects high confidentiality and integrity impact.
An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/CreateAppUser components
An unauthenticated path traversal vulnerability exists in the web management interface of WTI (Wireless Technology, Inc.) version 3.5.0.r 2024/05/24 00:00:00. An unauthenticated attacker can craft malicious HTTP requests containing traversal sequences to access files outside of the intended web root directory. This may allow disclosure of sensitive system files and configuration data
adm-zip before 0.5.18 is vulnerable to denial of service via a crafted ZIP file with a manipulated uncompressed size header field. In zipEntry.js line 103, Buffer.alloc(_centralHeader.size) allocates memory based on the declared uncompressed size from the ZIP central directory header without validating it against the actual compressed data size or imposing any upper bound. The size value is read directly from the binary header at entryHeader.js line 266 with no bounds check. An attacker can craft a ~120-byte ZIP file that declares ~4GB uncompressed size, causing a memory allocation amplification ratio of over 33 million to 1. The allocation occurs before CRC validation, so the malicious payload cannot be rejected early. All extraction and read methods are affected: readFile(), readAsText(), extractEntryTo(), extractAllTo(), extractAllToAsync(), test(), and entry.getData(). Any application accepting untrusted ZIP files via adm-zip is vulnerable to immediate process crash.
Arbitrary hardlink creation in the decompress npm package (before version 4.2.2) enables read disclosure and overwrite of any file accessible on the same filesystem as the extraction directory. When a victim extracts an attacker-crafted archive, the library passes the hardlink target path (x.linkname) directly to Node.js fs.link() without any path sanitization, allowing a hardlink inside the extraction directory to point at any file the process has access to. No CISA KEV listing exists and EPSS stands at 0.17% (7th percentile), reflecting low observed exploitation; however, the provided CVSS I:N metric conflicts with the description's explicit mention of file-overwrite capability, and in automated CI/CD pipelines the user-interaction barrier is effectively eliminated.
Denial-of-service in the RTSP service of the Tenda CP3 V3.0 IP camera (firmware V31.1.9.91) lets remote unauthenticated attackers abruptly reset the streaming TCP connection by sending an RTSP request with an oversized field value. Rather than replying with an RFC 2326-compliant error, the service tears the connection down with a RST packet, indicating unsafe input handling in the RTSP parser that can disrupt video streaming. A public research report documenting the flaw exists on GitHub, but there is no CISA KEV listing and no confirmed active exploitation.
Denial of service in the Tenda CP3 V3.0 IP camera (firmware V31.1.9.91) allows an unauthenticated remote attacker to crash the RTSP service by sending a crafted PLAY request that overflows a fixed-size stack buffer. The flaw is remotely reachable with no authentication or user interaction, but per the description and CVSS the impact is limited to availability loss (device crash/reboot), with no confirmed code execution. A public technical report with reproduction details exists on GitHub; the issue is not listed in CISA KEV and no EPSS score was provided.
Remote denial of service in the Tenda CP3 V3.0 IP camera (firmware V31.1.9.991) allows an unauthenticated attacker on the network to crash the device by sending a specially crafted RTSP TEARDOWN request that overflows a stack buffer. Publicly available exploit code exists via a third-party GitHub write-up, though the flaw affects only availability (no data disclosure or code execution is claimed). No active exploitation has been reported in CISA KEV, and EPSS data was not provided.
Arbitrary symlink creation in the decompress npm package before 4.2.2 lets an attacker who supplies a crafted archive plant symlinks pointing outside the extraction directory, leading to information disclosure when the host application reads the extracted contents. The flaw stems from a symlink entry's linkname being passed straight to fs.symlink() without validation, while the existing anti-symlink guard only protects regular file entries. No public exploit has been identified at time of analysis, EPSS risk is low (0.17%, 6th percentile), and it is not listed in CISA KEV.
Directory traversal and arbitrary file write in the decompress npm package (versions before 4.2.2) stem from a prefix-confusion flaw in path boundary validation using String.indexOf() at two locations in index.js. An attacker supplying a crafted archive can write files to filesystem directories adjacent to the intended extraction target - for example, escaping /tmp/app into /tmp/app_config - bypassing both the safeMakeDir function and the extraction path validation. This is a confirmed bypass of the prior fix for CVE-2020-12265; no public exploit has been identified at time of analysis and EPSS is low at 0.26% (17th percentile), though the integrity impact is rated high by CVSS.
Kiosk restriction bypass in the Code 27 Companion Hub allows an attacker with physical device access to perform a factory reset that completely circumvents the kiosk protection mechanism, granting full control over the device. The flaw (CWE-288) represents a protection mechanism failure where an alternate path - the factory reset function - is not gated by the same access controls as the restricted kiosk environment. A publicly available proof-of-concept exploit exists on GitHub, and while SSVC rates exploitation status as none and EPSS sits at 0.21% (11th percentile), the availability of working exploit code lowers the barrier for opportunistic physical-access attacks.
Arbitrary code execution on Code27 Companion Hub (firmware SQ3A.220705.003.A1) is achievable by a physically proximate attacker through improper access controls on the device's USB debugging (ADB) interface. The Android Debug Bridge component fails to enforce adequate restrictions, allowing an unauthenticated attacker with physical USB access to execute arbitrary commands at elevated privilege. A publicly available proof-of-concept exploit exists on GitHub, and SSVC assessment rates the technical impact as total despite no confirmed active exploitation in the wild.
Session Extension information disclosure in SQLite before Fossil check-in 869a51ae84df exposes sensitive process memory when adversarially crafted changesets are processed through the changeset concat or changegroup merge code paths. A local attacker who can deliver a malicious changeset to an application using the Session Extension API can leak heap memory contents and likely crash the process, yielding both low confidentiality and high availability impact consistent with an out-of-bounds read pattern. No active exploitation has been confirmed by CISA KEV, though a researcher gist is referenced that may represent proof-of-concept material; no public exploit is independently confirmed at time of analysis.
NULL pointer dereference in SQLite's Session Extension crashes any application that passes attacker-controlled changeset blobs to sqlite3changeset_apply_v3(). Affected releases include SQLite 3.53.1 and all trunk builds prior to check-in e807d4e3798efd53. Impact is limited to availability - the process crashes - but because SQLite is embedded ubiquitously, the blast radius depends entirely on how widely consuming applications expose this code path to untrusted input. A public proof-of-concept gist is referenced in the CVE record; no public exploit identified at time of analysis beyond that demonstrator, and the vulnerability is not listed in CISA KEV.
Trueview Security camera T18161- AF v4.9.60.0 contains an authentication bypass vulnerability caused by improper password validation and the presence of hard-coded credentials in the firmware.
Out-of-bounds read in FreeType 2.14.3 exposes partial heap memory and risks process crashes when processing crafted variable fonts via the TT_Get_Var_Design code path. The CVSS vector (AV:N/AC:L/PR:N/UI:N) reflects server-side or automated font processing pipelines where untrusted font data reaches FT_Get_Var_Design_Coordinates without authentication barriers. No active exploitation is confirmed in CISA KEV; however, a researcher-published gist suggests working proof-of-concept material exists, and EPSS at 0.17% (7th percentile) indicates minimal observed exploitation activity to date.
Sensitive information disclosure in OneBlog V2.3.9 lets remote unauthenticated attackers retrieve WeChat Official Account secrets - the access_token and jsapi_ticket - through unprotected REST endpoints backed by RestApiController.java, JsApiTicketComponent.java, and GetAccessTokenComponent.java. Because these credentials grant control over the linked WeChat public account, disclosure enables account takeover of the integration rather than just data leakage. Classified CWE-306 (Missing Authentication); a referenced public gist appears to contain proof-of-concept details, though EPSS is low (0.26%, 18th percentile) and it is not listed in CISA KEV.
Improper authentication in Fire-Boltt FB BGS001 smartwatch firmware MOY-JS14-2.0.4 lets a nearby attacker replay previously captured Bluetooth Low Energy (BLE) GATT Write Request packets to trigger device functionality without valid session validation. The device accepts write commands over BLE without sufficient authentication, so an attacker within radio range who has observed legitimate traffic can reissue those commands. A public technical writeup/PoC exists on GitHub (EmbdCDACHyd), but there is no evidence of active exploitation (SSVC Exploitation: none) and EPSS is low at 0.21% (11th percentile).
NULL pointer dereference in GPAC's smooth_parse_stream_index() function crashes the application when processing a maliciously crafted MPEG-DASH or Smooth Streaming media file, resulting in denial of service. Affected versions are all GPAC master HEAD builds prior to commit b35c61f104b85fbb16520ac2838d5d2ef70845b5. Exploitation requires local access and user interaction to open a crafted file; a proof-of-concept is publicly available via GitHub Gist, though EPSS sits at 0.17% (7th percentile) and no active exploitation has been confirmed by CISA KEV.
An HTML injection vulnerability in the file view endpoint of LiquidFiles v4.2.7 allows authenticated attackers to execute arbitrary JavaScript in the context of the victim's browser via the uploading of and user interaction with a crafted HTML file.
Stored cross-site scripting in LiquidFiles v4.2.7 allows authenticated attackers to inject persistent malicious JavaScript or HTML via the Name parameter of the Upload File Shares API, executing in victims' browsers when they interact with the affected share. The scope-changed CVSS vector (S:C) confirms the payload executes outside the attacker's privilege context, enabling session hijacking, credential theft, or UI redress against other users. A security researcher published a write-up specifically documenting CSP bypass techniques to exploit this flaw, indicating the attack is non-trivial but achievable. No public exploit identified at time of analysis, and EPSS sits at 0.16% (5th percentile), suggesting low automated exploitation pressure.
Clickjacking in Ajenti's browser-facing login and administrative UI through v2.2.13 exposes authenticated administrators to UI redress attacks. The root cause is in ajenti-core/aj/http.py, where the core HTTP response pipeline finalizes responses via WSGI without injecting X-Frame-Options or a Content-Security-Policy frame-ancestors directive, allowing the Ajenti UI to be embedded in attacker-controlled iframes. No active exploitation has been identified - EPSS sits at 0.14% (4th percentile), SSVC exploitation is rated none, and no CISA KEV listing exists - placing this firmly in the low-urgency queue despite its medium CVSS score.
Denial of service in the mruby/c lightweight Ruby VM (all releases through 3.4.1) arises from a NULL pointer dereference in op_super()/OP_SUPER within src/vm.c, where a runtime guard for a top-level 'super' call is missing. When the interpreter executes a script that invokes 'super' outside of any method context, the VM dereferences a NULL pointer and crashes. There is no public exploit identified at time of analysis, and the low EPSS score (0.15%, 5th percentile) reflects limited exploitation interest; impact is confined to availability (CWE-476).
mrubyc through release3.4.1 was found to contain an out-of-bounds read in builtin missing-method lookup inside mrbc_find_method().
Denial-of-service via buffer overflow in UTT nv518G firmware (nv518GV3v3.2.7-210919-161313) allows an adjacent-network attacker to crash the device by sending a crafted request to the GoAhead embedded webserver's sub_497498 handler. The vulnerability is rooted in CWE-119 (improper bounds restriction) and requires no authentication, meaning any host on the same LAN segment can trigger device unavailability. A GitHub-hosted CVE report with technical detail exists, indicating publicly available exploit code, though EPSS at 0.22% (13th percentile) reflects low observed exploitation probability - consistent with the limited geographic and market footprint of UTT devices.
Denial of service in the UTT nv518G security gateway/router (firmware nv518GV3v3.2.7-210919-161313) lets remote attackers crash the device by triggering a buffer overflow in the gohead web-management component's sub_487330 (FUN_00487330) function. The CVSS vector indicates unauthenticated network exploitation with availability-only impact, EPSS is low at 0.22% (13th percentile), and no active exploitation is recorded, though a public technical write-up of the flawed function exists on GitHub.
Session hijacking in ntopng versions through 6.6 arises because HTTP session identifiers are generated with weak, time-seeded pseudo-randomness in src/HTTPserver.cpp, making freshly issued authenticated session cookies predictable or collision-prone. Remote attackers who can influence or observe login timing can forecast a valid session token and take over an authenticated user's session without credentials. No public exploit identified at time of analysis, and EPSS is low (0.15%, 5th percentile) despite the 9.8 CVSS rating.
Remote denial of service in the UTT nv518G security gateway/router (firmware nv518GV3v3.2.7-210919-161313) allows an unauthenticated attacker to crash the device by triggering a buffer overflow in the gohead/sub_444C8C function of its embedded web management service. The flaw impacts availability only - no code execution, data disclosure, or integrity loss is indicated - and CVSS rates it 7.5 (High). No public exploit identified at time of analysis, though a GitHub reverse-engineering report documents the vulnerable function; EPSS is low at 0.22% (13th percentile) and it is not on the CISA KEV list.
Out-of-bounds read in ArduPilot's MAVLink ground-control-station handler (through Plane-4.6.3) lets a remote attacker on the MAVLink link send a crafted SERIAL_CONTROL message that reads memory beyond intended bounds in GCS_MAVLINK::handle_serial_control(), potentially disclosing adjacent flight-controller memory and/or crashing the autopilot. The CVSS 9.1 rating reflects high confidentiality and availability impact over an unauthenticated network vector, though EPSS is low (0.17%, 6th percentile) and no public exploit is identified at time of analysis. An upstream fix is proposed via GitHub PR #32587 (issue #32524), but no tagged patched release is independently confirmed.
Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component
Denial of service in the UTT nv518G security gateway (firmware nv518GV3 v3.2.7-210919-210919/161313) lets a remote, unauthenticated attacker crash or hang the device by triggering uncontrolled resource consumption in the gohead/sub_445C5C (FUN_00445c5c) handler of the built-in GoAhead-style web management daemon. No public exploit is identified in the source data, though a GitHub technical write-up reverse-engineering the vulnerable function is available; EPSS is low (0.20%, 10th percentile) and the CVE is not on CISA KEV, so exploitation is theoretical rather than confirmed. Impact is limited to availability (network outage of the gateway) with no confidentiality or integrity loss.
An access violation in the BaseSplitterFile::Read function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
Denial of service in Aleksoid1978 MPC-BE (Media Player Classic - Black Edition) prior to commit 4341cb3 lets an attacker crash the player by supplying a crafted MP4 file that triggers a NULL pointer dereference in the bundled Bento4 AP4_AtomSampleTable::GetSample() routine. A proof-of-concept is referenced (SSVC exploitation: poc), but there is no public exploit identified as weaponized and it is not in CISA KEV; impact is limited to availability with no code execution, data disclosure, or integrity loss. EPSS is low at 0.15% (5th percentile), consistent with a crash-only bug that requires a victim to open a malicious file.
A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
Unauthenticated OS command injection in Tenda AC18 v15.03.05.05 exposes the device to full remote compromise via a crafted HTTP request to the /goform/fast_setting_internet_set endpoint. The vulnerability is a second-order (stored) injection through the mac parameter - malicious payloads are written into device configuration and executed when triggered. No public exploit identified at time of analysis, though SSVC confirms a proof-of-concept exists and the attack is automatable, making mass exploitation technically feasible against internet-exposed devices.
Remote code execution in Pivotal CRM 6.6.4.08 (Aurea) arises from insecure deserialization in the Pivotal.Engine.Client.Services.Conversion.dll component, letting remote attackers run arbitrary code on the server. This is a bypass of the incomplete fix for CVE-2026-39253, and it remains exploitable on systems that only applied the earlier patch-ghi-15381-cwe-502-20251225.zip. No public exploit code has been identified, though public advisories exist for both this issue and its predecessor; EPSS is modest at 0.57% (43rd percentile) and it is not in CISA KEV.
Denial of service in the UTT nv518G router (firmware nv518GV3v3.2.7-210919-161313) allows a remote attacker to crash or hang the device by sending crafted input to the gohead/sub_44af70 (FUN_0044af70) component of its embedded web/management service. Rated CVSS 7.5 (availability-only impact), the flaw is network-reachable without authentication or user interaction but does not expose or alter data. A public technical writeup analyzing the vulnerable function exists on GitHub; there is no public evidence of active exploitation and EPSS scores it low (0.20%, 11th percentile).
Denial of service in the UTT nv518G gateway/router (firmware nv518GV3 v3.2.7-210919-161313) allows a remote, unauthenticated attacker to crash the device by triggering a buffer overflow in the gohead web-service handler at function sub_472f08 (FUN_00472f08). The CVSS 3.1 score of 7.5 reflects availability-only impact (A:H, C:N/I:N) over the network with no privileges or user interaction. EPSS is low (0.22%, 13th percentile) and the CVE is not in CISA KEV; a third-party technical write-up exists on GitHub, but no active exploitation is confirmed.
A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.
Remote code execution in Alexantr filemanager v1.0 lets remote attackers run arbitrary code through the filemanager.php component, mapped to CWE-94 (code injection). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates a network-reachable flaw requiring no authentication or user interaction, and publicly available exploit code exists (GitHub POC by SLO-CYBER-SEC). SSVC rates exploitation as proof-of-concept with total technical impact and automatable=yes, but it is not on CISA KEV and no EPSS score was provided.
Local privilege escalation in Matrix42 Empirum (versions before 25.5 and 26.x before 26.2) lets any authenticated low-privileged user gain SYSTEM execution by abusing the PBackupVSS.exe service's named pipe. The pipe \\.\pipe\PBackupVSS is created with an overly permissive DACL granting GENERIC_READ/GENERIC_WRITE to all authenticated users, so an attacker can send crafted IPC messages that drive the SYSTEM-level service into running an attacker-supplied shadow.exe from a controlled working directory. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but exploitation is mechanically straightforward once on the host.
Cross-site request forgery in Squidex CMS v7.21.0 and earlier allows a remote attacker to escalate privileges by targeting the IdentityServer account profile endpoint without requiring any authentication of their own. A proof-of-concept exploit is publicly documented, including a video walkthrough, and SSVC analysis classifies the attack as automatable with partial technical impact. No active exploitation has been confirmed by CISA KEV at time of analysis.
Heap buffer overflow in snap7 v1.4.3 crashes the embedded S7 server when processing a specially crafted write function packet targeting TS7Worker::PerformFunctionWrite() in /core/s7_server.cpp. Systems deploying snap7 as an S7-compatible communication server - common in industrial SCADA, HMI, and IoT gateway applications bridging to Siemens S7-series PLCs - can be disrupted remotely with no privileges required per the CVSS PR:N designation. No public exploit identified at time of analysis, and the EPSS score of 0.19% (8th percentile) reflects minimal current exploitation activity; however, operational impact in OT environments can exceed what the CVSS Availability score alone suggests.
Denial of service in EIPStackGroup OpENer (commit 76b95c), an open-source EtherNet/IP stack, allows remote attackers to crash the device by sending a crafted Common Packet Format (CPF) packet that triggers a buffer overflow in the Get_Attribute_List handler. The flaw is network-reachable without authentication or user interaction (CVSS 7.5, availability-only impact), and SSVC indicates proof-of-concept exploit code exists and that exploitation is automatable. EPSS is low (0.17%, 7th percentile) and the CVE is not on CISA KEV, so there is no public evidence of active exploitation yet.
Cross-Site Scripting (XSS) vulnerability in the patron restriction type administration page of Koha Library Management System through 25.11 allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label (display_text field)
Stack overflow in Bento4's MP4 parsing component allows an attacker to crash any application built on the library by supplying a crafted MP4 file. The flaw resides in AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity, a dynamic array growth function invoked while processing Track Run (trun) atoms, and affects all Bento4 releases before v1.8.9. A public proof-of-concept exists (poc4.zip), though EPSS sits at 0.17% and CISA KEV has not listed this CVE, indicating no confirmed widespread exploitation at time of analysis.
Stored cross-site scripting in Koha Library Management System's OPAC item detail page enables persistent script injection via the item public notes field (items.itemnotes), affecting all versions through 25.11. An authenticated attacker holding the edit_items permission can plant malicious JavaScript that executes in the browsers of any patron or staff member who subsequently views the affected item's detail page in the OPAC. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at 0.21% (12th percentile), suggesting limited threat actor interest currently.
Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 (V603) allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write arbitrary memory via the serial console.
An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components
A stack overflow in the AP4_StsdAtom::AP4_StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
A stored cross-site scripting (XSS) vulnerability in the item type administration page of Koha Library Management System through 25.11 allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the item type check-in message field (checkinmsg)
An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input.
Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by getting it to load a maliciously crafted shared library, which mishandles resources in the DSO::mmap_and_copy dynamic-linking routine (CWE-404). Publicly available exploit code exists, but the flaw is not in CISA KEV and EPSS is very low (0.17%, 6th percentile), indicating no observed in-the-wild exploitation. Impact is confined to availability - no confidentiality or integrity loss.
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a single SHA-1 hash and RC4 decryption operation, with no brute force required.
Use-after-free in MP4Box's filter pipeline core (gf_filter_pid_inst_swap in filter_pid.c) allows local attackers to crash the application - and potentially achieve memory corruption beyond DoS - by supplying a crafted media file. Publicly available exploit code exists for this vulnerability, hosted on GitHub in a dedicated proof-of-concept repository. The EPSS score is low (0.17%, 6th percentile) with no CISA KEV listing, suggesting the public POC is research-grade rather than part of active exploitation campaigns, but the barrier to triggering a crash is low for any attacker with file delivery capability.
Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_load_from_state_internal function of the SEI loader filter (src/filters/sei_load.c). Processing a maliciously crafted MPEG-2 Transport Stream file causes the parser to dereference a dangling pointer, crashing the application. Publicly available exploit code (a PoC test case and write-up) exists, though the issue is not listed in CISA KEV and carries a low EPSS exploitation probability (0.17%, 6th percentile).
SQL injection in the open-source Grocery Store Management System (PHP/MySQL, v1.0 by anirudhkannanvp) lets attackers read arbitrary database contents by injecting a crafted SQL payload through the unsanitized 'scost' parameter of /grocery/search_products.php. The flaw (CWE-89) carries a CVSS of 7.7 and exposes credentials, customer records, and other sensitive data; publicly available exploit code exists in a dedicated GitHub repository, though it is not listed in CISA KEV and its EPSS exploitation probability is low (0.24%, 16th percentile).
Information disclosure in MSI NBFoundation Service v2.0.2506.1201 lets remote attackers read sensitive data exposed through the named pipe MSI_SERVICE_2, which is configured with overly permissive access controls. The flaw scores CVSS 7.5 (high) for confidentiality-only impact with no authentication required; publicly available exploit code exists in a GitHub proof-of-concept, though there is no evidence of active exploitation and the EPSS probability is low (0.22%, 13th percentile).
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component
Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a process by supplying a crafted string that reaches a panicking `unwrap()` inside the `__assert_fail` function in /assert/mod.rs. Any program linked against the affected relibc that routes attacker-influenced data through an assertion failure path can be forced to abort. Publicly available exploit code exists, but the issue is not listed in CISA KEV and EPSS is low (0.17%, 6th percentile), indicating no observed widespread exploitation.
An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via a crafted input.
Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by supplying a crafted media file. The flaw is an out-of-bounds read of a language metadata string in gf_media_import (media_import.c), where three characters were read without verifying the string's length. Publicly available exploit code exists (sigdevel PoC), but it is not listed in CISA KEV and EPSS is low (0.19%, 8th percentile), indicating minimal observed real-world exploitation.
LiteLLM 1.18.10 contains a remote code execution vulnerability in its MCP server creation functionality. The application allows users to add MCP servers via a JSON configuration specifying arbitrary command and args values. LiteLLM executes these values on the host without validation, enabling attackers to run arbitrary operating system commands. Successful exploitation may result in remote code execution with the privileges of the LiteLLM process.
Symlink-following file overwrite in Microsoft AVML (Acquire Volatile Memory for Linux) before 0.17.0 lets a local attacker who can pre-plant a symlink at AVML's output path cause the tool to truncate and overwrite the symlink's target when it opens the file with O_TRUNC. Because the destructive open happens before input validation completes ('truncation-before-validation'), the target file is clobbered even for otherwise-invalid runs. No public exploit is confirmed, though a researcher gist accompanies the disclosure; the flaw is fixed in v0.17.0 by adding the O_NOFOLLOW open flag.
A heap overflow in the evalcommand() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input.
An issue in Open Source GPT Researcher v3.3.7 allows attackers to execute arbitrary commands on a victim system via user interaction with a crafted HTML page.
A stack overflow in the evaluate() function (editors/awk.c) of BusyBox commit 371fe9 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AWK script.
Buffer Overflow vulnerability in Tenda AC10 v3 (firmware V03.03.16.09) allows attackers to cause a permanent Denial of Service (DoS) or potentially execute remote code via the /cgi-bin/UploadCfg endpoint
xszyou Fay 4.3.1 contains a remote code execution vulnerability in its MCP STDIO server management and command execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and parameters, resulting in execution of arbitrary commands on the server. Successful exploitation allows arbitrary command execution within the context of the Fay service.
Cross Site Scripting vulnerability in xxl-job-admin v.3.0.0 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request containing a malicious script
A Cross-Site Request Forgery (CSRF) vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive request mapping
A heap overflow in the ifsbreakup() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input.
An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nni_qos_db_set function in broker_tcp.c component
Dulwich through 1.1.0 was found to be missing SSH host key verification in contrib/paramiko_vendor.py.
A use-after-free in the awk_sub() function (editors/awk.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AWK script.
Stored XSS in osTicket's Agent and Admin panel allows any authenticated user with ticket-submission privileges to inject persistent JavaScript that executes in privileged staff browser sessions. Affected versions span two release branches: 1.10 through 1.17.7 and 1.18.0 through 1.18.3. No public exploit identified at time of analysis per KEV, but publicly available exploit code exists on GitHub (WesWrench/CVE-2026-36214), and the CVSS scope-change rating (S:C) reflects that successful exploitation compromises Agent or Admin sessions rather than the attacker's own context.
Denial of service in aMule 2.3.3 lets a remote eD2k server crash the client by sending a malformed OP_SERVERMESSAGE packet that overflows a stack buffer (CWE-121). The flaw is triggered client-side when parsing server-supplied message data, so any hostile or spoofed server the client connects to can terminate the application. No public exploit has been identified at time of analysis, and the issue is documented only as an upstream bug report (amule GitHub issue #445), not a released patch.
SQL injection in Shenzhou Shihan Video Conference System v1.0 lets a remote, unauthenticated attacker inject arbitrary SQL through the /user/getUserLogin endpoint, enabling full database compromise and, per the MITRE report, arbitrary code execution. The flaw is network-reachable against default installs with no authentication or user interaction (CVSS 9.8). No CISA KEV listing exists and EPSS is low (0.27%, 18th percentile); disclosure references (a GitHub CVE issue and a cnblogs write-up) suggest public exploitation details circulate, though weaponized exploit code was not independently confirmed in this analysis.
Remote memory corruption in the OpENer EtherNet/IP stack (2.3.0 master branch up to commit 76b95cf) stems from an integer underflow while parsing connected explicit messages via the SendUnitData encapsulation command, allowing network attackers to corrupt memory on the target device. The CVSS 3.1 score of 9.8 (AV:N/PR:N) indicates unauthenticated remote exploitation with full confidentiality, integrity, and availability impact. A public gist by researcher MrAlaskan and a filed GitHub issue accompany the disclosure, so publicly available exploit code exists, though EPSS is low (0.15%, 5th percentile) and it is not on the CISA KEV list.
Privilege escalation in D-Link DIR-1253 firmware v1.0.1.250923.142435 stems from improper handling of the /etc/shadow file - the store of hashed local credentials - letting an attacker obtain or elevate to root-level access on the device. Publicly available exploit code exists (referenced via the zuh.re/codeberg advisory), but there is no public exploit identified as actively exploited and the CVE is not on the CISA KEV list. The published CVSS of 9.8 (AV:N) appears optimistic given that the core issue centers on a local system credential file, so the true remote-unauthenticated reach should be verified against the vendor advisory.
Server-Side Request Forgery in LogicalDOC Enterprise versions up to and including 9.1.1 lets a remote, unauthenticated attacker abuse the ShareFileCallback servlet to coerce the server into issuing HTTP requests to an attacker-chosen host. Because no credentials are required and the flaw is network-reachable, it can be used to probe internal networks, reach otherwise-firewalled services, and potentially retrieve cloud metadata. A public technical disclosure exists (netero1010 Vulnerability-Disclosure repository); there is no public exploit identified as being used in active attacks and it is not listed in CISA KEV.
OpENer 2.3.0 (commit 76b95cf) has an out-of-bounds read issue in CIP message parsing when handling malformed explicit requests with a forged EPath size. An attacker can send a valid ENIP SendRRData frame carrying a very short CIP payload whose path_size field claims that many more path words are present than are actually available. Because the parser trusts the attacker-controlled path_size and continues decoding path segments without a remaining-length boundary, it reads beyond the end of the stack receive buffer.
Stack buffer overflow in the OpENer EtherNet/IP stack (version 2.3.0, commit 76b95cf) lets remote attackers corrupt memory by sending a crafted CIP network packet whose length field is truncated into a negative value, bypassing bounds checks in DecodePaddedEPath. The CVSS vector (AV:N/PR:N/UI:N) indicates unauthenticated remote reachability with high confidentiality and availability impact; no public exploit is identified at time of analysis (not in CISA KEV), though a referenced gist and GitHub issue suggest researcher analysis and possible proof-of-concept material exist. As an OT/ICS protocol stack, exploitation would most plausibly cause denial of service or memory disclosure on embedded industrial devices.
A Denial of Service (DoS) vulnerability exists in the receive loop of libmodbus 3.1.12 when running on Windows. The issue stems from improper timeout management during network read operations.
Denial of service in MikroTik RouterOS 7.21.x (before 7.21.4) and 7.22.x (before 7.22.2) allows a remote unauthenticated attacker to crash the core inter-process communication layer by triggering an integer overflow in the unflatten() function of the bundled libumsg.so library. Successfully exploiting it disrupts device availability without touching data confidentiality or integrity. There is no public exploit identified at time of analysis, though a third-party research blog documents the underlying integer overflow; EPSS is low at 0.20% (10th percentile).
Out-of-bounds read in the EIPStackGroup OpENer EtherNet/IP stack (version 2.3.0, commit 76b95cf) lets a remote unauthenticated attacker send a crafted ENIP frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request that drives the Connection Manager parser to read past the supplied request buffer, exposing adjacent memory or crashing the stack. Per the CVSS vector (AV:N/AC:L/PR:N/UI:N) it is reachable over the network with no authentication and low complexity, yielding high confidentiality and availability impact. No CISA KEV listing and no EPSS were supplied; no active exploitation is confirmed, though a referenced public gist appears to document the flaw and may contain proof-of-concept material.
Sensitive information disclosure in OpenBMB XAgent v1.0.0 and earlier allows remote unauthenticated attackers to read arbitrary files on the server by abusing a path traversal flaw in the file() endpoint of XAgentServer's workspace router. The user-controllable 'filename' parameter is concatenated into a file path without validation, so a crafted request escapes the intended workspace directory. SSVC lists exploitation as proof-of-concept and automatable=yes; publicly available exploit code exists via a referenced gist, though this is not confirmed as actively exploited in the wild.
Access-control bypass in EIPStackGroup OpENer 2.3.0 (commit 76b95cf) lets any unauthenticated network attacker hijack another client's EtherNet/IP encapsulation session by replaying a valid session_handle, because the stack validates the handle against a global session list but never binds it to the originating TCP socket. Affected industrial devices running this open-source stack can have their EtherNet/IP command channel abused for read/write operations under another client's authority. No CISA KEV listing exists, but a researcher gist referenced in the advisory appears to publish exploit details, and the CVSS 9.1 rating reflects high confidentiality and integrity impact.
An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/CreateAppUser components
An unauthenticated path traversal vulnerability exists in the web management interface of WTI (Wireless Technology, Inc.) version 3.5.0.r 2024/05/24 00:00:00. An unauthenticated attacker can craft malicious HTTP requests containing traversal sequences to access files outside of the intended web root directory. This may allow disclosure of sensitive system files and configuration data
adm-zip before 0.5.18 is vulnerable to denial of service via a crafted ZIP file with a manipulated uncompressed size header field. In zipEntry.js line 103, Buffer.alloc(_centralHeader.size) allocates memory based on the declared uncompressed size from the ZIP central directory header without validating it against the actual compressed data size or imposing any upper bound. The size value is read directly from the binary header at entryHeader.js line 266 with no bounds check. An attacker can craft a ~120-byte ZIP file that declares ~4GB uncompressed size, causing a memory allocation amplification ratio of over 33 million to 1. The allocation occurs before CRC validation, so the malicious payload cannot be rejected early. All extraction and read methods are affected: readFile(), readAsText(), extractEntryTo(), extractAllTo(), extractAllToAsync(), test(), and entry.getData(). Any application accepting untrusted ZIP files via adm-zip is vulnerable to immediate process crash.
Arbitrary hardlink creation in the decompress npm package (before version 4.2.2) enables read disclosure and overwrite of any file accessible on the same filesystem as the extraction directory. When a victim extracts an attacker-crafted archive, the library passes the hardlink target path (x.linkname) directly to Node.js fs.link() without any path sanitization, allowing a hardlink inside the extraction directory to point at any file the process has access to. No CISA KEV listing exists and EPSS stands at 0.17% (7th percentile), reflecting low observed exploitation; however, the provided CVSS I:N metric conflicts with the description's explicit mention of file-overwrite capability, and in automated CI/CD pipelines the user-interaction barrier is effectively eliminated.
Denial-of-service in the RTSP service of the Tenda CP3 V3.0 IP camera (firmware V31.1.9.91) lets remote unauthenticated attackers abruptly reset the streaming TCP connection by sending an RTSP request with an oversized field value. Rather than replying with an RFC 2326-compliant error, the service tears the connection down with a RST packet, indicating unsafe input handling in the RTSP parser that can disrupt video streaming. A public research report documenting the flaw exists on GitHub, but there is no CISA KEV listing and no confirmed active exploitation.
Denial of service in the Tenda CP3 V3.0 IP camera (firmware V31.1.9.91) allows an unauthenticated remote attacker to crash the RTSP service by sending a crafted PLAY request that overflows a fixed-size stack buffer. The flaw is remotely reachable with no authentication or user interaction, but per the description and CVSS the impact is limited to availability loss (device crash/reboot), with no confirmed code execution. A public technical report with reproduction details exists on GitHub; the issue is not listed in CISA KEV and no EPSS score was provided.
Remote denial of service in the Tenda CP3 V3.0 IP camera (firmware V31.1.9.991) allows an unauthenticated attacker on the network to crash the device by sending a specially crafted RTSP TEARDOWN request that overflows a stack buffer. Publicly available exploit code exists via a third-party GitHub write-up, though the flaw affects only availability (no data disclosure or code execution is claimed). No active exploitation has been reported in CISA KEV, and EPSS data was not provided.
Arbitrary symlink creation in the decompress npm package before 4.2.2 lets an attacker who supplies a crafted archive plant symlinks pointing outside the extraction directory, leading to information disclosure when the host application reads the extracted contents. The flaw stems from a symlink entry's linkname being passed straight to fs.symlink() without validation, while the existing anti-symlink guard only protects regular file entries. No public exploit has been identified at time of analysis, EPSS risk is low (0.17%, 6th percentile), and it is not listed in CISA KEV.
Directory traversal and arbitrary file write in the decompress npm package (versions before 4.2.2) stem from a prefix-confusion flaw in path boundary validation using String.indexOf() at two locations in index.js. An attacker supplying a crafted archive can write files to filesystem directories adjacent to the intended extraction target - for example, escaping /tmp/app into /tmp/app_config - bypassing both the safeMakeDir function and the extraction path validation. This is a confirmed bypass of the prior fix for CVE-2020-12265; no public exploit has been identified at time of analysis and EPSS is low at 0.26% (17th percentile), though the integrity impact is rated high by CVSS.
Kiosk restriction bypass in the Code 27 Companion Hub allows an attacker with physical device access to perform a factory reset that completely circumvents the kiosk protection mechanism, granting full control over the device. The flaw (CWE-288) represents a protection mechanism failure where an alternate path - the factory reset function - is not gated by the same access controls as the restricted kiosk environment. A publicly available proof-of-concept exploit exists on GitHub, and while SSVC rates exploitation status as none and EPSS sits at 0.21% (11th percentile), the availability of working exploit code lowers the barrier for opportunistic physical-access attacks.
Arbitrary code execution on Code27 Companion Hub (firmware SQ3A.220705.003.A1) is achievable by a physically proximate attacker through improper access controls on the device's USB debugging (ADB) interface. The Android Debug Bridge component fails to enforce adequate restrictions, allowing an unauthenticated attacker with physical USB access to execute arbitrary commands at elevated privilege. A publicly available proof-of-concept exploit exists on GitHub, and SSVC assessment rates the technical impact as total despite no confirmed active exploitation in the wild.
Session Extension information disclosure in SQLite before Fossil check-in 869a51ae84df exposes sensitive process memory when adversarially crafted changesets are processed through the changeset concat or changegroup merge code paths. A local attacker who can deliver a malicious changeset to an application using the Session Extension API can leak heap memory contents and likely crash the process, yielding both low confidentiality and high availability impact consistent with an out-of-bounds read pattern. No active exploitation has been confirmed by CISA KEV, though a researcher gist is referenced that may represent proof-of-concept material; no public exploit is independently confirmed at time of analysis.
NULL pointer dereference in SQLite's Session Extension crashes any application that passes attacker-controlled changeset blobs to sqlite3changeset_apply_v3(). Affected releases include SQLite 3.53.1 and all trunk builds prior to check-in e807d4e3798efd53. Impact is limited to availability - the process crashes - but because SQLite is embedded ubiquitously, the blast radius depends entirely on how widely consuming applications expose this code path to untrusted input. A public proof-of-concept gist is referenced in the CVE record; no public exploit identified at time of analysis beyond that demonstrator, and the vulnerability is not listed in CISA KEV.
Trueview Security camera T18161- AF v4.9.60.0 contains an authentication bypass vulnerability caused by improper password validation and the presence of hard-coded credentials in the firmware.
Out-of-bounds read in FreeType 2.14.3 exposes partial heap memory and risks process crashes when processing crafted variable fonts via the TT_Get_Var_Design code path. The CVSS vector (AV:N/AC:L/PR:N/UI:N) reflects server-side or automated font processing pipelines where untrusted font data reaches FT_Get_Var_Design_Coordinates without authentication barriers. No active exploitation is confirmed in CISA KEV; however, a researcher-published gist suggests working proof-of-concept material exists, and EPSS at 0.17% (7th percentile) indicates minimal observed exploitation activity to date.
Sensitive information disclosure in OneBlog V2.3.9 lets remote unauthenticated attackers retrieve WeChat Official Account secrets - the access_token and jsapi_ticket - through unprotected REST endpoints backed by RestApiController.java, JsApiTicketComponent.java, and GetAccessTokenComponent.java. Because these credentials grant control over the linked WeChat public account, disclosure enables account takeover of the integration rather than just data leakage. Classified CWE-306 (Missing Authentication); a referenced public gist appears to contain proof-of-concept details, though EPSS is low (0.26%, 18th percentile) and it is not listed in CISA KEV.
Improper authentication in Fire-Boltt FB BGS001 smartwatch firmware MOY-JS14-2.0.4 lets a nearby attacker replay previously captured Bluetooth Low Energy (BLE) GATT Write Request packets to trigger device functionality without valid session validation. The device accepts write commands over BLE without sufficient authentication, so an attacker within radio range who has observed legitimate traffic can reissue those commands. A public technical writeup/PoC exists on GitHub (EmbdCDACHyd), but there is no evidence of active exploitation (SSVC Exploitation: none) and EPSS is low at 0.21% (11th percentile).
NULL pointer dereference in GPAC's smooth_parse_stream_index() function crashes the application when processing a maliciously crafted MPEG-DASH or Smooth Streaming media file, resulting in denial of service. Affected versions are all GPAC master HEAD builds prior to commit b35c61f104b85fbb16520ac2838d5d2ef70845b5. Exploitation requires local access and user interaction to open a crafted file; a proof-of-concept is publicly available via GitHub Gist, though EPSS sits at 0.17% (7th percentile) and no active exploitation has been confirmed by CISA KEV.
An HTML injection vulnerability in the file view endpoint of LiquidFiles v4.2.7 allows authenticated attackers to execute arbitrary JavaScript in the context of the victim's browser via the uploading of and user interaction with a crafted HTML file.
Stored cross-site scripting in LiquidFiles v4.2.7 allows authenticated attackers to inject persistent malicious JavaScript or HTML via the Name parameter of the Upload File Shares API, executing in victims' browsers when they interact with the affected share. The scope-changed CVSS vector (S:C) confirms the payload executes outside the attacker's privilege context, enabling session hijacking, credential theft, or UI redress against other users. A security researcher published a write-up specifically documenting CSP bypass techniques to exploit this flaw, indicating the attack is non-trivial but achievable. No public exploit identified at time of analysis, and EPSS sits at 0.16% (5th percentile), suggesting low automated exploitation pressure.
Clickjacking in Ajenti's browser-facing login and administrative UI through v2.2.13 exposes authenticated administrators to UI redress attacks. The root cause is in ajenti-core/aj/http.py, where the core HTTP response pipeline finalizes responses via WSGI without injecting X-Frame-Options or a Content-Security-Policy frame-ancestors directive, allowing the Ajenti UI to be embedded in attacker-controlled iframes. No active exploitation has been identified - EPSS sits at 0.14% (4th percentile), SSVC exploitation is rated none, and no CISA KEV listing exists - placing this firmly in the low-urgency queue despite its medium CVSS score.
Denial of service in the mruby/c lightweight Ruby VM (all releases through 3.4.1) arises from a NULL pointer dereference in op_super()/OP_SUPER within src/vm.c, where a runtime guard for a top-level 'super' call is missing. When the interpreter executes a script that invokes 'super' outside of any method context, the VM dereferences a NULL pointer and crashes. There is no public exploit identified at time of analysis, and the low EPSS score (0.15%, 5th percentile) reflects limited exploitation interest; impact is confined to availability (CWE-476).
mrubyc through release3.4.1 was found to contain an out-of-bounds read in builtin missing-method lookup inside mrbc_find_method().
Denial-of-service via buffer overflow in UTT nv518G firmware (nv518GV3v3.2.7-210919-161313) allows an adjacent-network attacker to crash the device by sending a crafted request to the GoAhead embedded webserver's sub_497498 handler. The vulnerability is rooted in CWE-119 (improper bounds restriction) and requires no authentication, meaning any host on the same LAN segment can trigger device unavailability. A GitHub-hosted CVE report with technical detail exists, indicating publicly available exploit code, though EPSS at 0.22% (13th percentile) reflects low observed exploitation probability - consistent with the limited geographic and market footprint of UTT devices.
Denial of service in the UTT nv518G security gateway/router (firmware nv518GV3v3.2.7-210919-161313) lets remote attackers crash the device by triggering a buffer overflow in the gohead web-management component's sub_487330 (FUN_00487330) function. The CVSS vector indicates unauthenticated network exploitation with availability-only impact, EPSS is low at 0.22% (13th percentile), and no active exploitation is recorded, though a public technical write-up of the flawed function exists on GitHub.
Session hijacking in ntopng versions through 6.6 arises because HTTP session identifiers are generated with weak, time-seeded pseudo-randomness in src/HTTPserver.cpp, making freshly issued authenticated session cookies predictable or collision-prone. Remote attackers who can influence or observe login timing can forecast a valid session token and take over an authenticated user's session without credentials. No public exploit identified at time of analysis, and EPSS is low (0.15%, 5th percentile) despite the 9.8 CVSS rating.
Remote denial of service in the UTT nv518G security gateway/router (firmware nv518GV3v3.2.7-210919-161313) allows an unauthenticated attacker to crash the device by triggering a buffer overflow in the gohead/sub_444C8C function of its embedded web management service. The flaw impacts availability only - no code execution, data disclosure, or integrity loss is indicated - and CVSS rates it 7.5 (High). No public exploit identified at time of analysis, though a GitHub reverse-engineering report documents the vulnerable function; EPSS is low at 0.22% (13th percentile) and it is not on the CISA KEV list.
Out-of-bounds read in ArduPilot's MAVLink ground-control-station handler (through Plane-4.6.3) lets a remote attacker on the MAVLink link send a crafted SERIAL_CONTROL message that reads memory beyond intended bounds in GCS_MAVLINK::handle_serial_control(), potentially disclosing adjacent flight-controller memory and/or crashing the autopilot. The CVSS 9.1 rating reflects high confidentiality and availability impact over an unauthenticated network vector, though EPSS is low (0.17%, 6th percentile) and no public exploit is identified at time of analysis. An upstream fix is proposed via GitHub PR #32587 (issue #32524), but no tagged patched release is independently confirmed.
Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component
Denial of service in the UTT nv518G security gateway (firmware nv518GV3 v3.2.7-210919-210919/161313) lets a remote, unauthenticated attacker crash or hang the device by triggering uncontrolled resource consumption in the gohead/sub_445C5C (FUN_00445c5c) handler of the built-in GoAhead-style web management daemon. No public exploit is identified in the source data, though a GitHub technical write-up reverse-engineering the vulnerable function is available; EPSS is low (0.20%, 10th percentile) and the CVE is not on CISA KEV, so exploitation is theoretical rather than confirmed. Impact is limited to availability (network outage of the gateway) with no confidentiality or integrity loss.
An access violation in the BaseSplitterFile::Read function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
Denial of service in Aleksoid1978 MPC-BE (Media Player Classic - Black Edition) prior to commit 4341cb3 lets an attacker crash the player by supplying a crafted MP4 file that triggers a NULL pointer dereference in the bundled Bento4 AP4_AtomSampleTable::GetSample() routine. A proof-of-concept is referenced (SSVC exploitation: poc), but there is no public exploit identified as weaponized and it is not in CISA KEV; impact is limited to availability with no code execution, data disclosure, or integrity loss. EPSS is low at 0.15% (5th percentile), consistent with a crash-only bug that requires a victim to open a malicious file.
A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
Unauthenticated OS command injection in Tenda AC18 v15.03.05.05 exposes the device to full remote compromise via a crafted HTTP request to the /goform/fast_setting_internet_set endpoint. The vulnerability is a second-order (stored) injection through the mac parameter - malicious payloads are written into device configuration and executed when triggered. No public exploit identified at time of analysis, though SSVC confirms a proof-of-concept exists and the attack is automatable, making mass exploitation technically feasible against internet-exposed devices.
Remote code execution in Pivotal CRM 6.6.4.08 (Aurea) arises from insecure deserialization in the Pivotal.Engine.Client.Services.Conversion.dll component, letting remote attackers run arbitrary code on the server. This is a bypass of the incomplete fix for CVE-2026-39253, and it remains exploitable on systems that only applied the earlier patch-ghi-15381-cwe-502-20251225.zip. No public exploit code has been identified, though public advisories exist for both this issue and its predecessor; EPSS is modest at 0.57% (43rd percentile) and it is not in CISA KEV.
Denial of service in the UTT nv518G router (firmware nv518GV3v3.2.7-210919-161313) allows a remote attacker to crash or hang the device by sending crafted input to the gohead/sub_44af70 (FUN_0044af70) component of its embedded web/management service. Rated CVSS 7.5 (availability-only impact), the flaw is network-reachable without authentication or user interaction but does not expose or alter data. A public technical writeup analyzing the vulnerable function exists on GitHub; there is no public evidence of active exploitation and EPSS scores it low (0.20%, 11th percentile).
Denial of service in the UTT nv518G gateway/router (firmware nv518GV3 v3.2.7-210919-161313) allows a remote, unauthenticated attacker to crash the device by triggering a buffer overflow in the gohead web-service handler at function sub_472f08 (FUN_00472f08). The CVSS 3.1 score of 7.5 reflects availability-only impact (A:H, C:N/I:N) over the network with no privileges or user interaction. EPSS is low (0.22%, 13th percentile) and the CVE is not in CISA KEV; a third-party technical write-up exists on GitHub, but no active exploitation is confirmed.
A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.
Remote code execution in Alexantr filemanager v1.0 lets remote attackers run arbitrary code through the filemanager.php component, mapped to CWE-94 (code injection). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates a network-reachable flaw requiring no authentication or user interaction, and publicly available exploit code exists (GitHub POC by SLO-CYBER-SEC). SSVC rates exploitation as proof-of-concept with total technical impact and automatable=yes, but it is not on CISA KEV and no EPSS score was provided.
Local privilege escalation in Matrix42 Empirum (versions before 25.5 and 26.x before 26.2) lets any authenticated low-privileged user gain SYSTEM execution by abusing the PBackupVSS.exe service's named pipe. The pipe \\.\pipe\PBackupVSS is created with an overly permissive DACL granting GENERIC_READ/GENERIC_WRITE to all authenticated users, so an attacker can send crafted IPC messages that drive the SYSTEM-level service into running an attacker-supplied shadow.exe from a controlled working directory. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but exploitation is mechanically straightforward once on the host.
Cross-site request forgery in Squidex CMS v7.21.0 and earlier allows a remote attacker to escalate privileges by targeting the IdentityServer account profile endpoint without requiring any authentication of their own. A proof-of-concept exploit is publicly documented, including a video walkthrough, and SSVC analysis classifies the attack as automatable with partial technical impact. No active exploitation has been confirmed by CISA KEV at time of analysis.
Heap buffer overflow in snap7 v1.4.3 crashes the embedded S7 server when processing a specially crafted write function packet targeting TS7Worker::PerformFunctionWrite() in /core/s7_server.cpp. Systems deploying snap7 as an S7-compatible communication server - common in industrial SCADA, HMI, and IoT gateway applications bridging to Siemens S7-series PLCs - can be disrupted remotely with no privileges required per the CVSS PR:N designation. No public exploit identified at time of analysis, and the EPSS score of 0.19% (8th percentile) reflects minimal current exploitation activity; however, operational impact in OT environments can exceed what the CVSS Availability score alone suggests.
Denial of service in EIPStackGroup OpENer (commit 76b95c), an open-source EtherNet/IP stack, allows remote attackers to crash the device by sending a crafted Common Packet Format (CPF) packet that triggers a buffer overflow in the Get_Attribute_List handler. The flaw is network-reachable without authentication or user interaction (CVSS 7.5, availability-only impact), and SSVC indicates proof-of-concept exploit code exists and that exploitation is automatable. EPSS is low (0.17%, 7th percentile) and the CVE is not on CISA KEV, so there is no public evidence of active exploitation yet.
Cross-Site Scripting (XSS) vulnerability in the patron restriction type administration page of Koha Library Management System through 25.11 allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label (display_text field)
Stack overflow in Bento4's MP4 parsing component allows an attacker to crash any application built on the library by supplying a crafted MP4 file. The flaw resides in AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity, a dynamic array growth function invoked while processing Track Run (trun) atoms, and affects all Bento4 releases before v1.8.9. A public proof-of-concept exists (poc4.zip), though EPSS sits at 0.17% and CISA KEV has not listed this CVE, indicating no confirmed widespread exploitation at time of analysis.
Stored cross-site scripting in Koha Library Management System's OPAC item detail page enables persistent script injection via the item public notes field (items.itemnotes), affecting all versions through 25.11. An authenticated attacker holding the edit_items permission can plant malicious JavaScript that executes in the browsers of any patron or staff member who subsequently views the affected item's detail page in the OPAC. No public exploit has been identified at time of analysis, and EPSS places exploitation probability at 0.21% (12th percentile), suggesting limited threat actor interest currently.
Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 (V603) allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write arbitrary memory via the serial console.
An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components
A stack overflow in the AP4_StsdAtom::AP4_StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
A stored cross-site scripting (XSS) vulnerability in the item type administration page of Koha Library Management System through 25.11 allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the item type check-in message field (checkinmsg)
An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input.
Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by getting it to load a maliciously crafted shared library, which mishandles resources in the DSO::mmap_and_copy dynamic-linking routine (CWE-404). Publicly available exploit code exists, but the flaw is not in CISA KEV and EPSS is very low (0.17%, 6th percentile), indicating no observed in-the-wild exploitation. Impact is confined to availability - no confidentiality or integrity loss.
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a single SHA-1 hash and RC4 decryption operation, with no brute force required.
Use-after-free in MP4Box's filter pipeline core (gf_filter_pid_inst_swap in filter_pid.c) allows local attackers to crash the application - and potentially achieve memory corruption beyond DoS - by supplying a crafted media file. Publicly available exploit code exists for this vulnerability, hosted on GitHub in a dedicated proof-of-concept repository. The EPSS score is low (0.17%, 6th percentile) with no CISA KEV listing, suggesting the public POC is research-grade rather than part of active exploitation campaigns, but the barrier to triggering a crash is low for any attacker with file delivery capability.
Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_load_from_state_internal function of the SEI loader filter (src/filters/sei_load.c). Processing a maliciously crafted MPEG-2 Transport Stream file causes the parser to dereference a dangling pointer, crashing the application. Publicly available exploit code (a PoC test case and write-up) exists, though the issue is not listed in CISA KEV and carries a low EPSS exploitation probability (0.17%, 6th percentile).
SQL injection in the open-source Grocery Store Management System (PHP/MySQL, v1.0 by anirudhkannanvp) lets attackers read arbitrary database contents by injecting a crafted SQL payload through the unsanitized 'scost' parameter of /grocery/search_products.php. The flaw (CWE-89) carries a CVSS of 7.7 and exposes credentials, customer records, and other sensitive data; publicly available exploit code exists in a dedicated GitHub repository, though it is not listed in CISA KEV and its EPSS exploitation probability is low (0.24%, 16th percentile).
Information disclosure in MSI NBFoundation Service v2.0.2506.1201 lets remote attackers read sensitive data exposed through the named pipe MSI_SERVICE_2, which is configured with overly permissive access controls. The flaw scores CVSS 7.5 (high) for confidentiality-only impact with no authentication required; publicly available exploit code exists in a GitHub proof-of-concept, though there is no evidence of active exploitation and the EPSS probability is low (0.22%, 13th percentile).
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component
Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a process by supplying a crafted string that reaches a panicking `unwrap()` inside the `__assert_fail` function in /assert/mod.rs. Any program linked against the affected relibc that routes attacker-influenced data through an assertion failure path can be forced to abort. Publicly available exploit code exists, but the issue is not listed in CISA KEV and EPSS is low (0.17%, 6th percentile), indicating no observed widespread exploitation.
An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via a crafted input.
Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by supplying a crafted media file. The flaw is an out-of-bounds read of a language metadata string in gf_media_import (media_import.c), where three characters were read without verifying the string's length. Publicly available exploit code exists (sigdevel PoC), but it is not listed in CISA KEV and EPSS is low (0.19%, 8th percentile), indicating minimal observed real-world exploitation.