N A
Monthly
An open redirect in the /api/google/authorize endpoint of hunvreus DevPush v0.3.2 allows attackers to redirect users to malicious sites via supplying a crafted URL.
An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
Broken access control in ClassroomIO v0.1.13 allows authenticated low-privileged students to disclose sensitive course information including other students' details, tutor/admin profiles, and internal metadata by modifying API requests from POST to GET against the PostgREST endpoint. The vulnerability requires valid student account credentials but no special privileges, enabling unauthorized horizontal and vertical access escalation within course contexts.
Institution administrators with Site staff role in Mahara can impersonate institution members in other institutions where they lack administrative privileges, bypassing intended access controls on multi-tenanted deployments. Affects Mahara versions before 24.04.10 and 25.x before 25.04.1. This requires high-privilege authentication (Site staff role) and does not involve network exploitation of unauthenticated services, limiting real-world attack surface to insider threats within organizations running affected versions.
Reflected cross-site scripting (XSS) in Silverpeas Core before version 6.4.6 allows unauthenticated remote attackers to execute arbitrary JavaScript in users' browsers via malicious input to the AdvancedSearch functionality. The vulnerability requires user interaction (clicking a crafted link) and affects confidentiality and integrity with partial technical impact. Publicly available exploit code exists, and CISA SSVC assessment confirms proof-of-concept availability, though this vulnerability is not yet confirmed in active widespread exploitation.
XiangShan open-source RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 and earlier versions fail to properly gate the Control and Status Register (CSR) write-enable path for Physical Memory Attribute (PMA) configuration, allowing local attackers with code execution privileges to write to PMA CSRs that should raise illegal-instruction exceptions per the RISC-V specification. Successful exploitation enables attackers to alter memory attribute enforcement, potentially leading to privilege escalation, information disclosure, or denial of service depending on platform security boundaries. No public exploit code or active exploitation has been confirmed at time of analysis.
SQL injection in Apartment Visitors Management System V1.1's login form allows remote unauthenticated attackers to bypass authentication and extract database contents via the username parameter. The vulnerability scores 9.4 CVSS with network attack vector and low complexity. Public exploit code exists (SSVC confirms POC status), making this immediately exploitable. EPSS data unavailable, but SSVC framework rates it as automatable with partial technical impact, indicating high practical risk for internet-exposed installations.
SQL injection in Apartment Visitors Management System v1.1 allows unauthenticated remote attackers to extract sensitive database contents via the contactno parameter on the password reset page. The vulnerability bypasses authentication controls through crafted input during password recovery operations. EPSS and KEV data not available, but SSVC framework indicates proof-of-concept exists and the vulnerability is automatable with partial technical impact. The CVSS score of 8.2 reflects high confidentiality impact with network-accessible attack surface requiring no user interaction.
Control-flow disruption in XiangShan open-source RISC-V processor allows local authenticated attackers to trigger denial of service through malformed CSR operations that fail to properly invoke trap handlers. Affected commits from November 2024 contain improper exception handling in the NewCSR subsystem that can leave the processor core in a hung state when targeting non-existent CSR addresses. GitHub issue #3959 and pull request #3966 document the flaw and proposed fix. EPSS score of 0.02% (5th percentile) indicates very low predicted exploitation probability. No public exploit code identified and not listed in CISA KEV, suggesting primarily theoretical risk limited to specialized RISC-V development environments.
Privilege escalation in OpenXiangShan NEMU allows authenticated local attackers to bypass state-enable isolation controls when Smstateen extension is enabled. Clearing mstateen0.ENVCFG fails to properly restrict access to henvcfg and senvcfg Control and Status Registers (CSRs), enabling less-privileged code to read or write privileged configuration registers without triggering required exceptions. This undermines virtualization boundaries and multi-privilege isolation in RISC-V processor emulation environments. EPSS exploitation probability is low (0.02%, 4th percentile), no active exploitation confirmed, and publicly available exploit code exists via GitHub issue #690.
OpenXiangShan NEMU fails to properly enforce Smstateen permission controls, allowing authenticated local users to access IMSIC (Incoming Message Signal Interrupt Controller) state through stopei/vstopei CSRs despite mstateen0.IMSIC being cleared. This privilege escalation enables cross-context information disclosure of interrupt state and potential disruption of interrupt handling mechanisms in lower-privileged execution contexts.
OpenXiangShan NEMU emulator's RISC-V Hypervisor extension implementation allows VS-mode guest writes to the sie (supervisor interrupt-enable) CSR to corrupt machine-level mie state, breaking privilege isolation between virtualization layers. Fixed in commit 55295c4 per GitHub PR #938. Despite CVSS 9.8 Critical rating with network attack vector (AV:N), the EPSS score of 0.03% (9th percentile) indicates extremely low observed exploitation probability, and the vulnerability specifically affects RISC-V emulator environments rather than typical network-accessible services. No CISA KEV listing or public exploit identified at time of analysis, suggesting this is a theoretical high-severity issue in specialized research/development contexts rather than an imminent widespread threat.
Privileged CSR manipulation in XiangShan RISC-V processor core (commit aecf601e80, 2024-11-19) allows local attackers with M-mode access to corrupt processor status registers by exploiting improper handling of WPRI (Write Preserve, Read Ignore) fields in menvcfg operations. Carefully crafted csrrs instructions targeting menvcfg unexpectedly set reserved bits in xstatus to 1, violating RISC-V specification requirements that WPRI fields remain unchanged during CSR operations. Upstream fix committed (5e3dd63) but released version not confirmed. EPSS score 5th percentile indicates low real-world exploitation probability despite theoretical high impact, with no active exploitation or public POC identified.
Server-Side Request Forgery (SSRF) in Craftql PHP library versions 1.3.7 and earlier enables remote attackers to force the server to make unintended requests, potentially leading to arbitrary code execution. The vulnerability resides in the GetAssetsFieldSchema.php listener component. No active exploitation is confirmed (not in CISA KEV), but a proof-of-concept repository with detailed exploitation documentation exists on GitHub. Despite the CVSS 7.5 rating, the extremely low EPSS score (0.01%, 0th percentile) indicates minimal real-world exploitation activity observed to date. The description claims RCE capability, but the CVSS vector shows only confidentiality impact (C:H/I:N/A:N), suggesting the SSRF may enable information disclosure that could chain into RCE rather than direct code execution - verification with vendor advisories needed.
SQL injection in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php. CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) indicates trivial exploitation. CISA SSVC framework confirms proof-of-concept exists, attack is automatable, and technical impact is total (full system compromise). Public POC available on GitHub enables immediate weaponization by attackers with no specialized skills.
STProcessMonitor 11.11.4.0 driver in Safetica Application suite allows local privileged users to send crafted IOCTL requests (0xB822200C) that terminate processes protected by third-party security implementations due to insufficient caller validation in the kernel-mode driver handler. This enables denial of service attacks against critical services without requiring user interaction. Publicly available exploit code exists, and the vulnerability is tracked in CISA's LOLDrivers database as a legitimate-but-abused Windows driver.
Yamaha SR-B30A sound bar firmware 2.40 allows remote attackers within Bluetooth Low Energy (BLE) radio range to connect to the device and modify settings without authentication via the Sound Bar Remote protocol. The vulnerability enables unauthenticated integrity compromise (modification of device configuration) but does not expose sensitive data or cause denial of service. This affects only devices within BLE proximity range, significantly limiting practical attack scope despite the moderate CVSS score.
Reflected cross-site scripting (XSS) in School Management System 1.0 allows unauthenticated remote attackers to inject malicious scripts via the email POST parameter in the contact-us.php admin interface. A victim must click a crafted link, enabling attackers to steal session cookies, perform administrative actions, or redirect users to malicious sites. Public proof-of-concept code exists; however, real-world exploitation probability remains low (EPSS 0.02%) due to reliance on user interaction and limited automaton.
SQL Injection in Sourcecodester Cab Management System 1.0 allows high-privilege administrators to extract limited database information via the /cms/admin/bookings/view_booking.php endpoint. The vulnerability requires authenticated admin access and carries minimal real-world risk given its low EPSS score (0.02%) and CISA SSVC assessment indicating no exploitation status, non-automatable exploitation, and only partial technical impact.
Denial of service in Parani M10 Motorcycle Intercom v2.1.3 via crafted Bluetooth RFCOMM frames allows unauthenticated attackers within wireless range to crash the device. The vulnerability exploits a buffer overflow in the RFCOMM service handler, causing high availability impact. A proof-of-concept exists but active exploitation has not been confirmed; EPSS score of 0.02% suggests limited real-world exploitation pressure despite the accessible attack vector.
SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 at /rsms/admin/services/view_service.php allows authenticated administrators to extract sensitive database information with low complexity. The vulnerability requires high-privilege (admin) access and does not enable data modification or denial of service, limiting real-world impact despite the unauthenticated attack vector network availability. No active exploitation or public proof-of-concept tools have been confirmed; EPSS score of 0.02% and SSVC framework rating 'none' exploitation status indicate minimal practical risk despite CVSS 2.7 rating.
SQL injection in Sourcecodester Basic Library System v1.0 allows high-privilege authenticated attackers to extract sensitive data via the /librarysystem/load_admin.php endpoint. The vulnerability requires administrative authentication, limiting exposure to compromised or malicious admin accounts. EPSS exploitation probability is minimal at 0.02% (6th percentile), and no public exploit code has been identified, making this a low-priority issue despite the SQL injection vector.
SQL injection in Sourcecodester Online Reviewer System v1.0 allows high-privileged authenticated attackers to conduct limited information disclosure through the exam update functionality at /system/system/admins/assessments/examproper/exam-update.php. The vulnerability carries minimal real-world risk due to required administrative privileges (PR:H), low EPSS exploitation probability (0.02%), and CISA SSVC assessment indicating no exploitation trend, non-automatable attack, and only partial technical impact.
SQL injection in Sourcecodester Online Reviewer System v1.0 allows high-privileged authenticated users to extract limited data via a crafted SQL query in the questions-view.php endpoint. The vulnerability requires administrator-level credentials and lacks evidence of active exploitation or public exploit tooling, resulting in a minimal real-world risk profile despite confirmed SQL injection capability.
SQL injection in Sourcecodester Cab Management System v1.0 allows high-privilege authenticated attackers to extract sensitive data via the /cms/admin/categories/view_category.php endpoint. The vulnerability requires administrative credentials and has minimal real-world impact (CVSS 2.7, EPSS 0.02%), with no evidence of active exploitation or public exploit code.
SQL injection in Sourcecodester Basic Library System v1.0 allows high-privilege authenticated attackers to extract limited information from the database via crafted input to /librarysystem/load_book.php. The vulnerability requires administrative credentials and has very low real-world risk (EPSS 0.02%, CVSS 2.7) with no public exploit code identified; CISA does not list it as actively exploited.
Remote code execution in OSGeo MapServer versions prior to 8.0 enables unauthenticated attackers to execute arbitrary code through dynamic-link library (DLL) injection via a specially crafted executable. The vulnerability requires no user interaction and has low attack complexity (CVSS 9.1 Critical), though real-world exploitation probability remains low (EPSS 2%, 5th percentile). Publicly available exploit code exists in a researcher's GitHub repository, but no confirmed active exploitation (CISA KEV) has been documented at time of analysis.
PowerStrip driver (pstrip64.sys) through version 3.90.736 enables authenticated local users to escalate privileges to SYSTEM by sending malicious IOCTL requests that map arbitrary physical memory into user-mode address space, allowing modification of kernel structures. EPSS score of 0.02% (5th percentile) indicates low automated exploitation likelihood, though publicly available exploit code exists (PacketStorm Security reference), making this a realistic threat in environments where PowerStrip is deployed and local access is possible. No CISA KEV listing indicates no confirmed widespread exploitation at time of analysis.
GPS spoofing vulnerability in JXL 9 Inch Car Android Double Din Player (Android 12.0) allows unauthenticated remote attackers to inject falsified GPS signals that the infotainment system accepts as legitimate, forcing incorrect or static location reporting. Exploitation requires no user interaction and achieves high integrity and availability impact through manipulation of navigation data. No public exploit identified at time of analysis. CVSS 9.1 reflects network-accessible attack vector with low complexity.
Unauthenticated account creation bypass in megagao production_ssm v1.0 allows remote attackers to create super administrator accounts via direct API access to /user/insert endpoint. The UserController.java insert() method processes account creation requests without authentication enforcement (CVSS vector PR:N confirms unauthenticated access). Successful exploitation grants full administrative control, enabling attackers to compromise confidentiality, integrity, and availability of the entire application. No public exploit identified at time of analysis.
An open redirect in the /api/google/authorize endpoint of hunvreus DevPush v0.3.2 allows attackers to redirect users to malicious sites via supplying a crafted URL.
An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
Broken access control in ClassroomIO v0.1.13 allows authenticated low-privileged students to disclose sensitive course information including other students' details, tutor/admin profiles, and internal metadata by modifying API requests from POST to GET against the PostgREST endpoint. The vulnerability requires valid student account credentials but no special privileges, enabling unauthorized horizontal and vertical access escalation within course contexts.
Institution administrators with Site staff role in Mahara can impersonate institution members in other institutions where they lack administrative privileges, bypassing intended access controls on multi-tenanted deployments. Affects Mahara versions before 24.04.10 and 25.x before 25.04.1. This requires high-privilege authentication (Site staff role) and does not involve network exploitation of unauthenticated services, limiting real-world attack surface to insider threats within organizations running affected versions.
Reflected cross-site scripting (XSS) in Silverpeas Core before version 6.4.6 allows unauthenticated remote attackers to execute arbitrary JavaScript in users' browsers via malicious input to the AdvancedSearch functionality. The vulnerability requires user interaction (clicking a crafted link) and affects confidentiality and integrity with partial technical impact. Publicly available exploit code exists, and CISA SSVC assessment confirms proof-of-concept availability, though this vulnerability is not yet confirmed in active widespread exploitation.
XiangShan open-source RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 and earlier versions fail to properly gate the Control and Status Register (CSR) write-enable path for Physical Memory Attribute (PMA) configuration, allowing local attackers with code execution privileges to write to PMA CSRs that should raise illegal-instruction exceptions per the RISC-V specification. Successful exploitation enables attackers to alter memory attribute enforcement, potentially leading to privilege escalation, information disclosure, or denial of service depending on platform security boundaries. No public exploit code or active exploitation has been confirmed at time of analysis.
SQL injection in Apartment Visitors Management System V1.1's login form allows remote unauthenticated attackers to bypass authentication and extract database contents via the username parameter. The vulnerability scores 9.4 CVSS with network attack vector and low complexity. Public exploit code exists (SSVC confirms POC status), making this immediately exploitable. EPSS data unavailable, but SSVC framework rates it as automatable with partial technical impact, indicating high practical risk for internet-exposed installations.
SQL injection in Apartment Visitors Management System v1.1 allows unauthenticated remote attackers to extract sensitive database contents via the contactno parameter on the password reset page. The vulnerability bypasses authentication controls through crafted input during password recovery operations. EPSS and KEV data not available, but SSVC framework indicates proof-of-concept exists and the vulnerability is automatable with partial technical impact. The CVSS score of 8.2 reflects high confidentiality impact with network-accessible attack surface requiring no user interaction.
Control-flow disruption in XiangShan open-source RISC-V processor allows local authenticated attackers to trigger denial of service through malformed CSR operations that fail to properly invoke trap handlers. Affected commits from November 2024 contain improper exception handling in the NewCSR subsystem that can leave the processor core in a hung state when targeting non-existent CSR addresses. GitHub issue #3959 and pull request #3966 document the flaw and proposed fix. EPSS score of 0.02% (5th percentile) indicates very low predicted exploitation probability. No public exploit code identified and not listed in CISA KEV, suggesting primarily theoretical risk limited to specialized RISC-V development environments.
Privilege escalation in OpenXiangShan NEMU allows authenticated local attackers to bypass state-enable isolation controls when Smstateen extension is enabled. Clearing mstateen0.ENVCFG fails to properly restrict access to henvcfg and senvcfg Control and Status Registers (CSRs), enabling less-privileged code to read or write privileged configuration registers without triggering required exceptions. This undermines virtualization boundaries and multi-privilege isolation in RISC-V processor emulation environments. EPSS exploitation probability is low (0.02%, 4th percentile), no active exploitation confirmed, and publicly available exploit code exists via GitHub issue #690.
OpenXiangShan NEMU fails to properly enforce Smstateen permission controls, allowing authenticated local users to access IMSIC (Incoming Message Signal Interrupt Controller) state through stopei/vstopei CSRs despite mstateen0.IMSIC being cleared. This privilege escalation enables cross-context information disclosure of interrupt state and potential disruption of interrupt handling mechanisms in lower-privileged execution contexts.
OpenXiangShan NEMU emulator's RISC-V Hypervisor extension implementation allows VS-mode guest writes to the sie (supervisor interrupt-enable) CSR to corrupt machine-level mie state, breaking privilege isolation between virtualization layers. Fixed in commit 55295c4 per GitHub PR #938. Despite CVSS 9.8 Critical rating with network attack vector (AV:N), the EPSS score of 0.03% (9th percentile) indicates extremely low observed exploitation probability, and the vulnerability specifically affects RISC-V emulator environments rather than typical network-accessible services. No CISA KEV listing or public exploit identified at time of analysis, suggesting this is a theoretical high-severity issue in specialized research/development contexts rather than an imminent widespread threat.
Privileged CSR manipulation in XiangShan RISC-V processor core (commit aecf601e80, 2024-11-19) allows local attackers with M-mode access to corrupt processor status registers by exploiting improper handling of WPRI (Write Preserve, Read Ignore) fields in menvcfg operations. Carefully crafted csrrs instructions targeting menvcfg unexpectedly set reserved bits in xstatus to 1, violating RISC-V specification requirements that WPRI fields remain unchanged during CSR operations. Upstream fix committed (5e3dd63) but released version not confirmed. EPSS score 5th percentile indicates low real-world exploitation probability despite theoretical high impact, with no active exploitation or public POC identified.
Server-Side Request Forgery (SSRF) in Craftql PHP library versions 1.3.7 and earlier enables remote attackers to force the server to make unintended requests, potentially leading to arbitrary code execution. The vulnerability resides in the GetAssetsFieldSchema.php listener component. No active exploitation is confirmed (not in CISA KEV), but a proof-of-concept repository with detailed exploitation documentation exists on GitHub. Despite the CVSS 7.5 rating, the extremely low EPSS score (0.01%, 0th percentile) indicates minimal real-world exploitation activity observed to date. The description claims RCE capability, but the CVSS vector shows only confidentiality impact (C:H/I:N/A:N), suggesting the SSRF may enable information disclosure that could chain into RCE rather than direct code execution - verification with vendor advisories needed.
SQL injection in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php. CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) indicates trivial exploitation. CISA SSVC framework confirms proof-of-concept exists, attack is automatable, and technical impact is total (full system compromise). Public POC available on GitHub enables immediate weaponization by attackers with no specialized skills.
STProcessMonitor 11.11.4.0 driver in Safetica Application suite allows local privileged users to send crafted IOCTL requests (0xB822200C) that terminate processes protected by third-party security implementations due to insufficient caller validation in the kernel-mode driver handler. This enables denial of service attacks against critical services without requiring user interaction. Publicly available exploit code exists, and the vulnerability is tracked in CISA's LOLDrivers database as a legitimate-but-abused Windows driver.
Yamaha SR-B30A sound bar firmware 2.40 allows remote attackers within Bluetooth Low Energy (BLE) radio range to connect to the device and modify settings without authentication via the Sound Bar Remote protocol. The vulnerability enables unauthenticated integrity compromise (modification of device configuration) but does not expose sensitive data or cause denial of service. This affects only devices within BLE proximity range, significantly limiting practical attack scope despite the moderate CVSS score.
Reflected cross-site scripting (XSS) in School Management System 1.0 allows unauthenticated remote attackers to inject malicious scripts via the email POST parameter in the contact-us.php admin interface. A victim must click a crafted link, enabling attackers to steal session cookies, perform administrative actions, or redirect users to malicious sites. Public proof-of-concept code exists; however, real-world exploitation probability remains low (EPSS 0.02%) due to reliance on user interaction and limited automaton.
SQL Injection in Sourcecodester Cab Management System 1.0 allows high-privilege administrators to extract limited database information via the /cms/admin/bookings/view_booking.php endpoint. The vulnerability requires authenticated admin access and carries minimal real-world risk given its low EPSS score (0.02%) and CISA SSVC assessment indicating no exploitation status, non-automatable exploitation, and only partial technical impact.
Denial of service in Parani M10 Motorcycle Intercom v2.1.3 via crafted Bluetooth RFCOMM frames allows unauthenticated attackers within wireless range to crash the device. The vulnerability exploits a buffer overflow in the RFCOMM service handler, causing high availability impact. A proof-of-concept exists but active exploitation has not been confirmed; EPSS score of 0.02% suggests limited real-world exploitation pressure despite the accessible attack vector.
SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 at /rsms/admin/services/view_service.php allows authenticated administrators to extract sensitive database information with low complexity. The vulnerability requires high-privilege (admin) access and does not enable data modification or denial of service, limiting real-world impact despite the unauthenticated attack vector network availability. No active exploitation or public proof-of-concept tools have been confirmed; EPSS score of 0.02% and SSVC framework rating 'none' exploitation status indicate minimal practical risk despite CVSS 2.7 rating.
SQL injection in Sourcecodester Basic Library System v1.0 allows high-privilege authenticated attackers to extract sensitive data via the /librarysystem/load_admin.php endpoint. The vulnerability requires administrative authentication, limiting exposure to compromised or malicious admin accounts. EPSS exploitation probability is minimal at 0.02% (6th percentile), and no public exploit code has been identified, making this a low-priority issue despite the SQL injection vector.
SQL injection in Sourcecodester Online Reviewer System v1.0 allows high-privileged authenticated attackers to conduct limited information disclosure through the exam update functionality at /system/system/admins/assessments/examproper/exam-update.php. The vulnerability carries minimal real-world risk due to required administrative privileges (PR:H), low EPSS exploitation probability (0.02%), and CISA SSVC assessment indicating no exploitation trend, non-automatable attack, and only partial technical impact.
SQL injection in Sourcecodester Online Reviewer System v1.0 allows high-privileged authenticated users to extract limited data via a crafted SQL query in the questions-view.php endpoint. The vulnerability requires administrator-level credentials and lacks evidence of active exploitation or public exploit tooling, resulting in a minimal real-world risk profile despite confirmed SQL injection capability.
SQL injection in Sourcecodester Cab Management System v1.0 allows high-privilege authenticated attackers to extract sensitive data via the /cms/admin/categories/view_category.php endpoint. The vulnerability requires administrative credentials and has minimal real-world impact (CVSS 2.7, EPSS 0.02%), with no evidence of active exploitation or public exploit code.
SQL injection in Sourcecodester Basic Library System v1.0 allows high-privilege authenticated attackers to extract limited information from the database via crafted input to /librarysystem/load_book.php. The vulnerability requires administrative credentials and has very low real-world risk (EPSS 0.02%, CVSS 2.7) with no public exploit code identified; CISA does not list it as actively exploited.
Remote code execution in OSGeo MapServer versions prior to 8.0 enables unauthenticated attackers to execute arbitrary code through dynamic-link library (DLL) injection via a specially crafted executable. The vulnerability requires no user interaction and has low attack complexity (CVSS 9.1 Critical), though real-world exploitation probability remains low (EPSS 2%, 5th percentile). Publicly available exploit code exists in a researcher's GitHub repository, but no confirmed active exploitation (CISA KEV) has been documented at time of analysis.
PowerStrip driver (pstrip64.sys) through version 3.90.736 enables authenticated local users to escalate privileges to SYSTEM by sending malicious IOCTL requests that map arbitrary physical memory into user-mode address space, allowing modification of kernel structures. EPSS score of 0.02% (5th percentile) indicates low automated exploitation likelihood, though publicly available exploit code exists (PacketStorm Security reference), making this a realistic threat in environments where PowerStrip is deployed and local access is possible. No CISA KEV listing indicates no confirmed widespread exploitation at time of analysis.
GPS spoofing vulnerability in JXL 9 Inch Car Android Double Din Player (Android 12.0) allows unauthenticated remote attackers to inject falsified GPS signals that the infotainment system accepts as legitimate, forcing incorrect or static location reporting. Exploitation requires no user interaction and achieves high integrity and availability impact through manipulation of navigation data. No public exploit identified at time of analysis. CVSS 9.1 reflects network-accessible attack vector with low complexity.
Unauthenticated account creation bypass in megagao production_ssm v1.0 allows remote attackers to create super administrator accounts via direct API access to /user/insert endpoint. The UserController.java insert() method processes account creation requests without authentication enforcement (CVSS vector PR:N confirms unauthenticated access). Successful exploitation grants full administrative control, enabling attackers to compromise confidentiality, integrity, and availability of the entire application. No public exploit identified at time of analysis.