Privilege Escalation

Server-Side Request Forgery (SSRF) in FastMCP's OpenAPIProvider allows authenticated attackers to access arbitrary backend endpoints through path traversal injection in OpenAPI path parameters. The vulnerability arises from improper URL encoding in the RequestDirector._build_url() method, enabling attackers to escape intended API prefixes using '../' sequences and reach internal administrative or sensitive endpoints while inheriting the MCP provider's authentication context. This affects the fastmcp Python package and enables privilege escalation beyond the OpenAPI specification's intended API surface. No public exploit identified at time of analysis, though detailed proof-of-concept code exists in the GitHub advisory demonstrating traversal to /admin endpoints.

Weak pseudo-random number generation in Cloudreve enables JWT forgery and complete account takeover on instances initialized before v4.10.0. Attackers can brute-force the PRNG seed (achievable in under 3 hours on consumer hardware) by obtaining administrator creation timestamps via public APIs and validating against known hashids, then forge valid JWTs for any user including administrators. No public exploit confirmed at time of analysis, though detailed attack methodology is disclosed. CVSS 8.1 (High) reflects network-accessible privilege escalation despite high attack complexity requiring cryptographic brute-forcing.

Anthropic Python SDK versions 0.86.0 to before 0.87.0 create memory files with overly permissive file permissions (0o666), allowing local attackers to read persisted agent state or modify memory files to influence model behavior on shared hosts and Docker environments. The vulnerability affects both synchronous and asynchronous memory tool implementations and has been patched in version 0.87.0; no public exploit code or active exploitation has been identified at the time of analysis.

Privilege escalation in APTRS (Automated Penetration Testing Reporting System) prior to version 2.0.1 allows any user to escalate their own account or modify any other user account to superuser status by submitting a crafted POST request to /api/auth/edituser/<pk> with an is_superuser field set to true. The CustomUserSerializer fails to mark is_superuser as read-only despite including it in serializer fields, and the edit_user view lacks validation to prevent non-superusers from modifying this critical field. No public exploit code or active exploitation has been identified at time of analysis, but the vulnerability is trivial to exploit given basic HTTP client access to the endpoint.

Discourse versions 2026.1.0-2026.1.2, 2026.2.0-2026.2.1, and 2026.3.0-pre allow authenticated users to escalate their subscription tier by purchasing a lower-cost plan while obtaining benefits reserved for higher-tier subscriptions. The vulnerability has a CVSS 6.3 score reflecting the integrity impact, requires high attack complexity and partial timing conditions, but affects confidentiality minimally. Vendor-released patches address the flaw in versions 2026.1.3, 2026.2.2, and 2026.3.0, and the exploit likely requires knowledge of the subscription grant mechanism.

Privilege escalation in OpenText Operations Agent versions 12.29 and earlier on Windows allows local attackers to execute arbitrary code by placing malicious executables in specific writeable directories, which the agent subsequently executes with elevated privileges. The vulnerability requires local access and specific conditions to be present but does not require prior authentication to the agent itself. No public exploit code has been identified, and there is no confirmation of active exploitation at time of analysis.

DLL search-order hijacking in Anthropic Claude for Windows installer (Claude Setup.exe) versions before 1.1.3363 enables local privilege escalation to system context. An attacker with low privileges and physical or local access can plant a malicious DLL (such as profapi.dll) in the installer directory; when an elevated user runs the installer, the uncontrolled search path causes the malicious DLL to be loaded and executed with system privileges, achieving arbitrary code execution. No public exploit code or active exploitation has been confirmed at the time of analysis.

ClearanceKit on macOS fails to enforce managed and user-defined file-access policies during startup, allowing local processes to bypass intended access controls until GUI interaction triggers policy reloading. The vulnerability affects ClearanceKit versions prior to 4.2.14, where two startup defects create a window in which only a hardcoded baseline rule is enforced, leaving the system vulnerable to privilege escalation and unauthorized file access. This issue is not confirmed actively exploited, but the trivial attack vector (local, no authentication) and high integrity/system impact make it a meaningful risk for systems relying on ClearanceKit for file-access enforcement.

Command injection in MLflow's MLServer integration allows unauthenticated adjacent network attackers to execute arbitrary commands when models are served with enable_mlserver=True. Unsanitized model_uri parameters embedded in bash -c commands enable shell metacharacter exploitation (command substitution via $() or backticks). With CVSS 9.6 (Critical) and adjacent network attack vector, this poses significant risk in multi-tenant MLOps environments where lower-privileged users can control model URIs served by higher-privileged services. No public exploit code identified at time of analysis, with EPSS data not yet available for this recent CVE.

Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access by exploiting missing scope validation in the device pairing approval workflow. The /pair approve command fails to forward caller scopes during approval checks, enabling attackers with basic pairing privileges-or potentially no privileges given the CVSS PR:N vector-to approve device requests with elevated admin scopes. EPSS data not available; no public exploit identified at time of analysis, though the CVSS 9.8 reflects trivial exploitation due to network accessibility, low complexity, and no authentication barrier. Vendor-released patch: commit e403dec (2026.3.28+).

Directory traversal in agentic-context-engine up to version 0.7.1 enables arbitrary file writes through the checkpoint_dir parameter in OfflineACE.run, exploiting inadequate path normalization in the save_to_file method. Unauthenticated attackers can overwrite arbitrary files within the application process's permissions scope, potentially achieving code execution, privilege escalation, or application compromise depending on deployment context and file system layout.

Unauthenticated privilege escalation in Debugger & Troubleshooter WordPress plugin (versions ≤1.3.2) allows remote attackers to gain administrator access by manipulating a cookie value. Attackers can set the wp_debug_troubleshoot_simulate_user cookie to any user ID without cryptographic validation, bypassing all authentication and authorization checks to immediately impersonate administrators. No public exploit code confirmed at time of analysis, though the attack mechanism is straightforward requiring only cookie manipulation. CVSS 8.8 with network-based attack vector and low complexity indicates significant real-world risk for unpatched installations. Vendor-released patch in version 1.4.0 implements cryptographic token validation.

Command injection in Glances Python monitoring tool allows local authenticated users to execute arbitrary system commands via malicious configuration files. Attackers with write access to Glances configuration files can embed shell commands in backtick-enclosed strings that execute automatically during config parsing with the privileges of the Glances process. In environments where Glances runs as a system service with elevated privileges, this enables privilege escalation from low-privileged user to root. CVSS 7.8 (High) with local attack vector requiring low privileges. Public exploit code exists in the advisory. EPSS data not available, not listed in CISA KEV.

Stored DOM-based cross-site scripting (XSS) in CI4 CMS-ERP Mail Settings allows authenticated administrators to inject arbitrary JavaScript via unsanitized configuration fields (Mail Server, Port, Email Address, Password, Protocol, TLS settings), with payloads executing immediately on the same settings page upon save. Attack requires high-privilege access (PR:H) but enables full account takeover and platform compromise. Publicly available proof-of-concept video demonstrates attribute breakout technique.

Insecure deserialization in Gigabyte Control Center's Performance Library component allows authenticated local users to escalate privileges to SYSTEM by sending crafted serialized payloads to the EasyTune Engine service. Affecting Gigabyte Performance Library across versions, this CWE-502 flaw enables low-privileged users to gain complete control of the Windows system. EPSS data not available; no public exploit identified at time of analysis, though the local attack vector and low complexity (CVSS:3.1/AV:L/AC:L/PR:L) suggest exploitation is technically straightforward for attackers with initial local access.

Remote code execution and privilege escalation in Gigabyte Control Center allows unauthenticated network attackers to write arbitrary files to any system location when the pairing feature is enabled. This path traversal vulnerability (CWE-23) requires high attack complexity but needs no user interaction. No public exploit identified at time of analysis, though the technical details disclosed by Taiwan CERT provide sufficient information for exploitation development. CVSS 8.1 (High) reflects significant impact across confidentiality, integrity, and availability.

Bootstrap setup code replay in OpenClaw before 2026.3.13 enables unauthenticated remote attackers to escalate privileges to operator.admin during device pairing. The vulnerability (CWE-294: Capture-replay) in src/infra/device-bootstrap.ts permits multiple verification attempts of valid bootstrap codes before approval, allowing escalation of pending pairing scopes. CVSS 9.3 (Critical) reflects network-accessible attack with low complexity and no user interaction required. EPSS data unavailable; no public exploit identified at time of analysis. Vendor-released patch available via GitHub commit 1803d16d.

Privilege escalation in OpenClaw device token rotation (versions before 2026.3.11) enables authenticated attackers with operator.pairing scope to mint tokens with arbitrary elevated scopes, including operator.admin privileges. This scope validation bypass permits remote code execution on connected nodes via system.run API and unauthorized gateway-admin access. CVSS 9.4 (Critical) with network attack vector and low complexity. EPSS and KEV data not provided; no public exploit identified at time of analysis, though technical details disclosed via GitHub security advisory increase exploitation risk.

Fleet server memory exhaustion via unbounded request bodies allows unauthenticated denial-of-service against multiple HTTP endpoints. The vulnerability affects Fleet v4 (github.com/fleetdm/fleet/v4) and was responsibly disclosed by @fuzzztf. Attackers can exhaust available memory and force server restarts by sending oversized or repeated HTTP requests to unauthenticated endpoints lacking size limits. No public exploit identified at time of analysis, though the attack mechanism is straightforward given the CWE-770 resource allocation vulnerability class.

Wazuh Manager authd service through version 4.7.3 fails to properly restrict client-initiated SSL/TLS renegotiation requests, allowing unauthenticated remote attackers to trigger excessive renegotiations that consume CPU resources and cause denial of service. The vulnerability affects the authentication daemon across all Wazuh Manager deployments running vulnerable versions, enabling attackers to render the authd service unavailable with no authentication required and minimal attack complexity.

Wazuh Manager authd service through version 4.7.3 fails to properly restrict client-initiated SSL/TLS renegotiation, enabling remote attackers to trigger denial of service by flooding the service with excessive renegotiation requests that exhaust CPU resources and render the authentication daemon unavailable. The vulnerability affects all Wazuh Manager installations up to and including version 4.7.3, requires no authentication or user interaction, and can be exploited over the network by any remote actor. No public exploit code or active exploitation has been confirmed at this time, though the straightforward nature of renegotiation-based DoS attacks and moderate CVSS score of 6.9 indicate practical exploitability.

Path traversal in Incus system container manager allows authenticated remote attackers to write arbitrary files as root on the host via malformed systemd credential configuration keys. Affecting all versions before 6.23.0, this enables both privilege escalation from container to host and denial of service through critical file overwrites. EPSS score of 0.06% (18th percentile) indicates low observed exploitation probability, with no public exploit identified at time of analysis. The CVSS 9.9 Critical rating reflects the severe impact of container escape, though the PR:L requirement and lack of active exploitation temper immediate urgency.

Authentication bypass in Incus webui (versions prior to 6.23.0) permits local or remote attackers to gain unauthorized access to the system container and virtual machine manager via an improperly validated authentication token. The vulnerability allows attackers who can reach the temporary localhost web server to escalate privileges to the level of the user running 'incus webui', enabling control over containers, virtual machines, and potentially underlying system resources. CVSS score of 8.8 (High) reflects network attack vector with low complexity requiring user interaction; no public exploit identified at time of analysis.

Incus versions prior to 6.23.0 allow local authenticated attackers to manipulate temporary screenshot files via predictable /tmp paths and symlink attacks, potentially truncating and altering permissions of arbitrary files on systems with disabled symlink protection (rare), leading to denial of service or local privilege escalation. The vulnerability requires local access and authenticated user privileges but is particularly dangerous on systems without kernel-level symlink protections enabled. An exploit proof-of-concept exists, and the vendor has released patched version 6.23.0 to address the issue.

GitHub repository ellanetworks/core (Go package github.com/ellanetworks/core) suffers from a privilege escalation flaw that allows NetworkManager role users to replace the production SQLite database through an improperly validated restore endpoint, enabling escalation to Admin privileges and access to user management, audit logs, debug endpoints, and operator identity configuration. The vulnerability requires high-privilege authenticated access (PR:H) over network (AV:N) with low attack complexity (AC:L), scored CVSS 7.2. No public exploit identified at time of analysis. Patch available in version 1.7.0 per vendor advisory.

Improper case sensitivity handling in the Drupal OpenID Connect / OAuth client module versions prior to 1.5.0 allows privilege escalation through authentication bypass mechanisms. Authenticated or remote attackers can exploit case-sensitivity weaknesses in identity claim validation to assume elevated permissions within Drupal systems relying on this module for federated authentication. The vulnerability affects all versions from 0.0.0 through 1.5.0, and vendor-released patch version 1.5.0 is available.

Keycloak allows authenticated administrators with manage-clients permission to escalate privileges to manage-permissions level, enabling unauthorized control over roles, users, and administrative functions within a realm. Red Hat Build of Keycloak, JBoss Enterprise Application Platform 8, and Red Hat Single Sign-On 7 are affected when admin permissions are enabled at the realm level. The vulnerability requires high-privilege authentication but carries medium CVSS severity (6.5) due to confidentiality and integrity impact without availability compromise.

Remote command execution can be achieved by low-privileged authenticated users (ProjectMember role) in OneUptime monitoring platform versions prior to 10.0.35 by exploiting incomplete sandbox restrictions in Synthetic Monitor Playwright script execution. Attackers can traverse the unblocked _browserType and launchServer properties via page.context().browser()._browserType.launchServer() to spawn arbitrary processes on the Probe container or host. A proof-of-concept exploit exists per SSVC framework data, and the vulnerability carries a CVSS score of 9.9 with Critical severity due to scope change and total technical impact.

Missing functional level access control in HCL Aftermarket DPC version 1.0.0 enables privilege escalation attacks that can compromise application integrity and confidentiality. Unauthenticated attackers can leverage this access control flaw to manipulate and exfiltrate data with user interaction required (CVSS 8.1, AV:N/AC:L/PR:N/UI:R). No public exploit has been identified at time of analysis, with CISA SSVC rating the technical impact as partial and exploitation status as none.

Vienna Assistant 1.2.542 on macOS allows local privilege escalation through an unauthenticated XPC service endpoint that accepts connections from any process. The vulnerable VSL privileged helper service exposes functions to write arbitrary files to any location and execute arbitrary binaries with any arguments, enabling a low-privileged local user to gain root access. A proof-of-concept exploit exists per SSVC assessment, with an EPSS score of 0.02% indicating low observed exploitation probability in the wild.

Mattermost versions 11.2.x through 11.2.2, 10.11.x through 10.11.10, 11.4.0, and 11.3.x through 11.3.1 fail to properly restrict team-level access during remote cluster membership synchronization, allowing a malicious remote cluster to grant users access to entire private teams rather than limiting access to only shared channels. An authenticated attacker controlling a federated remote cluster can send crafted membership sync messages to trigger unintended team membership assignment, resulting in unauthorized access to private team resources. The EPSS score of 0.03% (percentile 7%) indicates low real-world exploitation probability, and no public exploit code has been identified at time of analysis.

RATOC RAID Monitoring Manager for Windows contains an insecure directory permissions vulnerability when the installation folder is customized to a non-default location. The installer fails to properly set access control lists (ACLs) on custom installation directories, allowing non-administrative users to modify folder contents and execute arbitrary code with SYSTEM privileges. With a CVSS 4.0 score of 8.5, this represents a high-severity local privilege escalation vulnerability affecting Windows systems where this RAID management software is installed.

The Amelia Booking plugin for WordPress contains an Insecure Direct Object Reference (IDOR) vulnerability in versions up to and including 9.1.2 that allows authenticated attackers with customer-level permissions to bypass authorization controls and modify user passwords, including administrator accounts, potentially leading to complete site takeover. This vulnerability affects the pro version of the plugin available on CodeCanyon and carries a CVSS score of 8.8 (HIGH). No evidence of active exploitation (KEV) or public proof-of-concept is currently documented, but the vulnerability has been publicly disclosed by Wordfence.

The Masteriyo LMS plugin for WordPress contains a critical privilege escalation vulnerability that allows authenticated users with Student-level access or higher to elevate their privileges to administrator level. All versions up to and including 2.1.6 are affected. The vulnerability is exploitable over the network with low attack complexity and requires no user interaction, resulting in a critical CVSS score of 9.8, though the CVSS vector indicates no authentication required (PR:N) which conflicts with the description stating Student-level access is needed.

crun versions 1.19 through 1.26 misparse the `-u` (--user) option during container execution, causing a numeric UID value of 1 to be incorrectly interpreted as UID 0 (root) instead, resulting in privilege escalation where containerized processes execute with root privileges instead of the intended unprivileged user. The vulnerability affects the containers/crun OCI runtime container (cpe:2.3:a:containers:crun:*:*:*:*:*:*:*:*) and has been patched in version 1.27. No public exploit code or active exploitation has been identified, though the EPSS score of 0.01% (percentile 2%) indicates minimal real-world exploitation likelihood despite the privilege escalation tag.

Improper access control in OpenEMR versions prior to 8.0.0.3 allows any authenticated user to download and permanently delete electronic claim batch files containing protected health information (PHI) via the billing file-download endpoint, regardless of whether they have billing privileges. The vulnerability has a 7.6 CVSS score with low attack complexity and requires only low-level authentication. EPSS exploitation probability is 0.03% (8th percentile), indicating low observed targeting in real-world exploitation at time of analysis, and no public exploit has been identified.

OpenEMR versions prior to 8.0.0.3 allow authenticated API users to bypass administrative access controls on five insurance company management REST API endpoints due to missing authorization checks. An attacker with valid API credentials but non-administrative OpenEMR privileges can create, read, and modify insurance company records without proper permission validation. The vulnerability requires prior authentication and affects data integrity rather than confidentiality or availability; no public exploit code has been identified, and exploitation probability is very low (EPSS 0.02%).

Improper privilege management in Iperius Backup through version 8.7.3 allows local authenticated attackers to escalate privileges via manipulation of the Backup Job Configuration File Handler, with public exploit code available. The vulnerability requires local access and high attack complexity but grants full confidentiality and integrity impacts to affected systems. Upgrade to version 8.7.4 or later to remediate.

IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 are vulnerable to privilege escalation due to improper access control (CWE-200: Information Exposure). A privileged user with existing authenticated access to the application server can exploit this vulnerability to gain additional unauthorized access to sensitive resources, potentially leading to information disclosure and integrity violations. While a CVSS score of 6.5 indicates moderate severity, the vulnerability requires high privileges to trigger (PR:H) and has no user interaction requirement, making it exploitable by insiders or compromised administrative accounts.

A stored cross-site scripting (XSS) vulnerability in n8n workflow automation platform allows authenticated users to craft malicious workflows that execute arbitrary JavaScript in the browsers of higher-privileged users. Affected versions are n8n prior to 1.123.27, 2.13.3, and 2.14.1 (identified via CPE cpe:2.3:a:n8n-io:n8n). An attacker with workflow creation/modification permissions can exploit the `/rest/binary-data` endpoint's failure to properly sanitize HTML responses, enabling credential theft, workflow manipulation, and privilege escalation to administrative access with full same-origin context.

A user-controlled key authorization bypass vulnerability in HYPR Server versions 9.5.2 through 10.7.1 enables authenticated attackers to escalate privileges through improper authorization checks. An attacker with low-level privileges can manipulate cryptographic keys or authorization tokens to gain high-level access, compromising confidentiality, integrity, and availability of the authentication system. This vulnerability requires local or physical access to the system and valid user credentials, limiting its immediate threat scope but representing a critical risk in multi-tenant or shared infrastructure deployments.

An incorrect privilege assignment vulnerability in HYPR Server allows authenticated users to escalate their privileges through an unspecified mechanism. HYPR Server versions 10.5.1 through 10.6.x are affected, with the vulnerability resolved in version 10.7 and later. An attacker with valid user credentials can exploit this flaw to gain elevated permissions, potentially compromising the entire authentication infrastructure managed by the HYPR Server instance.

An Incorrect Privilege Assignment vulnerability exists in WPFunnels Creator LMS plugin (versions up to and including 1.1.18) that allows authenticated or unauthenticated attackers to escalate their privileges within the application. This CWE-266 flaw enables attackers to gain unauthorized administrative or elevated access, potentially compromising the entire LMS installation and user data. While CVSS and EPSS scores are not yet publicly available, the privilege escalation nature and confirmed vulnerability status indicate significant real-world risk, particularly for WordPress installations managing educational content and user accounts.

RewardsWP, a WordPress plugin by Andrew Munro/AffiliateWP, contains an Incorrect Privilege Assignment vulnerability (CWE-266) that allows authenticated or unauthenticated attackers to escalate their privileges within the plugin and potentially the WordPress installation. Affected versions are RewardsWP up to and including 1.0.4. This vulnerability enables privilege escalation attacks, allowing attackers with limited access to gain elevated permissions and control over reward or affiliate functionality.

Bit SMTP version 1.2.2 and earlier contains an Incorrect Privilege Assignment vulnerability (CWE-266) that allows privilege escalation attacks. The vulnerability affects the Bit SMTP WordPress plugin and permits attackers to elevate their privileges beyond their intended authorization level. While no CVSS score or EPSS data is currently published, the vulnerability has been documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15882, indicating formal recognition of the security issue.

A privilege escalation vulnerability exists in the wpeverest User Registration WordPress plugin through version 4.4.9 due to incorrect privilege assignment (CWE-266). This flaw allows authenticated or unauthenticated attackers to escalate their privileges within the plugin, potentially gaining administrative access or elevated capabilities. No CVSS score, EPSS data, or KEV status has been published, limiting quantification of real-world exploitation risk, though the vulnerability was reported by Patchstack and affects all installations running version 4.4.9 or earlier.

An Incorrect Privilege Assignment vulnerability (CWE-266) exists in uxper Golo theme versions up to and including 1.7.0, enabling privilege escalation attacks. This WordPress theme vulnerability allows attackers to elevate their privileges within the application, potentially gaining unauthorized administrative access. The vulnerability was reported by Patchstack and affects all versions from an unspecified baseline through 1.7.0; no CVSS score, EPSS data, or active KEV status information is currently available.

WPBookit Pro contains an Incorrect Privilege Assignment vulnerability (CWE-266) that allows unauthenticated or low-privileged attackers to escalate their privileges within the WordPress plugin. All versions through 1.6.18 are affected, enabling attackers to gain unauthorized administrative or elevated capabilities. The vulnerability was reported by Patchstack and tracked under EUVD-2026-15721, though CVSS scoring data is currently unavailable.

An Incorrect Privilege Assignment vulnerability (CWE-266) exists in the Salon Booking System Pro WordPress plugin versions prior to 10.30.12, allowing attackers to escalate privileges and potentially achieve account takeover. The vulnerability affects all versions of the salon-booking-plugin-pro from an unspecified baseline through version 10.30.11. This privilege escalation can be exploited by unauthenticated or low-privileged attackers to gain unauthorized administrative access to the booking system.

Elated-Themes Search & Go contains an Incorrect Privilege Assignment vulnerability (CWE-266) that allows privilege escalation attacks. All versions up to and including version 2.8 are affected. An attacker can exploit this flaw to escalate privileges within the WordPress environment, gaining unauthorized administrative or elevated capabilities. While CVSS and EPSS scores are not available, the vulnerability has been documented by security researcher Patchstack and assigned ENISA EUVD tracking ID EUVD-2026-15582, indicating it has received third-party security scrutiny.

This is an Incorrect Privilege Assignment vulnerability (CWE-266) in the Xagio SEO WordPress plugin that allows privilege escalation. The vulnerability affects Xagio SEO versions up to and including 7.1.0.30. An attacker can exploit this flaw to elevate their privileges within the affected WordPress installation, potentially gaining administrative access or performing unauthorized actions. No CVSS score, EPSS data, or KEV status information is currently available, and the vulnerability has not been confirmed as actively exploited in the wild.

RegistrationMagic, a WordPress plugin for custom registration forms, contains an Incorrect Privilege Assignment vulnerability (CWE-266) that allows privilege escalation through improper access controls. Versions up to and including 6.0.7.1 are affected, enabling attackers to escalate privileges and potentially take over user accounts. While CVSS and EPSS scores are not publicly available, the vulnerability has been documented by Patchstack and assigned ENISA tracking ID EUVD-2026-15569, indicating active vulnerability research and disclosure.

cryptodev-linux 1.14 and earlier suffer from a use-after-free vulnerability in the /dev/crypto device driver that enables local privilege escalation through reference count manipulation. Attackers with local access can exploit this memory corruption flaw to gain elevated privileges on affected systems. Public exploit code exists for this vulnerability.

A Linux kernel scheduler vulnerability in SCHED_DEADLINE task handling causes bandwidth accounting corruption when a deadline task holding a priority-inheritance mutex is changed to a lower priority class via sched_setscheduler(). The vulnerability affects Linux kernel implementations (all versions with SCHED_DEADLINE support) and can be triggered by local unprivileged users running specific workloads like stress-ng, potentially leading to kernel warnings, task accounting underflow, and denial of service. No active exploitation in the wild is currently documented, but the vulnerability is fixed in stable kernel branches as evidenced by the provided commit references.

A memory access protection bypass vulnerability exists in the Linux kernel's ARM64 ioremap_prot() function where user-space page protection attributes are improperly propagated to kernel-space I/O remapping, bypassing Privileged Access Never (PAN) protections and enabling information disclosure. This affects all Linux kernel versions on ARM64 systems with PAN enabled. An attacker with local access can trigger memory access faults and potentially read sensitive kernel memory through operations like accessing /proc/[pid]/environ on vulnerable systems.

A logic error in the Linux kernel's bonding driver allows an unprivileged user to change the xmit_hash_policy parameter to an incompatible value (vlan+srcmac) while an XDP program is loaded, creating an inconsistent state where the kernel cannot safely unload the XDP program during device shutdown. This triggers a kernel warning and potential instability when the bond interface is destroyed. The vulnerability affects Linux kernel versions across multiple stable branches and requires local access to trigger.

A permissions enforcement vulnerability in macOS allows applications to bypass security restrictions and access protected user data due to insufficient authorization checks. This issue affects macOS Sequoia (prior to 15.7.5), macOS Sonoma (prior to 14.8.5), and macOS Tahoe (prior to 26.4). An attacker with the ability to execute an application on the affected system could potentially access sensitive user information without proper user consent or authorization. No CVSS score, EPSS data, or active exploitation in the wild (KEV status) has been disclosed by Apple.

A permissions bypass vulnerability in Apple Xcode allows unprivileged applications to read arbitrary files with root-level privileges due to insufficient access controls. The vulnerability affects Xcode versions prior to 26.4 and could enable attackers to exfiltrate sensitive system files or configuration data. While no CVSS score or EPSS data is currently published, the ability to read arbitrary files as root represents a critical privilege escalation issue that warrants immediate patching.

A privilege escalation vulnerability exists in ralphje Signify versions prior to 0.9.2, affecting the signed_data.py and context.py components. Remote attackers can exploit this flaw to escalate privileges within the application's cryptographic signature verification context. While CVSS and EPSS scores are not currently available, the vulnerability has been patched in version 0.9.2 and related issues have been addressed in the upstream osslsigncode project.

A privilege escalation vulnerability exists in osslsigncode (mtrojnar) versions 2.10 and earlier within the osslsigncode.c component, allowing remote attackers to escalate privileges. The vulnerability affects users of the osslsigncode code signing utility. While CVSS scoring is not yet available, referenced GitHub issues and pull requests suggest this is an authenticated or context-dependent issue that has been identified and likely patched.

Parse Server versions prior to 8.6.59 and 9.6.0-alpha.53 contain a SQL injection vulnerability in PostgreSQL aggregate operations that allows attackers with master key access to execute arbitrary SQL statements, escalating from application-level administrator privileges to database-level access. Only PostgreSQL-backed Parse Server deployments are affected; MongoDB deployments are not vulnerable. No CVSS score or EPSS data is currently available, and no KEV or active exploitation reports have been confirmed at this time.

Firefox's Netmonitor component contains a privilege escalation vulnerability that affects versions prior to 149 (ESR < 140.9), allowing unauthenticated attackers to gain elevated privileges through network-accessible attack vectors with no user interaction required. This critical flaw (CVSS 9.8) enables complete system compromise including confidentiality, integrity, and availability violations, with no patch currently available.

Firefox versions prior to 149 contain a privilege escalation vulnerability in the IPC component that allows remote attackers to escalate privileges through user interaction on affected systems. An attacker can exploit this flaw to gain elevated system access and potentially execute arbitrary code with higher privileges. No patch is currently available for this high-severity vulnerability affecting Mozilla and Debian users.

WPGraphQL prior to version 2.10.0 allows authenticated low-privileged users to bypass comment moderation controls and self-approve their own comments without possessing the moderate_comments capability. The vulnerability exploits owner-based authorization logic in the updateComment mutation, enabling non-moderator users to transition comment status to APPROVE, HOLD, SPAM, or TRASH states directly. A proof-of-concept demonstrating this authorization bypass in WPGraphQL 2.9.1 has been published, and while the EPSS score of 0.03% indicates low statistical likelihood of exploitation, the attack vector is network-based with low complexity and requires only low-level user privileges (including custom roles with zero capabilities).

This vulnerability in Roadiz's DownloadedFile::fromUrl() method allows authenticated users with ROLE_ACCESS_DOCUMENTS to read arbitrary files from the server via PHP stream wrapper abuse, specifically by injecting file:// URIs into media import workflows. An attacker can extract sensitive files including .env configuration files, database credentials, and system files, achieving complete confidentiality compromise of the application and potentially the underlying infrastructure. A proof-of-concept exists demonstrating exploitation through malicious Podcast RSS feeds, and a patch is available from the vendor.

systemd (PID 1) contains a denial-of-service vulnerability triggered by malformed IPC API calls from unprivileged users that causes the service manager to assert and freeze. On versions v249 and earlier, the same vulnerability manifests as stack buffer overwriting with attacker-controlled data, potentially enabling code execution; versions v250 and newer include a safety check that converts this to a non-exploitable assertion failure. The vulnerability affects systemd versions v239 through v259 (with patched versions 260-rc1, 259.2, 258.5, and 257.11 available), impacting all Linux distributions using affected systemd builds including multiple Ubuntu releases tracked at medium priority.

Blinko versions prior to 1.8.4 contain a critical privilege escalation vulnerability in the upsertUser endpoint that allows any authenticated user to modify other users' passwords and escalate to superadmin privileges. The vulnerability stems from three distinct authorization and input validation flaws: missing superAdminAuthMiddleware enforcement, optional password verification, and absent ownership checks. An attacker with valid credentials can directly execute account takeover and administrative privilege escalation with no additional exploits required.

GV Edge Recording Manager (ERM) v2.3.1 improperly executes application components with SYSTEM-level privileges, allowing any local user to escalate privileges and gain full control of the operating system. The vulnerability stems from the Windows service running under the LocalSystem account and spawning child processes with elevated privileges, particularly when file dialogs are invoked during operations like data import. This is a local privilege escalation vulnerability with high real-world risk due to the ease of exploitation and the severity of the impact.

A critical command injection vulnerability exists in DigitalOcean Droplet Agent through version 1.3.2, where the troubleshooting actioner component processes metadata from the metadata service endpoint without adequate input validation, allowing attackers who can control metadata responses to inject and execute arbitrary OS commands with root privileges. An attacker can trigger the vulnerability by sending a TCP packet with specific sequence numbers to the SSH port, causing the agent to fetch and execute malicious commands from the metadata service, potentially leading to complete system compromise, data exfiltration, and lateral movement across cloud infrastructure. A public proof-of-concept exists at https://github.com/poxsky/CVE-2026-24516-DigitalOcean-RCE, indicating active research and potential exploitation risk.

The Ultimate WordPress Toolkit - WP Extended plugin for WordPress contains a privilege escalation vulnerability affecting all versions up to and including 3.2.4. Authenticated attackers with Subscriber-level access can exploit an insecure URL check to gain administrative capabilities, enabling them to modify WordPress options and create new administrator accounts. This is a critical vulnerability with a CVSS score of 8.8, requiring low attack complexity and no user interaction.

The Import and export users and customers plugin for WordPress contains a privilege escalation vulnerability that allows unauthenticated attackers to gain Administrator privileges. All versions up to and including 1.29.7 are affected. The vulnerability can only be exploited when specific configuration conditions are met (the 'Show fields in profile' setting is enabled and a CSV with wp_capabilities column has been previously imported), which increases attack complexity but does not eliminate the critical risk.

The Expire Users plugin for WordPress versions up to and including 1.2.2 contains a privilege escalation vulnerability that allows authenticated users with Subscriber-level access or higher to elevate their privileges to administrator level. This occurs because the plugin improperly allows users to update the 'on_expire_default_to_role' meta field through the 'save_extra_user_profile_fields' function without proper authorization checks. With a CVSS score of 8.8 (High severity), this represents a critical security issue for affected WordPress installations, though no active exploitation (KEV) or EPSS data has been reported at this time.

The Linksy Search and Replace plugin for WordPress versions up to 1.0.4 contains a missing capability check vulnerability that allows authenticated attackers with subscriber-level access or higher to modify arbitrary database tables. Attackers can exploit this to elevate their privileges to administrator by modifying the wp_capabilities field, achieving complete site takeover. With a CVSS score of 8.8 (High), this represents a critical privilege escalation vulnerability affecting authenticated users with minimal access.

The App Builder - Create Native Android & iOS Apps On The Flight WordPress plugin up to version 5.5.10 contains a privilege escalation vulnerability in its REST API registration endpoint that allows unauthenticated attackers to register accounts with the wcfm_vendor role, bypassing WCFM Marketplace's vendor approval workflow. The verify_role() function in AuthTrails.php explicitly whitelists the wcfm_vendor role without proper authorization checks, enabling attackers to immediately gain vendor-level privileges including product management, order access, and store management on affected WordPress installations. This vulnerability has a CVSS score of 6.5 with low attack complexity and no authentication requirements, making it a moderate-to-significant risk for WordPress sites using both this plugin and WCFM Marketplace.

OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated attackers to bypass device pairing requirements and self-assign elevated operator.admin scopes. Attackers with valid shared gateway authentication credentials can present self-signed unpaired device identities to obtain administrator privileges before pairing approval is granted. This is a high-severity vulnerability (CVSS 8.8) with a patch available from the vendor.

Unauthenticated access to OCPP WebSocket endpoints allows remote attackers to impersonate legitimate charging stations and execute arbitrary commands against electric vehicle charging infrastructure without credentials. An attacker can connect using a known station identifier to manipulate charging operations, alter backend data, and escalate privileges across the charging network. No patch is currently available for this critical vulnerability affecting EV charging systems.

Unauthenticated access to OCPP WebSocket endpoints allows remote attackers to impersonate legitimate charging stations and execute arbitrary commands against EV charging infrastructure without credentials. By connecting with a known station identifier, threat actors can manipulate charging operations, escalate privileges, and corrupt backend network data. No patch is currently available for this critical vulnerability affecting charging station deployments.

Remote code execution in Python allows authenticated users with SETTINGS permission to modify the reconnect.script configuration parameter without restriction, which is then passed unsanitized to subprocess.run() enabling arbitrary command execution. The vulnerability exists due to insufficient input validation in the set_config_value() API endpoint, which only restricts the general.storage_folder setting while leaving other security-critical options like reconnect.script unprotected. An attacker with non-admin SETTINGS privileges can exploit this to achieve full system compromise on the affected Python installation.

A Cross-Site Request Forgery (CSRF) vulnerability in the AVideo platform's plugin upload endpoint allows unauthenticated attackers to achieve Remote Code Execution by tricking authenticated administrators into visiting a malicious webpage. The vulnerability combines missing CSRF token validation on the pluginImport.json.php endpoint with explicitly configured SameSite=None session cookies over HTTPS, enabling cross-origin session hijacking. A proof-of-concept exploit has been published demonstrating full compromise by uploading a malicious plugin containing a PHP webshell.

An unauthenticated information disclosure vulnerability exists in the AVideo Permissions plugin endpoint `list.json.php`, which exposes the complete permission matrix mapping user groups to installed plugins without any authentication check. The vulnerability affects AVideo instances with the Permissions plugin enabled and allows unauthenticated attackers to enumerate all user groups, plugins, and their permission assignments-information that significantly aids targeted privilege escalation attacks. A proof-of-concept curl command exists, and this represents a clear authentication bypass in a sensitive administrative endpoint.

AVideo, an open-source video platform, contains a session fixation vulnerability that allows attackers to hijack user sessions and achieve full account takeover. The flaw affects the AVideo Composer package (pkg:composer/wwbn_avideo) and stems from accepting arbitrary session IDs via URL parameters, bypassing session regeneration for specific endpoints, and disabled session regeneration during login. A public proof-of-concept exploit is available in the GitHub security advisory, and the vulnerability requires only low privileges (authenticated attacker) and user interaction (victim clicking a malicious link), making it highly exploitable.

An improper restriction of communication channel to intended endpoints vulnerability (CWE-923) has been identified in QNAP QHora devices, allowing attackers with physical access to exploit insufficient endpoint validation and gain privileges intended for legitimate endpoints. The vulnerability affects QHora/QuRouter products prior to version 2.6.3.009. While no CVSS score or EPSS data is currently available and the vulnerability does not appear in active exploitation databases (KEV), the physical access requirement significantly constrains real-world exploitability, though the privilege escalation impact remains concerning for organizations with physical security controls.

An improper neutralization of escape, meta, or control sequences vulnerability (CWE-150) affects QNAP QHora/QuRouter devices, allowing local attackers with administrator privileges to cause unexpected behavior through injection of unfiltered control sequences. The vulnerability has been patched in QuRouter version 2.6.3.009 and later. While no CVSS score, EPSS probability, or KEV/POC data are currently published, the requirement for local administrator access significantly limits exploitation scope in typical deployments.

An SQL injection vulnerability exists in QNAP QuRouter that allows authenticated local administrators to execute unauthorized code or commands through SQL injection techniques. The vulnerability affects QuRouter versions prior to 2.6.2.007, and exploitation requires an attacker to first obtain legitimate administrator credentials on the affected device. While no CVSS score or EPSS data is currently published, the SQL injection classification (CWE-89) combined with code execution impact represents a critical risk for compromised administrator accounts.

The Aimogen Pro plugin for WordPress contains an arbitrary function call vulnerability allowing unauthenticated attackers to execute privileged WordPress functions without authorization. All versions up to and including 2.7.5 are affected, enabling attackers to modify critical site settings such as changing the default user registration role to administrator, then registering as an admin to gain full site control. This is a critical authentication bypass with privilege escalation rated 9.8 CVSS, though no active exploitation (KEV) or public proof-of-concept has been reported at this time.

A privilege escalation vulnerability in Discourse allows moderators to edit site policy documents (Terms of Service, guidelines, privacy policy) despite explicit access restrictions, enabling unauthorized modification of critical site governance documents. This affects Discourse versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2. The vulnerability has a low CVSS score of 2.2 due to high attack complexity and privileged access requirement, but represents a clear integrity violation of role-based access controls.

SQL injection in SuiteCRM's authentication layer when directory support is enabled allows authenticated attackers with low-privilege directory credentials to execute arbitrary SQL commands and escalate privileges to administrator level. The vulnerability stems from insufficient input sanitization of usernames in local database queries. SuiteCRM versions prior to 7.15.1 and 8.9.3 are affected, with no patch currently available.

OpenWrt versions prior to 24.10.6 allow local attackers with limited privileges to inject a malicious PATH environment variable into hotplug scripts due to improper filtering in the hotplug_call function, enabling execution of arbitrary binaries with elevated privileges. The vulnerability stems from a strcmp/strncmp logic error that fails to properly exclude the PATH variable when executing scripts in /etc/hotplug.d, resulting in local privilege escalation. No patch is currently available.

Unauthorized user warnings in Discourse prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 can be issued by authenticated non-staff users due to a type coercion flaw in the post actions API endpoint. Attackers with valid login credentials can exploit this to send warnings meant only for staff moderators, though no data exposure or further privilege escalation occurs. No patch workaround is currently available.

The CustomizeUser plugin in PHP and Python allows attackers to bypass channel-level access control by exploiting improper password validation in the setPassword.json.php endpoint. An administrator-level attacker can set any user's channel password to zero due to type coercion of non-numeric characters, enabling trivial authentication bypass for any visitor. No patch is currently available for this critical vulnerability.