RCE
Monthly
Remote code injection in Dromara warm-flow up to version 1.8.4 allows authenticated attackers to execute arbitrary code through the SpelHelper.parseExpression function via manipulation of listenerPath, skipCondition, or permissionFlag parameters in the Workflow Definition Handler. The vulnerability uses SpEL (Spring Expression Language) injection to achieve code execution with CVSS 6.3 severity. Publicly available exploit code exists and the flaw has been documented in the project's issue tracker.
Code injection in FoundationAgents MetaGPT versions up to 0.8.1 allows unauthenticated remote attackers to execute arbitrary code via the Tree-of-Thought Solver's generate_thoughts function. Publicly available exploit code exists (GitHub issue #1933), and a vendor-supplied patch is available via pull request #1946. The vulnerability requires no user interaction and has low attack complexity, with confirmed impact to confidentiality, integrity, and availability. CVSS 7.3 (High) reflects moderate impact across all CIA triad elements.
Path traversal in Gleam compiler versions 1.9.0-rc1 through 1.15.3 and 1.16.0-rc1 allows arbitrary file system modification when resolving git dependencies, enabling attackers to delete and overwrite directories outside the intended dependency folder via malicious dependency names containing relative or absolute paths. A user must invoke dependency download (e.g., gleam deps download) for exploitation; attackers can leverage this to cause data loss or achieve code execution by overwriting git hooks or shell configuration files. Vendor-released patches are available.
Prototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execution in user context via malicious PDF files. Attack requires user interaction to open a crafted document. CVSS 9.6 (Critical) reflects network-deliverable code execution with scope change, though EPSS 0.24% (46th percentile) suggests moderate real-world exploitation probability. No public exploit identified at time of analysis.
Local privilege escalation in KeePassXC password manager allows authenticated attackers with low privileges to execute arbitrary code by exploiting insecure OpenSSL configuration file loading. When a target user launches KeePassXC, malicious configuration planted in an unsecured path is loaded, enabling code execution in KeePassXC's security context. Attack requires user interaction and prior low-privileged access. CVSS 7.3 (AV:L/AC:L/PR:L/UI:R). No public exploit identified at time of analysis.
Remote code execution via command injection in ChargePoint Home Flex electric vehicle charging stations allows unauthenticated network-adjacent attackers to execute arbitrary commands as root. The vulnerability resides in the revssh service's handling of OCPP (Open Charge Point Protocol) messages, where unsanitized user-supplied strings are passed directly to system calls. No authentication is required, but the attacker must be on the same network segment as the charging device. No public exploit identified at time of analysis.
Stack-based buffer overflow in ChargePoint Home Flex electric vehicle chargers enables network-adjacent attackers to execute arbitrary code as root via malformed OCPP messages. Unauthenticated exploitation allows complete device compromise through improper length validation in OCPP getpreq message handling. Attack complexity is high (CVSS AC:H), requiring local network access. No public exploit identified at time of analysis.
Integer overflow in GIMP XPM file parser enables remote code execution when processing malicious XPM image files. Affects GIMP installations across platforms. Attackers can execute arbitrary code in victim's process context by delivering crafted XPM files via social engineering or drive-by downloads. Vulnerability requires user interaction (opening malicious file). CVSS 7.8 (High severity). No public exploit identified at time of analysis. Upstream patch committed to GIMP repository; vendor-released version not independently confirmed.
Heap-based buffer overflow in GIMP's PSP (Paint Shop Pro) file parser enables remote code execution when processing malicious PSP image files. Unauthenticated attackers can execute arbitrary code with user privileges by convincing targets to open crafted PSP files. CVSS 7.8 (High) reflects local attack vector requiring user interaction. No public exploit identified at time of analysis. Vulnerability tracked as ZDI-CAN-28874 by Zero Day Initiative.
Heap-based buffer overflow in GIMP's JP2 image parser enables unauthenticated remote code execution when users open crafted JPEG 2000 files. The vulnerability stems from insufficient validation of user-supplied data length before copying to heap memory, allowing attackers to execute arbitrary code with user privileges. Exploitation requires social engineering to convince targets to open malicious JP2 files. No public exploit identified at time of analysis.
Remote code execution in GIMP via integer overflow during ANI (animated cursor) file parsing allows unauthenticated attackers to execute arbitrary code with user privileges when malicious ANI files are opened. Exploitation requires user interaction (opening crafted file or visiting attacker-controlled page). Insufficient validation of user-supplied data triggers integer overflow before buffer allocation, enabling memory corruption. No public exploit identified at time of analysis. CVSS 7.8 (High) reflects local attack vector with no privilege requirements.
Integer overflow in GIMP PSD file parser enables remote code execution when users open malicious PSD files. Affects GIMP installations across platforms. Exploitation requires user interaction (opening crafted file). Attacker achieves arbitrary code execution in application context with high confidentiality, integrity, and availability impact. Publicly available exploit code exists. Insufficient validation of user-supplied data during buffer allocation causes overflow, allowing memory corruption and code execution.
Remote code execution in aws-mcp-server 1.3.0 allows unauthenticated attackers to execute arbitrary commands via command injection in the allowed commands list handler. The vulnerability stems from improper validation of user-supplied strings before system call execution, enabling attackers to run code in the MCP server context with no authentication required. EPSS score of 1.01% (77th percentile) indicates low observed exploitation probability; no public exploit identified at time of analysis.
Remote code execution in aws-mcp-server 1.3.0 allows unauthenticated attackers to execute arbitrary commands via improper validation of the allowed commands list. The command injection flaw (CWE-78) enables system call execution without authentication barriers. With a CVSS score of 9.8 (critical severity) and EPSS probability of 1.01% (77th percentile), this represents a high-severity vulnerability with moderate real-world exploitation likelihood. No public exploit identified at time of analysis, and no active exploitation confirmed.
Local privilege escalation in NoMachine Device Server allows authenticated low-privileged attackers to execute arbitrary code with SYSTEM privileges by exploiting unsafe library loading from an unsecured search path. The vulnerability (ZDI-CAN-28494) requires prior local access but enables full system compromise through DLL hijacking or similar path manipulation. No KEV listing or public exploit identified at time of analysis. CVSS 7.8 (High) with attack vector requiring local access and low privileges (AV:L/PR:L).
Local privilege escalation in NoMachine allows authenticated low-privileged attackers to execute arbitrary code as root through improper validation of command line path parameters. The vulnerability stems from insufficient sanitization of user-supplied file paths in file operations, enabling path traversal to manipulate privileged system resources. Exploitation requires existing low-privileged code execution on the target system. CVSS 7.8 (High) reflects local attack vector with low complexity and no user interaction required. No public exploit identified at time of analysis.
Arbitrary file deletion in NoMachine through environment variable path manipulation allows authenticated local attackers to delete system files with root privileges. Vulnerability stems from insufficient validation of user-supplied paths in file operations, enabling low-privileged users to escalate impact by removing critical files. Affects NoMachine cross-platform remote desktop software. No public exploit identified at time of analysis.
Out-of-bounds write in Labcenter Electronics Proteus PDSPRJ file parser enables unauthenticated remote code execution when victims open crafted project files. The vulnerability stems from insufficient validation during PDSPRJ file processing, allowing buffer overflow conditions that permit arbitrary code execution with victim's privileges. Exploitation requires user interaction-opening a malicious PDSPRJ file or visiting attacker-controlled web content. CVSS 7.8 (High) reflects local attack vector with no privileges required but mandatory user interaction. No public exploit identified at time of analysis. Affects all versions per available CPE data.
Out-of-bounds write in Labcenter Electronics Proteus PDSPRJ file parser enables unauthenticated remote code execution with high integrity impact. Exploitation requires user interaction (opening malicious PDSPRJ file or visiting attacker-controlled page). Insufficient input validation during PDSPRJ processing allows buffer overflow, writing arbitrary data beyond allocated memory boundaries. Successful exploitation grants attacker code execution in application context with full confidentiality, integrity, and availability compromise. No public exploit identified at time of analysis.
Out-of-bounds write during PDSPRJ file parsing in Labcenter Electronics Proteus enables remote code execution when users open malicious project files. Attackers exploit insufficient input validation to write beyond allocated buffer boundaries, executing arbitrary code with victim's privileges. Requires user interaction (opening crafted PDSPRJ file). CWE-787 memory corruption vulnerability. No public exploit identified at time of analysis.
Type confusion in Labcenter Electronics Proteus PDSPRJ file parser enables remote code execution when users open malicious project files. Attackers exploit insufficient validation during file parsing to trigger memory corruption, achieving arbitrary code execution with victim user privileges. Requires social engineering to deliver weaponized PDSPRJ files via email, web download, or file sharing. Publicly available exploit code exists (ZDI advisory disclosure). CVSS 7.8 reflects local attack vector requiring user interaction but no authentication.
Remote code execution in Sonos Era 300 smart speakers (build 17.5/91.0-70070) allows unauthenticated network attackers to execute arbitrary kernel-level code via malformed SMB server responses. The vulnerability achieves maximum CVSS 10.0 severity due to network accessibility without authentication, low complexity, and kernel-level code execution with scope change. EPSS indicates 1.27% exploitation probability (80th percentile), suggesting moderate real-world risk. No active exploitation confirmed at time of analysis, though ZDI publication increases weaponization likelihood.
Remote code execution affects Axios HTTP client library versions prior to 1.15.0 via gadget chain escalation of prototype pollution vulnerabilities in third-party dependencies. Unauthenticated network attackers can exploit this chaining mechanism to achieve full remote code execution or cloud compromise through AWS IMDSv2 bypass. Critical severity (CVSS 10.0) with scope change indicates containment boundary violation. No public exploit identified at time of analysis.
Remote code execution in Chamilo LMS versions prior to 1.11.38 allows authenticated users (including low-privilege students) to upload and execute arbitrary PHP code through the BigUpload endpoint. Attackers exploit insufficient file extension filtering by uploading .pht files containing malicious code, which Apache servers with default .pht handlers execute as PHP. The vulnerability enables authenticated attackers to achieve full server compromise through unrestricted arbitrary file write capabilities. No public exploit identified at time of analysis.
Remote code execution in Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 allows authenticated teachers to upload PHP webshells through the exercise sound upload function by spoofing Content-Type headers to audio/mpeg. Uploaded malicious files retain their .php extensions and execute in web-accessible directories with web server privileges (www-data). Attack requires low-privilege teacher account but no user interaction. No public exploit identified at time of analysis.
Remote code execution in Chamilo LMS versions prior to 2.0.0-RC.3 allows authenticated attackers with administrative privileges to inject and execute arbitrary PHP code via platform configuration settings. The PlatformConfigurationController::decodeSettingArray() method unsafely uses eval() to parse database-stored settings, executing injected code when any user-including unauthenticated visitors-accesses the /platform-config/list endpoint. Exploitation requires low-privilege authentication (PR:L) but delivers full system compromise with high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis.
PraisonAI before version 4.5.128 exposes sensitive environment variables to untrusted subprocess commands executed through its MCP (Model Context Protocol) integration, enabling credential theft and supply chain attacks when third-party tools like npx packages are invoked. An unauthenticated local attacker with user interaction can trigger MCP commands that inherit the parent process environment, gaining access to API keys, authentication tokens, and database credentials without the knowledge of developers using PraisonAI. The vulnerability is fixed in version 4.5.128.
Arbitrary code execution in PraisonAI multi-agent system (<4.5.128) via Python sandbox escape. Incomplete AST attribute filtering allows type.__getattribute__ trampoline to bypass restrictions on __subclasses__, __globals__, and __bases__, enabling untrusted agent code to break containment. Attack requires local access and user interaction to execute malicious code. No public exploit identified at time of analysis.
Arbitrary code execution occurs in PraisonAI (all versions prior to 4.5.128) when a malicious tools.py file exists in the working directory. The framework automatically imports and executes this file during startup without validation or user consent, enabling unauthenticated local attackers to execute arbitrary Python code by placing a weaponized tools.py in directories accessed by users or CI/CD pipelines. User interaction is required (running praisonai command). No public exploit identified at time of analysis.
Remote code execution in OpenClaw versions prior to 2026.3.22 allows authenticated attackers to bypass shared host environment policy via inconsistent environment variable sanitization. Attackers exploit validation inconsistencies by supplying malformed or blocked override keys that evade filtering mechanisms, enabling arbitrary code execution with unauthorized environment variable configurations. Vulnerability requires low-privilege authentication and high attack complexity. No public exploit identified at time of analysis.
Remote code execution in OpenClaw Android application (versions before 2026.3.22) allows unauthenticated attackers to execute arbitrary code through an unvalidated WebView JavascriptInterface. Attackers craft malicious web pages that invoke the exposed canvas bridge, executing instructions within the application's Android context when users interact with untrusted content. The vulnerability requires user interaction but no authentication, enabling high-severity compromise of confidentiality, integrity, and availability. No public exploit identified at time of analysis.
Arbitrary code execution in OpenClaw versions prior to 2026.3.24 enables local attackers to execute malicious code during npm package installation by crafting a malicious .npmrc file that overrides the git executable. When npm install runs in the staged package directory with git dependencies, the attacker-controlled .npmrc configuration triggers execution of arbitrary programs specified by the attacker. Exploitation requires user interaction to install the malicious plugin or hook locally. No public exploit identified at time of analysis.
Heap buffer overflow in HDF5 library versions 1.14.1-2 and earlier allows local attackers to trigger a write-based overflow in the H5T__ref_mem_setnull method by crafting malicious HDF5 files, leading to denial-of-service and potential remote code execution depending on heap exploitation complexity. Attack requires local file access and user interaction to parse a malicious file. No public exploit code identified at time of analysis.
CalDAV output generator in Vikunja allows authenticated users to inject arbitrary iCalendar properties via CRLF characters in task titles, bypassing RFC 5545 TEXT value escaping requirements. An attacker with project write access can craft malicious task titles that break iCalendar property boundaries, enabling injection of fake ATTACH URLs, VALARM notifications, or ORGANIZER spoofing when other users sync via CalDAV. Patch available in version 2.3.0; requires user interaction (calendar sync) to trigger on other users' clients.
Remote code execution in BerriAI LiteLLM (all versions through 2026-04-08) enables authenticated attackers to execute arbitrary code by exploiting bytecode rewriting functionality at the /guardrails/test_custom_code endpoint. The vulnerability requires low-privilege authentication (PR:L) but permits complete system compromise with high impact to confidentiality, integrity, and availability. No public exploit identified at time of analysis.
Heap buffer overflow in Netwide Assembler (NASM) 3.02rc5 obj_directive() function enables arbitrary code execution and denial of service when processing maliciously crafted .asm files. Missing bounds validation allows attackers to corrupt heap memory through specially constructed assembly source files. Publicly available exploit code exists. Impacts NASM users assembling untrusted input files, particularly automated build systems and development environments processing external assembly code.
Unauthenticated path traversal in FalkorDB Browser 1.9.3 file upload API enables remote attackers to write arbitrary files to the server filesystem and execute code without authentication. Attack vector is network-accessible with low complexity, requiring no user interaction. CVSS 9.8 critical severity reflects complete compromise of confidentiality, integrity, and availability. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.09%, 25th percentile).
Remote code execution in YML for Yandex Market WordPress plugin versions before 5.0.26 allows unauthenticated remote attackers to execute arbitrary code through the feed generation process. The vulnerability has a CVSS score of 6.5 and publicly available exploit code exists. Exploitation requires only network access with no user interaction, making it relatively straightforward to weaponize despite the low EPSS score (0.09%), suggesting limited real-world exploitation activity at the time of analysis.
DLL hijacking in JPCERT's Emocheck malware detection tool allows local code execution when malicious DLL placed in application directory. Unauthenticated attacker with local access can achieve arbitrary code execution at user privilege level by exploiting insecure library loading (CWE-427). User must invoke Emocheck executable with crafted DLL present. No public exploit identified at time of analysis. CVSS 7.8 indicates high severity requiring user interaction and local access.
SQL injection in Simple IT Discussion Forum 1.0 by code-projects allows unauthenticated remote attackers to execute arbitrary SQL commands via the cat_id parameter in /delete-category.php, enabling unauthorized data access, modification, or deletion. Publicly available exploit code exists. CVSS 7.3 (High) reflects network-accessible attack surface with low complexity and no authentication requirement, permitting compromise of confidentiality, integrity, and availability.
OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the admpass parameter in setLoginPasswordCfg function of /cgi-bin/cstecgi.cgi. Network-accessible with no user interaction required. Publicly available exploit code exists. CVSS 9.8 critical severity reflects complete system compromise potential.
OS command injection in Totolink A7100RU firmware 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the tty_server parameter in the setAdvancedInfoShow function of /cgi-bin/cstecgi.cgi. CVSS 9.8 critical severity reflects network-accessible exploitation requiring no authentication or user interaction. Publicly available exploit code exists. Attackers can achieve full system compromise including data exfiltration, configuration tampering, and denial of service against affected routers.
OS command injection in Totolink A7100RU 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via malicious lan_info parameter to setMiniuiHomeInfoShow function in /cgi-bin/cstecgi.cgi. CVSS 9.8 critical severity with network attack vector requiring no privileges or user interaction. Publicly available exploit code exists. Complete compromise of confidentiality, integrity, and availability achievable through CGI handler manipulation.
Remote OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 via unauthenticated manipulation of telnet_enabled parameter in setTelnetCfg function. Critical CVSS 9.8 score reflects network-accessible attack requiring no authentication or user interaction, enabling full system compromise. Publicly available exploit code exists. Impacts router confidentiality, integrity, and availability with potential for complete device takeover and lateral network movement.
Stack-based buffer overflow in Tenda F451 router (version 1.0.0.7) enables authenticated remote attackers to execute arbitrary code via malformed 'page' parameter in fromP2pListFilter function at /goform/P2pListFilter endpoint. Publicly available exploit code exists. Attack requires low-privilege authentication (PR:L) but no user interaction, yielding high confidentiality, integrity, and availability impact on vulnerable device.
Unauthenticated OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 allows remote attackers to execute arbitrary system commands via the wifiOff parameter in the setWiFiGuestCfg function of /cgi-bin/cstecgi.cgi. CVSS 9.8 critical severity with network-accessible attack vector requiring no authentication or user interaction. Publicly available exploit code exists. Successful exploitation enables complete device compromise with high impact to confidentiality, integrity, and availability.
An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable arbitrary file read/write operations and potentially lead to remote code execution.
Supply chain compromise in Smart Slider 3 Pro 3.5.1.35 for WordPress and Joomla delivers multi-stage remote access toolkit via compromised update mechanism. Unauthenticated attackers achieve pre-authentication remote code execution through malicious HTTP headers, deploy authenticated backdoors accepting arbitrary PHP/OS commands, create hidden administrator accounts, exfiltrate credentials and API keys, and establish persistence via must-use plugins and core file modifications. Vendor confirmed malicious build distributed through official update channel. No public exploit identified at time of analysis.
Privilege escalation in OpenClaw before 2026.3.22 enables authenticated attackers with operator.pairing approver role to escalate privileges to operator.admin through insufficient scope validation in the device.pair.approve method. Exploitation allows approval of device requests with broader operator scopes than the approver legitimately holds, ultimately enabling remote code execution on Node infrastructure. Affects OpenClaw deployments where role-based access control enforces operator privilege hierarchies. No public exploit identified at time of analysis.
OpenClaw through version 2026.2.22 allows authenticated local attackers to execute arbitrary code or manipulate system files via symlink traversal in the agents.create and agents.update handlers. The vulnerability stems from unsafe use of fs.appendFile on IDENTITY.md without validating symlink targets, permitting attackers with workspace access to plant symlinks pointing to sensitive files like crontab or SSH configuration directories and inject malicious content through the agent creation/update process.
Privilege escalation in OpenClaw (versions prior to 2026.3.25) enables authenticated local attackers to silently elevate permissions from operator.read to operator.admin during shared-auth reconnection events, achieving remote code execution on affected nodes. The vulnerability exploits auto-approval of scope-upgrade requests in local reconnection flows, requiring low-privilege local access (PR:L) with no user interaction. No public exploit identified at time of analysis. Vendor-released patch available via commit 81ebc7e0344fd19c85778e883bad45e2da972229.
Remote code execution in Hashgraph Guardian ≤3.5.0 enables authenticated Standard Registry users to execute arbitrary JavaScript through unsandboxed Function() constructor in Custom Logic policy block worker. Attackers can import Node.js modules to read container files, extract environment credentials (RSA private keys, JWT signing keys, API tokens), and forge authentication tokens for privilege escalation to administrator access. Requires low-privilege authentication (PR:L). No public exploit identified at time of analysis.
Remote code execution in Rapid7 Velociraptor server (versions <0.76.2, primarily Linux) allows authenticated attackers to write arbitrary messages to privileged internal queues via crafted client monitoring messages with malicious queue names. Improper input validation in the server's client monitoring message handler fails to sanitize queue names supplied by rogue clients, enabling queue injection attacks that escalate to RCE. Affects self-hosted instances only; Rapid7 Hosted Velociraptor instances are not vulnerable. No public exploit identified at time of analysis.
Code injection in FoundationAgents MetaGPT versions up to 0.8.1 allows unauthenticated remote attackers to execute arbitrary code through the check_solution function in HumanEvalBenchmark and MBPPBenchmark components. The vulnerability requires no user interaction and enables unauthorized access, data modification, and service disruption. Publicly available exploit code exists, disclosed via GitHub issue #1942. Vendor has not responded to early disclosure via pull request #1988 at time of analysis.
OS command injection in Totolink A7100RU router 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the 'merge' parameter in setWiFiEasyCfg function within /cgi-bin/cstecgi.cgi. CVSS 9.8 critical severity. Publicly available exploit code exists. Attack requires no authentication or user interaction, enabling complete system compromise including data exfiltration, configuration tampering, and denial of service.
OS command injection in Totolink A7100RU router version 7.4cu.2313_b20191024 enables unauthenticated remote attackers to execute arbitrary system commands via crafted addrPrefixLen parameter in setIpv6LanCfg function of /cgi-bin/cstecgi.cgi CGI handler. CVSS 9.8 critical severity reflects network-accessible attack vector requiring no privileges or user interaction, with complete confidentiality, integrity, and availability impact. Publicly available exploit code exists.
OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the 'enable' parameter in setUPnPCfg function within /cgi-bin/cstecgi.cgi. Publicly available exploit code exists. No vendor-released patch identified at time of analysis. CVSS 8.9 (Critical) reflects network-accessible attack requiring no user interaction.
OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the pptpPassThru parameter in setVpnPassCfg function of /cgi-bin/cstecgi.cgi. Exploitation requires no user interaction and achieves full system compromise (confidentiality, integrity, availability). Publicly available exploit code exists. Attack vector is network-accessible without authentication (CVSS 8.9 Critical).
Code injection in JimuReport's Data Source Handler allows authenticated high-privilege users to execute arbitrary code via manipulated dbUrl parameters in the DriverManager.getConnection function (versions up to 2.3.0). The vulnerability requires high-privilege authentication but can be exploited remotely with low attack complexity; publicly available exploit code exists and the vendor has acknowledged the issue with a fix planned for an upcoming release.
OS command injection in D-Link DIR-882 router (firmware 1.01B02) allows authenticated remote attackers to execute arbitrary system commands via malicious IPAddress parameter to prog.cgi HNAP1 SetNetworkSettings handler. Requires high privileges (PR:H) but achieves full system compromise (CVSS 7.3). Publicly available exploit code exists. Product discontinued; vendor no longer provides security updates.
Remote code execution in Quick Playground plugin for WordPress (all versions through 1.3.1) allows unauthenticated attackers to execute arbitrary PHP code on the server. Vulnerability stems from insufficient authorization on REST API endpoints that expose a sync code and permit unrestricted file uploads. Attackers can retrieve the sync code via unsecured endpoints, upload malicious PHP files using path traversal techniques, and achieve full server compromise without authentication. CVSS 9.8 critical severity. No public exploit identified at time of analysis.
Remote OS command injection in Agions taskflow-ai up to version 2.1.8 allows authenticated remote attackers to execute arbitrary operating system commands via manipulation of the terminal_execute component in src/mcp/server/handlers.ts, with CVSS 6.3 reflecting moderate severity. Vendor-released patch is available in version 2.1.9 (commit c1550b445b9f24f38c4414e9a545f5f79f23a0fe), and the vendor responded promptly to early notification.
Stack-based buffer overflow in Tenda AC15 router firmware 15.03.05.18 websGetVar function allows authenticated remote attackers to execute arbitrary code with high impact to confidentiality, integrity, and availability. The vulnerability resides in /goform/SysToolChangePwd endpoint where manipulation of oldPwd, newPwd, or cfmPwd parameters triggers memory corruption. Publicly available exploit code exists. Exploitation requires low-privilege authenticated access but no user interaction, making it readily exploitable once credentials are obtained.
A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable.
Cross-site scripting (XSS) in LimeSurvey 6.15.20+251021 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim browsers via malicious Box[title] and box[url] parameters. The vulnerability requires user interaction (clicking a crafted link) but achieves stored or reflected XSS with cross-origin impact, affecting confidentiality and integrity. A public proof-of-concept is available, and an upstream fix has been merged into the LimeSurvey repository.
Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the login function and the authentication mechanism
Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the Admin Control Panel icon management functionality.
An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server.
Remote code execution in Sonatype Nexus Repository 3.22.1-3.90.2 allows authenticated attackers with task creation permissions to execute arbitrary code via unsafe deserialization in the task management component. Exploitation bypasses the nexus.scripts.allowCreation security control, granting unauthorized code execution on the server. CVSS 9.4 (Critical). No public exploit identified at time of analysis. Attack requires low-privileged authentication (PR:L) and network access but no user interaction.
Authenticated users can leak IP addresses of other users viewing Code Quality reports in GitLab EE through specially crafted malicious content injection. The vulnerability affects GitLab EE versions 18.0.0 through 18.10.2, requires user interaction (report viewing), and has been patched in versions 18.8.9, 18.9.5, and 18.10.3. No public exploit code or active exploitation has been confirmed; the vulnerability was discovered and reported through the GitLab responsible disclosure program.
Remote code execution in dfir-unfurl versions through 20250810 via exposed Werkzeug debugger. Improper string-based config parsing enables Flask debug mode by default, allowing unauthenticated remote attackers to access the interactive debugger interface and execute arbitrary Python code or extract sensitive application data including source code, environment variables, and stack traces. No public exploit identified at time of analysis.
DLL and shared-library hijacking in ufrisk MemProcFS versions prior to 5.17 enables local arbitrary code execution through six distinct attack surfaces. Unsafe library-loading patterns-including unqualified LoadLibraryU and dlopen calls for vmmpyc, libMSCompression, and plugin DLLs-allow attackers to plant malicious libraries in the working directory or manipulate LD_LIBRARY_PATH. Exploitation requires user interaction (CVSS UI:P) but no authentication (PR:N), achieving high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis.
Hayabusa versions before 3.8.0 contain a stored cross-site scripting (XSS) vulnerability in HTML report generation that allows authenticated attackers to inject arbitrary JavaScript into the Computer field of JSON-exported logs, which executes in a forensic examiner's browser when viewing the generated HTML report. The vulnerability requires user interaction (report viewing) and results in information disclosure or session compromise, affecting forensic analysis workflows that process untrusted or adversary-controlled log data.
Path traversal in ALEAPP (Android Logs Events And Protobuf Parser) 3.4.0 and earlier enables arbitrary file writes outside the report directory through malicious NQ_Vault.py artifact parser database entries. Attackers embedding traversal sequences (e.g., ../../../target.bin) in file_name_from database values can overwrite system executables or configuration files, achieving local code execution. Exploitation requires user interaction to process a crafted Android database artifact. CVSS:4.0 base score 8.4 (High). No public exploit identified at time of analysis.
Path traversal in The Sleuth Kit (tsk_recover) through version 4.14.0 allows local attackers to write files outside intended recovery directories via malicious filesystem images. Crafted filenames with ../ sequences in processed disk images can overwrite arbitrary files, enabling potential code execution through shell configuration or cron file manipulation. Exploitation requires user interaction (processing attacker-supplied filesystem image). No public exploit identified at time of analysis.
Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Remote code execution in Google Chrome Media component (versions prior to 147.0.7727.55) enables unauthenticated attackers to execute arbitrary code within Chrome's sandbox via specially crafted HTML pages. Exploitation requires user interaction to visit a malicious site. The use-after-free memory corruption vulnerability achieves high confidentiality, integrity, and availability impact within the sandboxed environment. No public exploit identified at time of analysis.
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Remote code injection in Dromara warm-flow up to version 1.8.4 allows authenticated attackers to execute arbitrary code through the SpelHelper.parseExpression function via manipulation of listenerPath, skipCondition, or permissionFlag parameters in the Workflow Definition Handler. The vulnerability uses SpEL (Spring Expression Language) injection to achieve code execution with CVSS 6.3 severity. Publicly available exploit code exists and the flaw has been documented in the project's issue tracker.
Code injection in FoundationAgents MetaGPT versions up to 0.8.1 allows unauthenticated remote attackers to execute arbitrary code via the Tree-of-Thought Solver's generate_thoughts function. Publicly available exploit code exists (GitHub issue #1933), and a vendor-supplied patch is available via pull request #1946. The vulnerability requires no user interaction and has low attack complexity, with confirmed impact to confidentiality, integrity, and availability. CVSS 7.3 (High) reflects moderate impact across all CIA triad elements.
Path traversal in Gleam compiler versions 1.9.0-rc1 through 1.15.3 and 1.16.0-rc1 allows arbitrary file system modification when resolving git dependencies, enabling attackers to delete and overwrite directories outside the intended dependency folder via malicious dependency names containing relative or absolute paths. A user must invoke dependency download (e.g., gleam deps download) for exploitation; attackers can leverage this to cause data loss or achieve code execution by overwriting git hooks or shell configuration files. Vendor-released patches are available.
Prototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execution in user context via malicious PDF files. Attack requires user interaction to open a crafted document. CVSS 9.6 (Critical) reflects network-deliverable code execution with scope change, though EPSS 0.24% (46th percentile) suggests moderate real-world exploitation probability. No public exploit identified at time of analysis.
Local privilege escalation in KeePassXC password manager allows authenticated attackers with low privileges to execute arbitrary code by exploiting insecure OpenSSL configuration file loading. When a target user launches KeePassXC, malicious configuration planted in an unsecured path is loaded, enabling code execution in KeePassXC's security context. Attack requires user interaction and prior low-privileged access. CVSS 7.3 (AV:L/AC:L/PR:L/UI:R). No public exploit identified at time of analysis.
Remote code execution via command injection in ChargePoint Home Flex electric vehicle charging stations allows unauthenticated network-adjacent attackers to execute arbitrary commands as root. The vulnerability resides in the revssh service's handling of OCPP (Open Charge Point Protocol) messages, where unsanitized user-supplied strings are passed directly to system calls. No authentication is required, but the attacker must be on the same network segment as the charging device. No public exploit identified at time of analysis.
Stack-based buffer overflow in ChargePoint Home Flex electric vehicle chargers enables network-adjacent attackers to execute arbitrary code as root via malformed OCPP messages. Unauthenticated exploitation allows complete device compromise through improper length validation in OCPP getpreq message handling. Attack complexity is high (CVSS AC:H), requiring local network access. No public exploit identified at time of analysis.
Integer overflow in GIMP XPM file parser enables remote code execution when processing malicious XPM image files. Affects GIMP installations across platforms. Attackers can execute arbitrary code in victim's process context by delivering crafted XPM files via social engineering or drive-by downloads. Vulnerability requires user interaction (opening malicious file). CVSS 7.8 (High severity). No public exploit identified at time of analysis. Upstream patch committed to GIMP repository; vendor-released version not independently confirmed.
Heap-based buffer overflow in GIMP's PSP (Paint Shop Pro) file parser enables remote code execution when processing malicious PSP image files. Unauthenticated attackers can execute arbitrary code with user privileges by convincing targets to open crafted PSP files. CVSS 7.8 (High) reflects local attack vector requiring user interaction. No public exploit identified at time of analysis. Vulnerability tracked as ZDI-CAN-28874 by Zero Day Initiative.
Heap-based buffer overflow in GIMP's JP2 image parser enables unauthenticated remote code execution when users open crafted JPEG 2000 files. The vulnerability stems from insufficient validation of user-supplied data length before copying to heap memory, allowing attackers to execute arbitrary code with user privileges. Exploitation requires social engineering to convince targets to open malicious JP2 files. No public exploit identified at time of analysis.
Remote code execution in GIMP via integer overflow during ANI (animated cursor) file parsing allows unauthenticated attackers to execute arbitrary code with user privileges when malicious ANI files are opened. Exploitation requires user interaction (opening crafted file or visiting attacker-controlled page). Insufficient validation of user-supplied data triggers integer overflow before buffer allocation, enabling memory corruption. No public exploit identified at time of analysis. CVSS 7.8 (High) reflects local attack vector with no privilege requirements.
Integer overflow in GIMP PSD file parser enables remote code execution when users open malicious PSD files. Affects GIMP installations across platforms. Exploitation requires user interaction (opening crafted file). Attacker achieves arbitrary code execution in application context with high confidentiality, integrity, and availability impact. Publicly available exploit code exists. Insufficient validation of user-supplied data during buffer allocation causes overflow, allowing memory corruption and code execution.
Remote code execution in aws-mcp-server 1.3.0 allows unauthenticated attackers to execute arbitrary commands via command injection in the allowed commands list handler. The vulnerability stems from improper validation of user-supplied strings before system call execution, enabling attackers to run code in the MCP server context with no authentication required. EPSS score of 1.01% (77th percentile) indicates low observed exploitation probability; no public exploit identified at time of analysis.
Remote code execution in aws-mcp-server 1.3.0 allows unauthenticated attackers to execute arbitrary commands via improper validation of the allowed commands list. The command injection flaw (CWE-78) enables system call execution without authentication barriers. With a CVSS score of 9.8 (critical severity) and EPSS probability of 1.01% (77th percentile), this represents a high-severity vulnerability with moderate real-world exploitation likelihood. No public exploit identified at time of analysis, and no active exploitation confirmed.
Local privilege escalation in NoMachine Device Server allows authenticated low-privileged attackers to execute arbitrary code with SYSTEM privileges by exploiting unsafe library loading from an unsecured search path. The vulnerability (ZDI-CAN-28494) requires prior local access but enables full system compromise through DLL hijacking or similar path manipulation. No KEV listing or public exploit identified at time of analysis. CVSS 7.8 (High) with attack vector requiring local access and low privileges (AV:L/PR:L).
Local privilege escalation in NoMachine allows authenticated low-privileged attackers to execute arbitrary code as root through improper validation of command line path parameters. The vulnerability stems from insufficient sanitization of user-supplied file paths in file operations, enabling path traversal to manipulate privileged system resources. Exploitation requires existing low-privileged code execution on the target system. CVSS 7.8 (High) reflects local attack vector with low complexity and no user interaction required. No public exploit identified at time of analysis.
Arbitrary file deletion in NoMachine through environment variable path manipulation allows authenticated local attackers to delete system files with root privileges. Vulnerability stems from insufficient validation of user-supplied paths in file operations, enabling low-privileged users to escalate impact by removing critical files. Affects NoMachine cross-platform remote desktop software. No public exploit identified at time of analysis.
Out-of-bounds write in Labcenter Electronics Proteus PDSPRJ file parser enables unauthenticated remote code execution when victims open crafted project files. The vulnerability stems from insufficient validation during PDSPRJ file processing, allowing buffer overflow conditions that permit arbitrary code execution with victim's privileges. Exploitation requires user interaction-opening a malicious PDSPRJ file or visiting attacker-controlled web content. CVSS 7.8 (High) reflects local attack vector with no privileges required but mandatory user interaction. No public exploit identified at time of analysis. Affects all versions per available CPE data.
Out-of-bounds write in Labcenter Electronics Proteus PDSPRJ file parser enables unauthenticated remote code execution with high integrity impact. Exploitation requires user interaction (opening malicious PDSPRJ file or visiting attacker-controlled page). Insufficient input validation during PDSPRJ processing allows buffer overflow, writing arbitrary data beyond allocated memory boundaries. Successful exploitation grants attacker code execution in application context with full confidentiality, integrity, and availability compromise. No public exploit identified at time of analysis.
Out-of-bounds write during PDSPRJ file parsing in Labcenter Electronics Proteus enables remote code execution when users open malicious project files. Attackers exploit insufficient input validation to write beyond allocated buffer boundaries, executing arbitrary code with victim's privileges. Requires user interaction (opening crafted PDSPRJ file). CWE-787 memory corruption vulnerability. No public exploit identified at time of analysis.
Type confusion in Labcenter Electronics Proteus PDSPRJ file parser enables remote code execution when users open malicious project files. Attackers exploit insufficient validation during file parsing to trigger memory corruption, achieving arbitrary code execution with victim user privileges. Requires social engineering to deliver weaponized PDSPRJ files via email, web download, or file sharing. Publicly available exploit code exists (ZDI advisory disclosure). CVSS 7.8 reflects local attack vector requiring user interaction but no authentication.
Remote code execution in Sonos Era 300 smart speakers (build 17.5/91.0-70070) allows unauthenticated network attackers to execute arbitrary kernel-level code via malformed SMB server responses. The vulnerability achieves maximum CVSS 10.0 severity due to network accessibility without authentication, low complexity, and kernel-level code execution with scope change. EPSS indicates 1.27% exploitation probability (80th percentile), suggesting moderate real-world risk. No active exploitation confirmed at time of analysis, though ZDI publication increases weaponization likelihood.
Remote code execution affects Axios HTTP client library versions prior to 1.15.0 via gadget chain escalation of prototype pollution vulnerabilities in third-party dependencies. Unauthenticated network attackers can exploit this chaining mechanism to achieve full remote code execution or cloud compromise through AWS IMDSv2 bypass. Critical severity (CVSS 10.0) with scope change indicates containment boundary violation. No public exploit identified at time of analysis.
Remote code execution in Chamilo LMS versions prior to 1.11.38 allows authenticated users (including low-privilege students) to upload and execute arbitrary PHP code through the BigUpload endpoint. Attackers exploit insufficient file extension filtering by uploading .pht files containing malicious code, which Apache servers with default .pht handlers execute as PHP. The vulnerability enables authenticated attackers to achieve full server compromise through unrestricted arbitrary file write capabilities. No public exploit identified at time of analysis.
Remote code execution in Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 allows authenticated teachers to upload PHP webshells through the exercise sound upload function by spoofing Content-Type headers to audio/mpeg. Uploaded malicious files retain their .php extensions and execute in web-accessible directories with web server privileges (www-data). Attack requires low-privilege teacher account but no user interaction. No public exploit identified at time of analysis.
Remote code execution in Chamilo LMS versions prior to 2.0.0-RC.3 allows authenticated attackers with administrative privileges to inject and execute arbitrary PHP code via platform configuration settings. The PlatformConfigurationController::decodeSettingArray() method unsafely uses eval() to parse database-stored settings, executing injected code when any user-including unauthenticated visitors-accesses the /platform-config/list endpoint. Exploitation requires low-privilege authentication (PR:L) but delivers full system compromise with high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis.
PraisonAI before version 4.5.128 exposes sensitive environment variables to untrusted subprocess commands executed through its MCP (Model Context Protocol) integration, enabling credential theft and supply chain attacks when third-party tools like npx packages are invoked. An unauthenticated local attacker with user interaction can trigger MCP commands that inherit the parent process environment, gaining access to API keys, authentication tokens, and database credentials without the knowledge of developers using PraisonAI. The vulnerability is fixed in version 4.5.128.
Arbitrary code execution in PraisonAI multi-agent system (<4.5.128) via Python sandbox escape. Incomplete AST attribute filtering allows type.__getattribute__ trampoline to bypass restrictions on __subclasses__, __globals__, and __bases__, enabling untrusted agent code to break containment. Attack requires local access and user interaction to execute malicious code. No public exploit identified at time of analysis.
Arbitrary code execution occurs in PraisonAI (all versions prior to 4.5.128) when a malicious tools.py file exists in the working directory. The framework automatically imports and executes this file during startup without validation or user consent, enabling unauthenticated local attackers to execute arbitrary Python code by placing a weaponized tools.py in directories accessed by users or CI/CD pipelines. User interaction is required (running praisonai command). No public exploit identified at time of analysis.
Remote code execution in OpenClaw versions prior to 2026.3.22 allows authenticated attackers to bypass shared host environment policy via inconsistent environment variable sanitization. Attackers exploit validation inconsistencies by supplying malformed or blocked override keys that evade filtering mechanisms, enabling arbitrary code execution with unauthorized environment variable configurations. Vulnerability requires low-privilege authentication and high attack complexity. No public exploit identified at time of analysis.
Remote code execution in OpenClaw Android application (versions before 2026.3.22) allows unauthenticated attackers to execute arbitrary code through an unvalidated WebView JavascriptInterface. Attackers craft malicious web pages that invoke the exposed canvas bridge, executing instructions within the application's Android context when users interact with untrusted content. The vulnerability requires user interaction but no authentication, enabling high-severity compromise of confidentiality, integrity, and availability. No public exploit identified at time of analysis.
Arbitrary code execution in OpenClaw versions prior to 2026.3.24 enables local attackers to execute malicious code during npm package installation by crafting a malicious .npmrc file that overrides the git executable. When npm install runs in the staged package directory with git dependencies, the attacker-controlled .npmrc configuration triggers execution of arbitrary programs specified by the attacker. Exploitation requires user interaction to install the malicious plugin or hook locally. No public exploit identified at time of analysis.
Heap buffer overflow in HDF5 library versions 1.14.1-2 and earlier allows local attackers to trigger a write-based overflow in the H5T__ref_mem_setnull method by crafting malicious HDF5 files, leading to denial-of-service and potential remote code execution depending on heap exploitation complexity. Attack requires local file access and user interaction to parse a malicious file. No public exploit code identified at time of analysis.
CalDAV output generator in Vikunja allows authenticated users to inject arbitrary iCalendar properties via CRLF characters in task titles, bypassing RFC 5545 TEXT value escaping requirements. An attacker with project write access can craft malicious task titles that break iCalendar property boundaries, enabling injection of fake ATTACH URLs, VALARM notifications, or ORGANIZER spoofing when other users sync via CalDAV. Patch available in version 2.3.0; requires user interaction (calendar sync) to trigger on other users' clients.
Remote code execution in BerriAI LiteLLM (all versions through 2026-04-08) enables authenticated attackers to execute arbitrary code by exploiting bytecode rewriting functionality at the /guardrails/test_custom_code endpoint. The vulnerability requires low-privilege authentication (PR:L) but permits complete system compromise with high impact to confidentiality, integrity, and availability. No public exploit identified at time of analysis.
Heap buffer overflow in Netwide Assembler (NASM) 3.02rc5 obj_directive() function enables arbitrary code execution and denial of service when processing maliciously crafted .asm files. Missing bounds validation allows attackers to corrupt heap memory through specially constructed assembly source files. Publicly available exploit code exists. Impacts NASM users assembling untrusted input files, particularly automated build systems and development environments processing external assembly code.
Unauthenticated path traversal in FalkorDB Browser 1.9.3 file upload API enables remote attackers to write arbitrary files to the server filesystem and execute code without authentication. Attack vector is network-accessible with low complexity, requiring no user interaction. CVSS 9.8 critical severity reflects complete compromise of confidentiality, integrity, and availability. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.09%, 25th percentile).
Remote code execution in YML for Yandex Market WordPress plugin versions before 5.0.26 allows unauthenticated remote attackers to execute arbitrary code through the feed generation process. The vulnerability has a CVSS score of 6.5 and publicly available exploit code exists. Exploitation requires only network access with no user interaction, making it relatively straightforward to weaponize despite the low EPSS score (0.09%), suggesting limited real-world exploitation activity at the time of analysis.
DLL hijacking in JPCERT's Emocheck malware detection tool allows local code execution when malicious DLL placed in application directory. Unauthenticated attacker with local access can achieve arbitrary code execution at user privilege level by exploiting insecure library loading (CWE-427). User must invoke Emocheck executable with crafted DLL present. No public exploit identified at time of analysis. CVSS 7.8 indicates high severity requiring user interaction and local access.
SQL injection in Simple IT Discussion Forum 1.0 by code-projects allows unauthenticated remote attackers to execute arbitrary SQL commands via the cat_id parameter in /delete-category.php, enabling unauthorized data access, modification, or deletion. Publicly available exploit code exists. CVSS 7.3 (High) reflects network-accessible attack surface with low complexity and no authentication requirement, permitting compromise of confidentiality, integrity, and availability.
OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the admpass parameter in setLoginPasswordCfg function of /cgi-bin/cstecgi.cgi. Network-accessible with no user interaction required. Publicly available exploit code exists. CVSS 9.8 critical severity reflects complete system compromise potential.
OS command injection in Totolink A7100RU firmware 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the tty_server parameter in the setAdvancedInfoShow function of /cgi-bin/cstecgi.cgi. CVSS 9.8 critical severity reflects network-accessible exploitation requiring no authentication or user interaction. Publicly available exploit code exists. Attackers can achieve full system compromise including data exfiltration, configuration tampering, and denial of service against affected routers.
OS command injection in Totolink A7100RU 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via malicious lan_info parameter to setMiniuiHomeInfoShow function in /cgi-bin/cstecgi.cgi. CVSS 9.8 critical severity with network attack vector requiring no privileges or user interaction. Publicly available exploit code exists. Complete compromise of confidentiality, integrity, and availability achievable through CGI handler manipulation.
Remote OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 via unauthenticated manipulation of telnet_enabled parameter in setTelnetCfg function. Critical CVSS 9.8 score reflects network-accessible attack requiring no authentication or user interaction, enabling full system compromise. Publicly available exploit code exists. Impacts router confidentiality, integrity, and availability with potential for complete device takeover and lateral network movement.
Stack-based buffer overflow in Tenda F451 router (version 1.0.0.7) enables authenticated remote attackers to execute arbitrary code via malformed 'page' parameter in fromP2pListFilter function at /goform/P2pListFilter endpoint. Publicly available exploit code exists. Attack requires low-privilege authentication (PR:L) but no user interaction, yielding high confidentiality, integrity, and availability impact on vulnerable device.
Unauthenticated OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 allows remote attackers to execute arbitrary system commands via the wifiOff parameter in the setWiFiGuestCfg function of /cgi-bin/cstecgi.cgi. CVSS 9.8 critical severity with network-accessible attack vector requiring no authentication or user interaction. Publicly available exploit code exists. Successful exploitation enables complete device compromise with high impact to confidentiality, integrity, and availability.
An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable arbitrary file read/write operations and potentially lead to remote code execution.
Supply chain compromise in Smart Slider 3 Pro 3.5.1.35 for WordPress and Joomla delivers multi-stage remote access toolkit via compromised update mechanism. Unauthenticated attackers achieve pre-authentication remote code execution through malicious HTTP headers, deploy authenticated backdoors accepting arbitrary PHP/OS commands, create hidden administrator accounts, exfiltrate credentials and API keys, and establish persistence via must-use plugins and core file modifications. Vendor confirmed malicious build distributed through official update channel. No public exploit identified at time of analysis.
Privilege escalation in OpenClaw before 2026.3.22 enables authenticated attackers with operator.pairing approver role to escalate privileges to operator.admin through insufficient scope validation in the device.pair.approve method. Exploitation allows approval of device requests with broader operator scopes than the approver legitimately holds, ultimately enabling remote code execution on Node infrastructure. Affects OpenClaw deployments where role-based access control enforces operator privilege hierarchies. No public exploit identified at time of analysis.
OpenClaw through version 2026.2.22 allows authenticated local attackers to execute arbitrary code or manipulate system files via symlink traversal in the agents.create and agents.update handlers. The vulnerability stems from unsafe use of fs.appendFile on IDENTITY.md without validating symlink targets, permitting attackers with workspace access to plant symlinks pointing to sensitive files like crontab or SSH configuration directories and inject malicious content through the agent creation/update process.
Privilege escalation in OpenClaw (versions prior to 2026.3.25) enables authenticated local attackers to silently elevate permissions from operator.read to operator.admin during shared-auth reconnection events, achieving remote code execution on affected nodes. The vulnerability exploits auto-approval of scope-upgrade requests in local reconnection flows, requiring low-privilege local access (PR:L) with no user interaction. No public exploit identified at time of analysis. Vendor-released patch available via commit 81ebc7e0344fd19c85778e883bad45e2da972229.
Remote code execution in Hashgraph Guardian ≤3.5.0 enables authenticated Standard Registry users to execute arbitrary JavaScript through unsandboxed Function() constructor in Custom Logic policy block worker. Attackers can import Node.js modules to read container files, extract environment credentials (RSA private keys, JWT signing keys, API tokens), and forge authentication tokens for privilege escalation to administrator access. Requires low-privilege authentication (PR:L). No public exploit identified at time of analysis.
Remote code execution in Rapid7 Velociraptor server (versions <0.76.2, primarily Linux) allows authenticated attackers to write arbitrary messages to privileged internal queues via crafted client monitoring messages with malicious queue names. Improper input validation in the server's client monitoring message handler fails to sanitize queue names supplied by rogue clients, enabling queue injection attacks that escalate to RCE. Affects self-hosted instances only; Rapid7 Hosted Velociraptor instances are not vulnerable. No public exploit identified at time of analysis.
Code injection in FoundationAgents MetaGPT versions up to 0.8.1 allows unauthenticated remote attackers to execute arbitrary code through the check_solution function in HumanEvalBenchmark and MBPPBenchmark components. The vulnerability requires no user interaction and enables unauthorized access, data modification, and service disruption. Publicly available exploit code exists, disclosed via GitHub issue #1942. Vendor has not responded to early disclosure via pull request #1988 at time of analysis.
OS command injection in Totolink A7100RU router 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the 'merge' parameter in setWiFiEasyCfg function within /cgi-bin/cstecgi.cgi. CVSS 9.8 critical severity. Publicly available exploit code exists. Attack requires no authentication or user interaction, enabling complete system compromise including data exfiltration, configuration tampering, and denial of service.
OS command injection in Totolink A7100RU router version 7.4cu.2313_b20191024 enables unauthenticated remote attackers to execute arbitrary system commands via crafted addrPrefixLen parameter in setIpv6LanCfg function of /cgi-bin/cstecgi.cgi CGI handler. CVSS 9.8 critical severity reflects network-accessible attack vector requiring no privileges or user interaction, with complete confidentiality, integrity, and availability impact. Publicly available exploit code exists.
OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the 'enable' parameter in setUPnPCfg function within /cgi-bin/cstecgi.cgi. Publicly available exploit code exists. No vendor-released patch identified at time of analysis. CVSS 8.9 (Critical) reflects network-accessible attack requiring no user interaction.
OS command injection in Totolink A7100RU router firmware 7.4cu.2313_b20191024 allows unauthenticated remote attackers to execute arbitrary system commands via the pptpPassThru parameter in setVpnPassCfg function of /cgi-bin/cstecgi.cgi. Exploitation requires no user interaction and achieves full system compromise (confidentiality, integrity, availability). Publicly available exploit code exists. Attack vector is network-accessible without authentication (CVSS 8.9 Critical).
Code injection in JimuReport's Data Source Handler allows authenticated high-privilege users to execute arbitrary code via manipulated dbUrl parameters in the DriverManager.getConnection function (versions up to 2.3.0). The vulnerability requires high-privilege authentication but can be exploited remotely with low attack complexity; publicly available exploit code exists and the vendor has acknowledged the issue with a fix planned for an upcoming release.
OS command injection in D-Link DIR-882 router (firmware 1.01B02) allows authenticated remote attackers to execute arbitrary system commands via malicious IPAddress parameter to prog.cgi HNAP1 SetNetworkSettings handler. Requires high privileges (PR:H) but achieves full system compromise (CVSS 7.3). Publicly available exploit code exists. Product discontinued; vendor no longer provides security updates.
Remote code execution in Quick Playground plugin for WordPress (all versions through 1.3.1) allows unauthenticated attackers to execute arbitrary PHP code on the server. Vulnerability stems from insufficient authorization on REST API endpoints that expose a sync code and permit unrestricted file uploads. Attackers can retrieve the sync code via unsecured endpoints, upload malicious PHP files using path traversal techniques, and achieve full server compromise without authentication. CVSS 9.8 critical severity. No public exploit identified at time of analysis.
Remote OS command injection in Agions taskflow-ai up to version 2.1.8 allows authenticated remote attackers to execute arbitrary operating system commands via manipulation of the terminal_execute component in src/mcp/server/handlers.ts, with CVSS 6.3 reflecting moderate severity. Vendor-released patch is available in version 2.1.9 (commit c1550b445b9f24f38c4414e9a545f5f79f23a0fe), and the vendor responded promptly to early notification.
Stack-based buffer overflow in Tenda AC15 router firmware 15.03.05.18 websGetVar function allows authenticated remote attackers to execute arbitrary code with high impact to confidentiality, integrity, and availability. The vulnerability resides in /goform/SysToolChangePwd endpoint where manipulation of oldPwd, newPwd, or cfmPwd parameters triggers memory corruption. Publicly available exploit code exists. Exploitation requires low-privilege authenticated access but no user interaction, making it readily exploitable once credentials are obtained.
A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable.
Cross-site scripting (XSS) in LimeSurvey 6.15.20+251021 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim browsers via malicious Box[title] and box[url] parameters. The vulnerability requires user interaction (clicking a crafted link) but achieves stored or reflected XSS with cross-origin impact, affecting confidentiality and integrity. A public proof-of-concept is available, and an upstream fix has been merged into the LimeSurvey repository.
Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the login function and the authentication mechanism
Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the Admin Control Panel icon management functionality.
An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server.
Remote code execution in Sonatype Nexus Repository 3.22.1-3.90.2 allows authenticated attackers with task creation permissions to execute arbitrary code via unsafe deserialization in the task management component. Exploitation bypasses the nexus.scripts.allowCreation security control, granting unauthorized code execution on the server. CVSS 9.4 (Critical). No public exploit identified at time of analysis. Attack requires low-privileged authentication (PR:L) and network access but no user interaction.
Authenticated users can leak IP addresses of other users viewing Code Quality reports in GitLab EE through specially crafted malicious content injection. The vulnerability affects GitLab EE versions 18.0.0 through 18.10.2, requires user interaction (report viewing), and has been patched in versions 18.8.9, 18.9.5, and 18.10.3. No public exploit code or active exploitation has been confirmed; the vulnerability was discovered and reported through the GitLab responsible disclosure program.
Remote code execution in dfir-unfurl versions through 20250810 via exposed Werkzeug debugger. Improper string-based config parsing enables Flask debug mode by default, allowing unauthenticated remote attackers to access the interactive debugger interface and execute arbitrary Python code or extract sensitive application data including source code, environment variables, and stack traces. No public exploit identified at time of analysis.
DLL and shared-library hijacking in ufrisk MemProcFS versions prior to 5.17 enables local arbitrary code execution through six distinct attack surfaces. Unsafe library-loading patterns-including unqualified LoadLibraryU and dlopen calls for vmmpyc, libMSCompression, and plugin DLLs-allow attackers to plant malicious libraries in the working directory or manipulate LD_LIBRARY_PATH. Exploitation requires user interaction (CVSS UI:P) but no authentication (PR:N), achieving high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis.
Hayabusa versions before 3.8.0 contain a stored cross-site scripting (XSS) vulnerability in HTML report generation that allows authenticated attackers to inject arbitrary JavaScript into the Computer field of JSON-exported logs, which executes in a forensic examiner's browser when viewing the generated HTML report. The vulnerability requires user interaction (report viewing) and results in information disclosure or session compromise, affecting forensic analysis workflows that process untrusted or adversary-controlled log data.
Path traversal in ALEAPP (Android Logs Events And Protobuf Parser) 3.4.0 and earlier enables arbitrary file writes outside the report directory through malicious NQ_Vault.py artifact parser database entries. Attackers embedding traversal sequences (e.g., ../../../target.bin) in file_name_from database values can overwrite system executables or configuration files, achieving local code execution. Exploitation requires user interaction to process a crafted Android database artifact. CVSS:4.0 base score 8.4 (High). No public exploit identified at time of analysis.
Path traversal in The Sleuth Kit (tsk_recover) through version 4.14.0 allows local attackers to write files outside intended recovery directories via malicious filesystem images. Crafted filenames with ../ sequences in processed disk images can overwrite arbitrary files, enabling potential code execution through shell configuration or cron file manipulation. Exploitation requires user interaction (processing attacker-supplied filesystem image). No public exploit identified at time of analysis.
Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Remote code execution in Google Chrome Media component (versions prior to 147.0.7727.55) enables unauthenticated attackers to execute arbitrary code within Chrome's sandbox via specially crafted HTML pages. Exploitation requires user interaction to visit a malicious site. The use-after-free memory corruption vulnerability achieves high confidentiality, integrity, and availability impact within the sandboxed environment. No public exploit identified at time of analysis.
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)