RCE
Monthly
Zumba Json Serializer versions 3.2.2 and below allow unrestricted PHP object instantiation during JSON deserialization, enabling attackers to trigger arbitrary class constructors and magic methods via malicious @type fields. When processing untrusted JSON input, this vulnerability can lead to PHP Object Injection and remote code execution if vulnerable gadget chains are present in the application or its dependencies. The vulnerability affects applications using affected PHP serialization libraries and currently lacks a patched version.
RCE in D-Tale pandas data visualizer before 3.20.0 via /save-column-filter. Patch available.
Authentication bypass leading to administrator-level remote code execution affects MLflow installations that use the built-in basic authentication, which ships a basic_auth.ini file containing hard-coded default credentials. Remote unauthenticated attackers who know these well-known defaults can log in as the administrator and execute arbitrary code in that context. No public exploit has been identified at time of analysis and it is not in CISA KEV, but the EPSS score of 1.39% (80th percentile) reflects above-average exploitation interest for a Trend Micro ZDI-disclosed flaw with an available vendor patch.
Local privilege escalation in TensorFlow's HDF5 plugin-loading mechanism lets a low-privileged user run arbitrary code as a higher-privileged target user. The flaw stems from TensorFlow loading plugins from an unsecured, attacker-writable search-path location (CWE-427), so an attacker who can already execute low-privileged code plants a malicious plugin that is later loaded in the victim's context. There is no public exploit identified at time of analysis, EPSS risk is very low (0.02%), and it is not listed in CISA KEV, but the issue is credibly reported by Trend Micro ZDI (ZDI-26-116) and patched by upstream and Red Hat.
GIMP is vulnerable to out-of-bounds memory write during XWD file parsing due to insufficient input validation, enabling arbitrary code execution when a user opens a malicious image file. This high-severity vulnerability (CVSS 7.8) affects local attackers who can craft specially crafted XWD files to corrupt memory and execute code with the privileges of the GIMP process. No patch is currently available.
Remote code execution in GIMP through heap buffer overflow during ICNS file parsing allows attackers to execute arbitrary code when a user opens a malicious image file. The vulnerability stems from insufficient validation of user-supplied data lengths before copying to heap memory, requiring only user interaction to trigger. A patch is available for affected installations.
Out-of-bounds write in GIMP 3.0.6's XWD (X Window Dump) image file parser allows remote attackers to execute arbitrary code in the context of the user running GIMP, provided the victim is lured into opening a malicious XWD file or visiting a page that delivers one. The CVSS 3.1 vector (AV:L/UI:R) shows this is not a remote-network attack but a user-interaction-driven file-parsing flaw, scored 7.3 (High). There is no public exploit identified at time of analysis, and EPSS is very low (0.08%, 23rd percentile), consistent with an attack that depends on social engineering rather than mass automation.
Remote code execution in GIMP 3.0.6 allows attackers to run arbitrary code by tricking a user into opening a malicious PGM (Portable Gray Map) image file or visiting a page that delivers one. The PGM parser accesses memory before it is properly initialized (CWE-908), letting a crafted file corrupt program state and hijack execution in the context of the current user. Discovered and reported via Trend Micro's Zero Day Initiative (ZDI-26-118 / ZDI-CAN-28158); no public exploit identified at time of analysis and EPSS exploitation probability is low (0.06%, 20th percentile).
Remote code execution in Nagios Xi through command injection in the esensors_websensor_configwizard_func method allows authenticated attackers to execute arbitrary commands with service account privileges. The vulnerability stems from insufficient input validation on user-supplied parameters passed to system calls. With a CVSS score of 8.8 and no patch currently available, this poses a significant risk to authenticated users of affected Nagios installations.
Remote code execution in Nagios Xi's monitoringwizard module allows authenticated attackers to execute arbitrary commands through insufficient input validation in system calls. An attacker with valid credentials can exploit this command injection vulnerability to gain code execution with service account privileges on affected installations. No patch is currently available for this high-severity vulnerability.
Nagios Xi for iOS is vulnerable to command injection in the zabbixagent_configwizard_func method due to insufficient input validation, allowing authenticated attackers to execute arbitrary code with service account privileges. The vulnerability requires valid credentials but no user interaction to exploit, and no patch is currently available. Exploitation could grant attackers full system access on affected Nagios installations.
Unsafe deserialization in GFI Archiver's MArc.Core.Remoting service (port 8017) enables authenticated remote attackers to achieve unauthenticated remote code execution with SYSTEM privileges, despite the authentication requirement being bypassable. The vulnerability stems from insufficient validation of untrusted data during the deserialization process, allowing arbitrary code execution on affected systems. No patch is currently available.
Remote code execution in GFI Archiver's MArc.Store.Remoting.exe component stems from unsafe deserialization of untrusted data, allowing authenticated attackers to execute arbitrary code with SYSTEM privileges despite the authentication requirement being bypassable. The vulnerability affects the deserialization and archiver products due to insufficient validation of user-supplied input, enabling full system compromise. No patch is currently available.
Remote code execution in Deciso OPNsense's backup functionality allows authenticated network-adjacent attackers to execute arbitrary commands with root privileges through insufficient input validation in the diag_backup.php file. An attacker with valid credentials can inject malicious commands into backup filename parameters to achieve code execution on the affected system. No patch is currently available for this vulnerability.
Remote code execution in Sante DICOM Viewer Pro via buffer overflow when parsing malicious DCM files allows attackers to execute arbitrary code on affected systems. The vulnerability stems from insufficient validation of user-supplied data length before copying to a buffer, requiring user interaction such as opening a malicious file or visiting a compromised page. No patch is currently available for this high-severity flaw.
Remote code execution in the MLflow Tracking Server allows unauthenticated attackers (PR:N) to abuse the artifact handler's path processing to read or write files outside the intended artifact root and ultimately run code as the server's service account. The flaw is a CWE-22 path traversal in artifact file-path handling reachable over the network with low complexity. No public exploit is identified at time of analysis, but the EPSS score of 15.58% (95th percentile) signals notably elevated near-term exploitation likelihood for an MLOps component frequently exposed on internal and cloud networks.
Authorization bypass in Kargo Kubernetes promotion tool from 1.7.0 before 1.7.8/1.8.11/1.9.3. Batch resource creation bypasses authorization checks. Patch available.
Remote code execution in GIMP 3.2.0-rc1 lets attackers run arbitrary code by tricking a user into opening a malicious ICO image file or visiting a page that delivers one. The flaw is a heap-based buffer overflow in the ICO file parser caused by missing length validation before a copy operation, and it executes code in the context of the GIMP process. No public exploit has been identified at time of analysis, and EPSS estimates exploitation probability at just 0.06% (19th percentile), consistent with a user-interaction-gated client-side bug rather than mass-exploited infrastructure.
Xmind fails to display adequate security warnings when users open file attachments, enabling remote code execution with the privileges of the current user. An attacker can exploit this by tricking users into opening malicious files or visiting crafted pages, with the unsafe action proceeding without proper user notification. No patch is currently available.
Unsafe PHP deserialization in openITCOCKPIT Community Edition 5.3.1 and earlier allows authenticated attackers to inject malicious serialized objects through changelog entries, with public exploit code available. While no current attack path has been identified, an unrestricted unserialize() call creates a latent remote code execution vulnerability that could be exploited if future code changes introduce exploitable object types into the deserialization path. Authenticated access is required, but the HIGH severity rating reflects the potential for complete system compromise if this latent flaw is activated.
Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up to (but not including) 1.133.0 on Google Cloud Platform allows an unauthenticated remote attacker to achieve cross-tenant remote code execution, model theft, and poisoning via pre-creating predictably named Cloud Storage buckets (Bucket Squatting).
Open Source Point Of Sale versions up to 3.4.1 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
RCE in Smanga 3.2.7 via command injection in /php/path/rescan.php. EPSS 0.29%.
Unrestricted file upload in Wiguard (wiguard) WordPress theme allows uploading web shells for remote code execution.
Improper Control of Generation of Code ('Code Injection') vulnerability in inpersttion Inpersttion For Theme err-our-team allows Code Injection.This issue affects Inpersttion For Theme: from n/a through <= 1.0. [CVSS 7.6 HIGH]
Arbitrary code execution with administrative privileges in RICOH Job Log Aggregation Tool versions before 1.3.7 due to insecure DLL search path handling. Local attackers with user interaction can execute malicious code by placing a crafted DLL in the installer's search path. No patch is currently available.
Remote code execution in Calibre 9.2.1 and earlier allows authenticated users to write arbitrary files via a path traversal flaw in the extract_pictures() function that fails to properly sanitize directory traversal sequences. On Windows systems, attackers can exploit this to write malicious payloads to the Startup folder, achieving code execution upon the next user login. Public exploit code exists for this vulnerability, and a patch is available in version 9.3.0.
Remote code execution in Music Assistant Server 2.6.3 and below enables unauthenticated network-adjacent attackers to execute arbitrary code through path traversal in the playlist update API, which fails to enforce file extension restrictions and allows writing malicious Python files to site-packages. The vulnerability is particularly critical because affected containers typically run as root, amplifying the impact of successful exploitation. No patch is currently available, leaving installations at risk until an upgrade to version 2.7.0 or later is performed.
Arbitrary code execution in ADB Explorer version 0.9.26020 and earlier on Windows allows local attackers to execute malicious binaries by manipulating the ManualAdbPath configuration setting without integrity validation. An attacker can exploit this through social engineering by distributing a crafted settings file that redirects the application to a malicious executable, gaining code execution with user privileges. The vulnerability requires user interaction to launch the application with a malicious configuration directory.
Stored XSS in Fabric.js prior to version 7.2.0 allows attackers to inject arbitrary SVG elements and event handlers when user-supplied JSON is loaded and exported via toSVG(), affecting applications that process collaborative designs, imports, or CMS plugins. Public exploit code exists for this vulnerability. Applications rendering the SVG output in browsers are vulnerable to arbitrary JavaScript execution.
Heap buffer overflow in HDF5 versions prior to 1.14.4-2 allows attackers to trigger denial-of-service or potentially achieve code execution by crafting malicious h5 files. The vulnerability affects any system parsing untrusted HDF5 data files and has public exploit code available. A patch is not yet available, leaving affected deployments at risk.
GFI MailEssentials AI versions prior to 22.4 allow authenticated users to enumerate arbitrary directories on the server through the ListServer.IsPathExist() web method, which fails to validate filesystem paths before checking their existence. An attacker with valid credentials can exploit this information disclosure vulnerability to map the server's directory structure and identify sensitive locations. No patch is currently available for this vulnerability.
Remote code execution in Hyland's Alfresco Transform Service (and the related Alfresco Transform Core component) lets unauthenticated network attackers inject crafted arguments into the document-processing pipeline to run arbitrary commands on the transformation host. Any exposed Alfresco deployment relying on these transform components is affected, with no login required and full compromise of confidentiality, integrity and availability. No public exploit has been identified at time of analysis, and the EPSS probability is currently low (0.22%, 44th percentile).
GFI MailEssentials AI versions before 22.4 expose a file enumeration vulnerability in the ListServer.IsDBExist() web method that allows authenticated users to probe arbitrary filesystem paths and determine file existence on the server. An attacker can exploit this by submitting unrestricted paths via the JSON "path" parameter, which are processed without validation, disclosing sensitive information about the server's filesystem structure. No patch is currently available for this vulnerability.
Remote code execution in Microsoft Semantic Kernel Python SDK before 1.39.4. Code injection in the AI orchestration framework. Patch available.
Privilege escalation in Kata Containers (versions prior to 3.27.0) running on the Cloud Hypervisor backend lets a sufficiently-privileged container user write to the guest micro-VM's root filesystem and gain arbitrary code execution as root inside that VM. The root cause is that the read-only DAX/virtio-pmem rootfs image is never actually enforced read-only, so guest writes to /dev/pmem0 are observed by the guest. Publicly available exploit detail exists (GitHub Security Advisory GHSA-wwj6-vghv-5p64), though EPSS exploitation probability is negligible (0.01%) and it is not on CISA KEV.
The Saisies plugin for SPIP CMS versions 5.4.0 through 5.11.0 contains a critical remote code execution vulnerability. Attackers can exploit the vulnerability to execute arbitrary code on the SPIP server, compromising the content management system and its database.
PDF object injection in the jsPDF JavaScript library (npm package 'jspdf', versions prior to 4.2.0) lets an attacker who controls the string passed to the addJS method break out of the PDF JavaScript string delimiter and inject arbitrary PDF dictionary objects, including auto-executing Additional Actions (/AA). Any user who later opens the generated PDF in a JavaScript-capable viewer executes the injected actions, affecting confidentiality, integrity and availability of their document session. Publicly available exploit code exists (a documented payload is published in the GitHub advisory), but EPSS is very low (0.04%, 10th percentile) and the issue is not in CISA KEV.
The server API endpoint /report/internet/urls reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim's browser if the victim opens a URL prepared by the attacker. [CVSS 6.1 MEDIUM]
Authenticated remote code execution affects multiple WSO2 products (API Manager 4.2.0-4.6.0, API Control Plane 4.5.0-4.6.0, Universal Gateway 4.5.0, and Traffic Manager 4.5.0-4.6.0) through an unrestricted file upload exposed via a system REST API. An administrator-level attacker can place an arbitrary file at a user-controlled path and trigger code execution on the host. No public exploit identified at time of analysis, EPSS is low at 0.28%, and a vendor patch is available per WSO2 advisory WSO2-2025-4849.
Identity Server versions up to 5.11.0 contains a vulnerability that allows attackers to a malicious actor with admin privilege to inject and execute arbitrary template (CVSS 8.4).
Arbitrary file upload in Slider Future WordPress plugin.
The Orderable WordPress plugin through version 1.20.0 fails to properly verify user permissions on plugin installation functions, enabling authenticated subscribers to install malicious plugins and achieve remote code execution. An attacker with minimal WordPress account privileges can exploit this capability check bypass to gain full server compromise without administrator credentials. No patch is currently available for this vulnerability (CVSS 8.8).
Local File Inclusion in Prodigy Commerce WordPress plugin <= 3.2.9.
The CTX Feed - WooCommerce Product Feed Manager plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the woo_feed_plugin_installing() function in all versions up to, and including, 6.6.11. [CVSS 7.2 HIGH]
The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 0.2.5.6 to 0.2.6.1. This is due to missing or incorrect nonce validation on the newsblogger_install_and_activate_plugin() function. [CVSS 8.8 HIGH]
Remote Code Execution in InvoicePlane self-hosted invoicing application through code injection. PoC and patch available.
Saturn Remote Mouse Server on local networks is vulnerable to unauthenticated command injection through specially crafted UDP JSON packets sent to port 27000, enabling attackers to execute arbitrary code with service account privileges. Affected systems lack input validation on command parameters, allowing network-adjacent threat actors to achieve remote code execution without authentication. No patch is currently available for this high-severity vulnerability.
MajorDoMo home automation platform is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin() method without authentication due to improper use of gr() (which reads from $_REQUEST), allowing attackers to redirect update URLs and push malicious code packages.
Unauthenticated OS command injection in MajorDoMo via rc/index.php. EPSS 41.7% — the $param variable is passed unsanitized to shell commands. PoC available.
MajorDoMo home automation platform allows unauthenticated remote code execution through the admin panel's PHP console. An include order bug in panel.class.php causes execution to continue past a redirect() call that lacks an exit statement, allowing unauthenticated requests to reach the PHP code execution functionality in inc_panel_ajax.php.
Buffer overflow in ChaosPro 2.0 fractal generator via configuration file path handling allows code execution through crafted configuration files. PoC available.
Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. [CVSS 9.8 CRITICAL]
URL redirection vulnerability in GitHub Enterprise Server allows attacker-controlled redirects through crafted URLs, potentially enabling credential theft via phishing.
Ffmpeg contains a vulnerability that allows attackers to a double-free condition, potentially causing FFmpeg or any application using it (CVSS 3.3).
Scholars Tracking System versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
Arbitrary code execution in the NLTK (Natural Language Toolkit) Python library affects all versions through its data downloader: the _unzip_iter function in nltk/downloader.py calls zipfile.extractall() with no path validation, so a malicious data package can drop attacker-controlled Python files (e.g. __init__.py) that execute automatically on import. Any application that downloads NLTK data from an attacker-influenced source is exposed to full remote code execution. Publicly available exploit code exists (huntr.com bounty), EPSS is modest at 0.57% (68th percentile), and there is no public exploit identified as actively exploited in CISA KEV.
Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Injection. The vulnerability could lead to remote code execution, denial of service, or privilege escalation.
Unauthenticated stack-based buffer overflow in /cgi-bin/api.values.get HTTP API endpoint. EPSS 41.1% indicates very high exploitation probability. Patch available.
An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A specially crafted OpenFOAM simulation file can lead to arbitrary code execution. [CVSS 7.8 HIGH]
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. [CVSS 7.8 HIGH]
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. [CVSS 7.8 HIGH]
A vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. [CVSS 7.8 HIGH]
A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 8.0 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA Megatron Bridge contains a vulnerability in a data shuffling tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
Arbitrary file deletion in WP-DownloadManager plugin versions up to 1.69 allows high-privileged WordPress administrators to bypass path validation and remove critical system files through directory traversal in the file deletion parameter. Deletion of essential files like wp-config.php can result in remote code execution or complete site compromise. No patch is currently available.
Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) that allow unauthenticated remote attackers with knowledge of the credentials to gain root-level access to the underlying operating system. KEV-listed, this vulnerability exposes disaster recovery infrastructure to complete compromise, potentially affecting the integrity of backup and replication data.
Path traversal in Rocket TRUfusion Enterprise through 7.10.5 via /axis2/services endpoint allows authenticated attackers to read and write arbitrary files on the host. EPSS 0.32%.
Server-Side Template Injection (SSTI) in Datart v1.0.0-rc.3 via Freemarker template engine allows authenticated users to execute arbitrary code on the server.
An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration [CVSS 8.8 HIGH]
Remote code execution in OpenS100 (S-100 viewer reference implementation) prior to commit 753cf29. Malicious S-100 dataset files can trigger code execution when opened. CVSS 9.6.
Remote code execution in LightLLM 1.1.0 and prior lets unauthenticated attackers run arbitrary code on the PD master node when the framework runs in prefill-decode (PD) disaggregation mode. The PD master exposes WebSocket endpoints that feed inbound binary frames straight into Python's pickle.loads(), so any attacker able to reach that socket can execute code in the serving process. No CISA KEV listing exists and EPSS is modest at 0.83% (74th percentile), but a public technical write-up (chocapikk.com) plus a VulnCheck advisory mean publicly available exploit code exists, so this should be treated as an urgent internal-exposure risk.
Arbitrary plugin installation in WowRevenue for WordPress (versions up to 2.1.3) allows authenticated subscribers to bypass capability checks and install malicious plugins, potentially enabling remote code execution on vulnerable sites. The vulnerability requires only low-privilege user access and network connectivity, affecting WordPress instances running the vulnerable plugin without an available patch.
An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to execute arbitrary code via uploading a crafted .Md file. [CVSS 8.8 HIGH]
An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace. [CVSS 7.8 HIGH]
Arbitrary code execution in SOLIDWORKS eDrawings 2025-2026 via out-of-bounds write in EPRT file parsing allows local attackers to gain code execution when opening malicious files. The vulnerability requires user interaction and affects both confidentiality, integrity, and availability. No patch is currently available.
Arbitrary code execution in SOLIDWORKS eDrawings 2025-2026 results from an out-of-bounds read flaw in EPRT file processing, enabling attackers to compromise systems by tricking users into opening malicious files. The vulnerability affects local users with no privilege requirements and carries a high severity rating, though no patch is currently available.
Solidworks Edrawings versions up to 2025 contains a vulnerability that allows attackers to execute arbitrary code while opening a specially crafted EPRT file (CVSS 7.8).
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
Bosch Infotainment ECU's RH850 CAN module has a stack buffer overflow enabling potential code execution through crafted CAN bus messages.
Zumba Json Serializer versions 3.2.2 and below allow unrestricted PHP object instantiation during JSON deserialization, enabling attackers to trigger arbitrary class constructors and magic methods via malicious @type fields. When processing untrusted JSON input, this vulnerability can lead to PHP Object Injection and remote code execution if vulnerable gadget chains are present in the application or its dependencies. The vulnerability affects applications using affected PHP serialization libraries and currently lacks a patched version.
RCE in D-Tale pandas data visualizer before 3.20.0 via /save-column-filter. Patch available.
Authentication bypass leading to administrator-level remote code execution affects MLflow installations that use the built-in basic authentication, which ships a basic_auth.ini file containing hard-coded default credentials. Remote unauthenticated attackers who know these well-known defaults can log in as the administrator and execute arbitrary code in that context. No public exploit has been identified at time of analysis and it is not in CISA KEV, but the EPSS score of 1.39% (80th percentile) reflects above-average exploitation interest for a Trend Micro ZDI-disclosed flaw with an available vendor patch.
Local privilege escalation in TensorFlow's HDF5 plugin-loading mechanism lets a low-privileged user run arbitrary code as a higher-privileged target user. The flaw stems from TensorFlow loading plugins from an unsecured, attacker-writable search-path location (CWE-427), so an attacker who can already execute low-privileged code plants a malicious plugin that is later loaded in the victim's context. There is no public exploit identified at time of analysis, EPSS risk is very low (0.02%), and it is not listed in CISA KEV, but the issue is credibly reported by Trend Micro ZDI (ZDI-26-116) and patched by upstream and Red Hat.
GIMP is vulnerable to out-of-bounds memory write during XWD file parsing due to insufficient input validation, enabling arbitrary code execution when a user opens a malicious image file. This high-severity vulnerability (CVSS 7.8) affects local attackers who can craft specially crafted XWD files to corrupt memory and execute code with the privileges of the GIMP process. No patch is currently available.
Remote code execution in GIMP through heap buffer overflow during ICNS file parsing allows attackers to execute arbitrary code when a user opens a malicious image file. The vulnerability stems from insufficient validation of user-supplied data lengths before copying to heap memory, requiring only user interaction to trigger. A patch is available for affected installations.
Out-of-bounds write in GIMP 3.0.6's XWD (X Window Dump) image file parser allows remote attackers to execute arbitrary code in the context of the user running GIMP, provided the victim is lured into opening a malicious XWD file or visiting a page that delivers one. The CVSS 3.1 vector (AV:L/UI:R) shows this is not a remote-network attack but a user-interaction-driven file-parsing flaw, scored 7.3 (High). There is no public exploit identified at time of analysis, and EPSS is very low (0.08%, 23rd percentile), consistent with an attack that depends on social engineering rather than mass automation.
Remote code execution in GIMP 3.0.6 allows attackers to run arbitrary code by tricking a user into opening a malicious PGM (Portable Gray Map) image file or visiting a page that delivers one. The PGM parser accesses memory before it is properly initialized (CWE-908), letting a crafted file corrupt program state and hijack execution in the context of the current user. Discovered and reported via Trend Micro's Zero Day Initiative (ZDI-26-118 / ZDI-CAN-28158); no public exploit identified at time of analysis and EPSS exploitation probability is low (0.06%, 20th percentile).
Remote code execution in Nagios Xi through command injection in the esensors_websensor_configwizard_func method allows authenticated attackers to execute arbitrary commands with service account privileges. The vulnerability stems from insufficient input validation on user-supplied parameters passed to system calls. With a CVSS score of 8.8 and no patch currently available, this poses a significant risk to authenticated users of affected Nagios installations.
Remote code execution in Nagios Xi's monitoringwizard module allows authenticated attackers to execute arbitrary commands through insufficient input validation in system calls. An attacker with valid credentials can exploit this command injection vulnerability to gain code execution with service account privileges on affected installations. No patch is currently available for this high-severity vulnerability.
Nagios Xi for iOS is vulnerable to command injection in the zabbixagent_configwizard_func method due to insufficient input validation, allowing authenticated attackers to execute arbitrary code with service account privileges. The vulnerability requires valid credentials but no user interaction to exploit, and no patch is currently available. Exploitation could grant attackers full system access on affected Nagios installations.
Unsafe deserialization in GFI Archiver's MArc.Core.Remoting service (port 8017) enables authenticated remote attackers to achieve unauthenticated remote code execution with SYSTEM privileges, despite the authentication requirement being bypassable. The vulnerability stems from insufficient validation of untrusted data during the deserialization process, allowing arbitrary code execution on affected systems. No patch is currently available.
Remote code execution in GFI Archiver's MArc.Store.Remoting.exe component stems from unsafe deserialization of untrusted data, allowing authenticated attackers to execute arbitrary code with SYSTEM privileges despite the authentication requirement being bypassable. The vulnerability affects the deserialization and archiver products due to insufficient validation of user-supplied input, enabling full system compromise. No patch is currently available.
Remote code execution in Deciso OPNsense's backup functionality allows authenticated network-adjacent attackers to execute arbitrary commands with root privileges through insufficient input validation in the diag_backup.php file. An attacker with valid credentials can inject malicious commands into backup filename parameters to achieve code execution on the affected system. No patch is currently available for this vulnerability.
Remote code execution in Sante DICOM Viewer Pro via buffer overflow when parsing malicious DCM files allows attackers to execute arbitrary code on affected systems. The vulnerability stems from insufficient validation of user-supplied data length before copying to a buffer, requiring user interaction such as opening a malicious file or visiting a compromised page. No patch is currently available for this high-severity flaw.
Remote code execution in the MLflow Tracking Server allows unauthenticated attackers (PR:N) to abuse the artifact handler's path processing to read or write files outside the intended artifact root and ultimately run code as the server's service account. The flaw is a CWE-22 path traversal in artifact file-path handling reachable over the network with low complexity. No public exploit is identified at time of analysis, but the EPSS score of 15.58% (95th percentile) signals notably elevated near-term exploitation likelihood for an MLOps component frequently exposed on internal and cloud networks.
Authorization bypass in Kargo Kubernetes promotion tool from 1.7.0 before 1.7.8/1.8.11/1.9.3. Batch resource creation bypasses authorization checks. Patch available.
Remote code execution in GIMP 3.2.0-rc1 lets attackers run arbitrary code by tricking a user into opening a malicious ICO image file or visiting a page that delivers one. The flaw is a heap-based buffer overflow in the ICO file parser caused by missing length validation before a copy operation, and it executes code in the context of the GIMP process. No public exploit has been identified at time of analysis, and EPSS estimates exploitation probability at just 0.06% (19th percentile), consistent with a user-interaction-gated client-side bug rather than mass-exploited infrastructure.
Xmind fails to display adequate security warnings when users open file attachments, enabling remote code execution with the privileges of the current user. An attacker can exploit this by tricking users into opening malicious files or visiting crafted pages, with the unsafe action proceeding without proper user notification. No patch is currently available.
Unsafe PHP deserialization in openITCOCKPIT Community Edition 5.3.1 and earlier allows authenticated attackers to inject malicious serialized objects through changelog entries, with public exploit code available. While no current attack path has been identified, an unrestricted unserialize() call creates a latent remote code execution vulnerability that could be exploited if future code changes introduce exploitable object types into the deserialization path. Authenticated access is required, but the HIGH severity rating reflects the potential for complete system compromise if this latent flaw is activated.
Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up to (but not including) 1.133.0 on Google Cloud Platform allows an unauthenticated remote attacker to achieve cross-tenant remote code execution, model theft, and poisoning via pre-creating predictably named Cloud Storage buckets (Bucket Squatting).
Open Source Point Of Sale versions up to 3.4.1 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
RCE in Smanga 3.2.7 via command injection in /php/path/rescan.php. EPSS 0.29%.
Unrestricted file upload in Wiguard (wiguard) WordPress theme allows uploading web shells for remote code execution.
Improper Control of Generation of Code ('Code Injection') vulnerability in inpersttion Inpersttion For Theme err-our-team allows Code Injection.This issue affects Inpersttion For Theme: from n/a through <= 1.0. [CVSS 7.6 HIGH]
Arbitrary code execution with administrative privileges in RICOH Job Log Aggregation Tool versions before 1.3.7 due to insecure DLL search path handling. Local attackers with user interaction can execute malicious code by placing a crafted DLL in the installer's search path. No patch is currently available.
Remote code execution in Calibre 9.2.1 and earlier allows authenticated users to write arbitrary files via a path traversal flaw in the extract_pictures() function that fails to properly sanitize directory traversal sequences. On Windows systems, attackers can exploit this to write malicious payloads to the Startup folder, achieving code execution upon the next user login. Public exploit code exists for this vulnerability, and a patch is available in version 9.3.0.
Remote code execution in Music Assistant Server 2.6.3 and below enables unauthenticated network-adjacent attackers to execute arbitrary code through path traversal in the playlist update API, which fails to enforce file extension restrictions and allows writing malicious Python files to site-packages. The vulnerability is particularly critical because affected containers typically run as root, amplifying the impact of successful exploitation. No patch is currently available, leaving installations at risk until an upgrade to version 2.7.0 or later is performed.
Arbitrary code execution in ADB Explorer version 0.9.26020 and earlier on Windows allows local attackers to execute malicious binaries by manipulating the ManualAdbPath configuration setting without integrity validation. An attacker can exploit this through social engineering by distributing a crafted settings file that redirects the application to a malicious executable, gaining code execution with user privileges. The vulnerability requires user interaction to launch the application with a malicious configuration directory.
Stored XSS in Fabric.js prior to version 7.2.0 allows attackers to inject arbitrary SVG elements and event handlers when user-supplied JSON is loaded and exported via toSVG(), affecting applications that process collaborative designs, imports, or CMS plugins. Public exploit code exists for this vulnerability. Applications rendering the SVG output in browsers are vulnerable to arbitrary JavaScript execution.
Heap buffer overflow in HDF5 versions prior to 1.14.4-2 allows attackers to trigger denial-of-service or potentially achieve code execution by crafting malicious h5 files. The vulnerability affects any system parsing untrusted HDF5 data files and has public exploit code available. A patch is not yet available, leaving affected deployments at risk.
GFI MailEssentials AI versions prior to 22.4 allow authenticated users to enumerate arbitrary directories on the server through the ListServer.IsPathExist() web method, which fails to validate filesystem paths before checking their existence. An attacker with valid credentials can exploit this information disclosure vulnerability to map the server's directory structure and identify sensitive locations. No patch is currently available for this vulnerability.
Remote code execution in Hyland's Alfresco Transform Service (and the related Alfresco Transform Core component) lets unauthenticated network attackers inject crafted arguments into the document-processing pipeline to run arbitrary commands on the transformation host. Any exposed Alfresco deployment relying on these transform components is affected, with no login required and full compromise of confidentiality, integrity and availability. No public exploit has been identified at time of analysis, and the EPSS probability is currently low (0.22%, 44th percentile).
GFI MailEssentials AI versions before 22.4 expose a file enumeration vulnerability in the ListServer.IsDBExist() web method that allows authenticated users to probe arbitrary filesystem paths and determine file existence on the server. An attacker can exploit this by submitting unrestricted paths via the JSON "path" parameter, which are processed without validation, disclosing sensitive information about the server's filesystem structure. No patch is currently available for this vulnerability.
Remote code execution in Microsoft Semantic Kernel Python SDK before 1.39.4. Code injection in the AI orchestration framework. Patch available.
Privilege escalation in Kata Containers (versions prior to 3.27.0) running on the Cloud Hypervisor backend lets a sufficiently-privileged container user write to the guest micro-VM's root filesystem and gain arbitrary code execution as root inside that VM. The root cause is that the read-only DAX/virtio-pmem rootfs image is never actually enforced read-only, so guest writes to /dev/pmem0 are observed by the guest. Publicly available exploit detail exists (GitHub Security Advisory GHSA-wwj6-vghv-5p64), though EPSS exploitation probability is negligible (0.01%) and it is not on CISA KEV.
The Saisies plugin for SPIP CMS versions 5.4.0 through 5.11.0 contains a critical remote code execution vulnerability. Attackers can exploit the vulnerability to execute arbitrary code on the SPIP server, compromising the content management system and its database.
PDF object injection in the jsPDF JavaScript library (npm package 'jspdf', versions prior to 4.2.0) lets an attacker who controls the string passed to the addJS method break out of the PDF JavaScript string delimiter and inject arbitrary PDF dictionary objects, including auto-executing Additional Actions (/AA). Any user who later opens the generated PDF in a JavaScript-capable viewer executes the injected actions, affecting confidentiality, integrity and availability of their document session. Publicly available exploit code exists (a documented payload is published in the GitHub advisory), but EPSS is very low (0.04%, 10th percentile) and the issue is not in CISA KEV.
The server API endpoint /report/internet/urls reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim's browser if the victim opens a URL prepared by the attacker. [CVSS 6.1 MEDIUM]
Authenticated remote code execution affects multiple WSO2 products (API Manager 4.2.0-4.6.0, API Control Plane 4.5.0-4.6.0, Universal Gateway 4.5.0, and Traffic Manager 4.5.0-4.6.0) through an unrestricted file upload exposed via a system REST API. An administrator-level attacker can place an arbitrary file at a user-controlled path and trigger code execution on the host. No public exploit identified at time of analysis, EPSS is low at 0.28%, and a vendor patch is available per WSO2 advisory WSO2-2025-4849.
Identity Server versions up to 5.11.0 contains a vulnerability that allows attackers to a malicious actor with admin privilege to inject and execute arbitrary template (CVSS 8.4).
Arbitrary file upload in Slider Future WordPress plugin.
The Orderable WordPress plugin through version 1.20.0 fails to properly verify user permissions on plugin installation functions, enabling authenticated subscribers to install malicious plugins and achieve remote code execution. An attacker with minimal WordPress account privileges can exploit this capability check bypass to gain full server compromise without administrator credentials. No patch is currently available for this vulnerability (CVSS 8.8).
Local File Inclusion in Prodigy Commerce WordPress plugin <= 3.2.9.
The CTX Feed - WooCommerce Product Feed Manager plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the woo_feed_plugin_installing() function in all versions up to, and including, 6.6.11. [CVSS 7.2 HIGH]
The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 0.2.5.6 to 0.2.6.1. This is due to missing or incorrect nonce validation on the newsblogger_install_and_activate_plugin() function. [CVSS 8.8 HIGH]
Remote Code Execution in InvoicePlane self-hosted invoicing application through code injection. PoC and patch available.
Saturn Remote Mouse Server on local networks is vulnerable to unauthenticated command injection through specially crafted UDP JSON packets sent to port 27000, enabling attackers to execute arbitrary code with service account privileges. Affected systems lack input validation on command parameters, allowing network-adjacent threat actors to achieve remote code execution without authentication. No patch is currently available for this high-severity vulnerability.
MajorDoMo home automation platform is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin() method without authentication due to improper use of gr() (which reads from $_REQUEST), allowing attackers to redirect update URLs and push malicious code packages.
Unauthenticated OS command injection in MajorDoMo via rc/index.php. EPSS 41.7% — the $param variable is passed unsanitized to shell commands. PoC available.
MajorDoMo home automation platform allows unauthenticated remote code execution through the admin panel's PHP console. An include order bug in panel.class.php causes execution to continue past a redirect() call that lacks an exit statement, allowing unauthenticated requests to reach the PHP code execution functionality in inc_panel_ajax.php.
Buffer overflow in ChaosPro 2.0 fractal generator via configuration file path handling allows code execution through crafted configuration files. PoC available.
Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. [CVSS 9.8 CRITICAL]
URL redirection vulnerability in GitHub Enterprise Server allows attacker-controlled redirects through crafted URLs, potentially enabling credential theft via phishing.
Ffmpeg contains a vulnerability that allows attackers to a double-free condition, potentially causing FFmpeg or any application using it (CVSS 3.3).
Scholars Tracking System versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
Arbitrary code execution in the NLTK (Natural Language Toolkit) Python library affects all versions through its data downloader: the _unzip_iter function in nltk/downloader.py calls zipfile.extractall() with no path validation, so a malicious data package can drop attacker-controlled Python files (e.g. __init__.py) that execute automatically on import. Any application that downloads NLTK data from an attacker-influenced source is exposed to full remote code execution. Publicly available exploit code exists (huntr.com bounty), EPSS is modest at 0.57% (68th percentile), and there is no public exploit identified as actively exploited in CISA KEV.
Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Injection. The vulnerability could lead to remote code execution, denial of service, or privilege escalation.
Unauthenticated stack-based buffer overflow in /cgi-bin/api.values.get HTTP API endpoint. EPSS 41.1% indicates very high exploitation probability. Patch available.
An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A specially crafted OpenFOAM simulation file can lead to arbitrary code execution. [CVSS 7.8 HIGH]
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. [CVSS 7.8 HIGH]
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. [CVSS 7.8 HIGH]
A vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. [CVSS 7.8 HIGH]
A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 8.0 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA Megatron Bridge contains a vulnerability in a data shuffling tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]
Arbitrary file deletion in WP-DownloadManager plugin versions up to 1.69 allows high-privileged WordPress administrators to bypass path validation and remove critical system files through directory traversal in the file deletion parameter. Deletion of essential files like wp-config.php can result in remote code execution or complete site compromise. No patch is currently available.
Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) that allow unauthenticated remote attackers with knowledge of the credentials to gain root-level access to the underlying operating system. KEV-listed, this vulnerability exposes disaster recovery infrastructure to complete compromise, potentially affecting the integrity of backup and replication data.
Path traversal in Rocket TRUfusion Enterprise through 7.10.5 via /axis2/services endpoint allows authenticated attackers to read and write arbitrary files on the host. EPSS 0.32%.
Server-Side Template Injection (SSTI) in Datart v1.0.0-rc.3 via Freemarker template engine allows authenticated users to execute arbitrary code on the server.
An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration [CVSS 8.8 HIGH]
Remote code execution in OpenS100 (S-100 viewer reference implementation) prior to commit 753cf29. Malicious S-100 dataset files can trigger code execution when opened. CVSS 9.6.
Remote code execution in LightLLM 1.1.0 and prior lets unauthenticated attackers run arbitrary code on the PD master node when the framework runs in prefill-decode (PD) disaggregation mode. The PD master exposes WebSocket endpoints that feed inbound binary frames straight into Python's pickle.loads(), so any attacker able to reach that socket can execute code in the serving process. No CISA KEV listing exists and EPSS is modest at 0.83% (74th percentile), but a public technical write-up (chocapikk.com) plus a VulnCheck advisory mean publicly available exploit code exists, so this should be treated as an urgent internal-exposure risk.
Arbitrary plugin installation in WowRevenue for WordPress (versions up to 2.1.3) allows authenticated subscribers to bypass capability checks and install malicious plugins, potentially enabling remote code execution on vulnerable sites. The vulnerability requires only low-privilege user access and network connectivity, affecting WordPress instances running the vulnerable plugin without an available patch.
An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to execute arbitrary code via uploading a crafted .Md file. [CVSS 8.8 HIGH]
An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace. [CVSS 7.8 HIGH]
Arbitrary code execution in SOLIDWORKS eDrawings 2025-2026 via out-of-bounds write in EPRT file parsing allows local attackers to gain code execution when opening malicious files. The vulnerability requires user interaction and affects both confidentiality, integrity, and availability. No patch is currently available.
Arbitrary code execution in SOLIDWORKS eDrawings 2025-2026 results from an out-of-bounds read flaw in EPRT file processing, enabling attackers to compromise systems by tricking users into opening malicious files. The vulnerability affects local users with no privilege requirements and carries a high severity rating, though no patch is currently available.
Solidworks Edrawings versions up to 2025 contains a vulnerability that allows attackers to execute arbitrary code while opening a specially crafted EPRT file (CVSS 7.8).
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. [CVSS 8.8 HIGH]
Bosch Infotainment ECU's RH850 CAN module has a stack buffer overflow enabling potential code execution through crafted CAN bus messages.