| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-15379 | Cri | 0.57 | 9.8 | 0.02 | Mar 30, 2026 | A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` function. When deploying a model with `env_manager=LOCAL`, MLflow reads dependency specifications from the model… | ||
| CVE-2025-15036 | Cri | 0.58 | 10.0 | 0.01 | Mar 30, 2026 | A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member… | ||
| CVE-2026-4176 | Cri | 0.57 | 9.8 | 0.01 | Mar 29, 2026 | Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a… | ||
| CVE-2026-0558 | Cri | 0.57 | 9.8 | 0.00 | Mar 29, 2026 | A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users to upload and process files through the `/api/files/extract-text` endpoint. This endpoint does not enforce authentication, unlike other file-related endpoints, and lacks the… | ||
| CVE-2026-32987 | Cri | 0.57 | 9.8 | 0.00 | Mar 29, 2026 | OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times before approval to escalate pending pairing scopes, including privilege… | ||
| CVE-2026-32924 | Cri | 0.57 | 9.8 | 0.00 | Mar 29, 2026 | OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction events with omitted chat_type are misclassified as p2p conversations instead of group chats. Attackers can exploit this misclassification to bypass groupAllowFrom and requireMention… | ||
| CVE-2026-32922 | Cri | 0.57 | 9.9 | 0.01 | Mar 29, 2026 | OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain… | ||
| CVE-2026-4851 | Cri | 0.64 | 9.8 | 0.00 | Mar 29, 2026 | GRID::Machine versions through 0.127 for Perl allows arbitrary code execution via unsafe deserialization. GRID::Machine provides Remote Procedure Calls (RPC) over SSH for Perl. The client connects to remote hosts to execute code on them. A compromised or malicious remote host… | ||
| CVE-2026-3256 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 hash seeded with the built-in rand function, the high resolution epoch time, and the… | ||
| CVE-2025-15604 | Cri | 0.57 | 9.8 | 0.01 | Mar 28, 2026 | Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes by… | ||
| CVE-2018-25223 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed… | ||
| CVE-2018-25221 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can send a GET request to chat.ghp with a malicious username value containing… | ||
| CVE-2018-25220 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Attackers can craft a malicious payload with 1200 bytes of padding followed by a return-oriented… | ||
| CVE-2017-20229 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a… | ||
| CVE-2017-20227 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer boundaries. Attackers can craft malicious input passed to the jad command to… | ||
| CVE-2017-20225 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can trigger the overflow through command-line arguments passed to the application,… | ||
| CVE-2016-20049 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 8150 bytes to overflow the stack,… | ||
| CVE-2025-9497 | Cri | 0.64 | 9.8 | 0.00 | Mar 28, 2026 | Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0. | ||
| CVE-2026-33994 | Cri | 0.57 | 9.8 | 0.01 | Mar 27, 2026 | Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Starting in version 2.0.39 and prior to version 3.0.25, a prototype pollution vulnerability exists in the `parse_str` function of the npm package locutus. An attacker can pollute… | ||
| CVE-2026-33993 | Cri | 0.57 | 9.8 | 0.01 | Mar 27, 2026 | Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.25, the `unserialize()` function in `locutus/php/var/unserialize` assigns deserialized keys to plain objects via bracket notation without filtering the `__proto__`… | ||
| CVE-2026-33976 | Cri | 0.55 | 9.6 | 0.01 | Mar 27, 2026 | Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.17 on Android/iOS, a stored XSS in the Web Clipper rendering flow can be escalated to remote code execution in the desktop app. The root cause is that the clipper preserves attacker-controlled… | ||
| CVE-2026-33937 | Cri | 0.57 | 9.8 | 0.02 | Mar 27, 2026 | Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, `Handlebars.compile()` accepts a pre-parsed AST object in addition to a template string. The `value` field of a `NumberLiteral` AST node is emitted directly into the… | ||
| CVE-2026-33879 | Cri | 0.57 | 9.8 | 0.00 | Mar 27, 2026 | Federated Learning and Interoperability Platform (FLIP) is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling… | ||
| CVE-2026-33875 | Cri | 0.53 | 9.3 | 0.00 | Mar 27, 2026 | Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep… | ||
| CVE-2026-33873 | Cri | 0.57 | 9.9 | 0.01 | Mar 27, 2026 | Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.9.0, the Agentic Assistant feature in Langflow executes LLM-generated Python code during its validation phase. Although this phase appears intended to validate generated component… | ||
| CVE-2026-33765 | Cri | 0.57 | 9.8 | 0.01 | Mar 27, 2026 | Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions prior to 6.0 have a critical OS Command Injection vulnerability in the savesettings.php file. The application takes the user-controlled… | ||
| CVE-2026-33654 | Cri | 0.57 | 9.8 | 0.00 | Mar 27, 2026 | nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the email channel processing module (`nanobot/channels/email.py`), allowing a remote, unauthenticated attacker to execute arbitrary LLM instructions (and… | ||
| CVE-2026-34387 | Cri | 0.57 | 9.8 | 0.01 | Mar 27, 2026 | Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root (macOS/Linux) or SYSTEM (Windows) on managed hosts when an uninstall is… | ||
| CVE-2026-34374 | Cri | 0.59 | 9.1 | 0.00 | Mar 27, 2026 | WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `Live_schedule::keyExists()` method constructs a SQL query by interpolating a stream key directly into the query string without parameterization. This method is called as a fallback from… | ||
| CVE-2026-33770 | Cri | 0.57 | 9.8 | 0.00 | Mar 27, 2026 | WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `fixCleanTitle()` static method in `objects/category.php` constructs a SQL SELECT query by directly interpolating both `$clean_title` and `$id` into the query string without using prepared… | ||
| CVE-2026-30302 | Cri | 0.65 | 10.0 | 0.02 | Mar 27, 2026 | The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser (the Unix-based shell-quote library) to… | ||
| CVE-2026-30304 | Cri | 0.62 | 9.6 | 0.00 | Mar 27, 2026 | In its design for automatic terminal command execution, AI Code offers two options: Execute safe commands and execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges… | ||
| CVE-2026-30303 | Cri | 0.64 | 9.8 | 0.01 | Mar 27, 2026 | The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser (the Unix-based shell-quote library) to analyze… | ||
| CVE-2026-27876 | Cri | 0.52 | 9.1 | 0.02 | Mar 27, 2026 | A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path. Only… | ||
| CVE-2026-4622 | Cri | 0.64 | 9.8 | 0.01 | Mar 27, 2026 | OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network. | ||
| CVE-2026-4620 | Cri | 0.64 | 9.8 | 0.01 | Mar 27, 2026 | OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network. | ||
| CVE-2026-4619 | Cri | 0.64 | 9.8 | 0.00 | Mar 27, 2026 | Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network. | ||
| CVE-2026-25101 | Cri | 0.57 | 9.8 | 0.00 | Mar 27, 2026 | Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in… | ||
| CVE-2026-33280 | Cri | 0.64 | 9.8 | 0.00 | Mar 27, 2026 | Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands. | ||
| CVE-2026-32669 | Cri | 0.64 | 9.8 | 0.00 | Mar 27, 2026 | Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products. | ||
| CVE-2026-27650 | Cri | 0.64 | 9.8 | 0.01 | Mar 27, 2026 | OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products. | ||
| CVE-2026-22738 | Cri | 0.57 | 9.8 | 0.01 | Mar 27, 2026 | In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input… | ||
| CVE-2026-33890 | Cri | 0.57 | 9.8 | 0.00 | Mar 27, 2026 | MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.71, an unauthenticated attacker can register an arbitrary passkey and subsequently authenticate with it to obtain a full admin session. The application exposes passkey registration… | ||
| CVE-2026-33729 | Cri | 0.57 | 9.8 | 0.00 | Mar 27, 2026 | OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. In versions prior to 1.13.1, under specific conditions, models using conditions with caching enabled can result in two different check requests… | ||
| CVE-2026-33728 | Cri | 0.57 | 9.8 | 0.01 | Mar 27, 2026 | dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior to 1.60.2, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker… | ||
| CVE-2026-33701 | Cri | 0.57 | 9.8 | 0.01 | Mar 27, 2026 | OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.26.1, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK… | ||
| CVE-2026-33945 | Cri | 0.57 | 9.9 | 0.00 | Mar 27, 2026 | Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something… | ||
| CVE-2026-26213 | Cri | 0.64 | 9.8 | 0.06 | Mar 26, 2026 | thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through… | ||
| CVE-2026-33864 | — | cri | 0.59 | — | 0.01 | Mar 26, 2026 | ### Summary A prototype pollution vulnerability exists in the latest version of the convict npm package (6.2.4). Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input started with a forbidden key, it is still possible to pollute… | |
| CVE-2026-33863 | — | cri | 0.59 | — | 0.00 | Mar 26, 2026 | ### Impact Two unguarded prototype pollution paths exist, not covered by previous fixes: 1. `config.load()` / `config.loadFile()` — `overlay()` recursively merges config data without checking for forbidden keys. Input containing` __proto__` or `constructor.prototype` (e.g.… |
- risk 0.57cvss 9.8epss 0.02
A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` function. When deploying a model with `env_manager=LOCAL`, MLflow reads dependency specifications from the model…
- risk 0.58cvss 10.0epss 0.01
A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member…
- risk 0.57cvss 9.8epss 0.01
Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a…
- risk 0.57cvss 9.8epss 0.00
A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users to upload and process files through the `/api/files/extract-text` endpoint. This endpoint does not enforce authentication, unlike other file-related endpoints, and lacks the…
- risk 0.57cvss 9.8epss 0.00
OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times before approval to escalate pending pairing scopes, including privilege…
- risk 0.57cvss 9.8epss 0.00
OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction events with omitted chat_type are misclassified as p2p conversations instead of group chats. Attackers can exploit this misclassification to bypass groupAllowFrom and requireMention…
- risk 0.57cvss 9.9epss 0.01
OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain…
- risk 0.64cvss 9.8epss 0.00
GRID::Machine versions through 0.127 for Perl allows arbitrary code execution via unsafe deserialization. GRID::Machine provides Remote Procedure Calls (RPC) over SSH for Perl. The client connects to remote hosts to execute code on them. A compromised or malicious remote host…
- risk 0.64cvss 9.8epss 0.01
HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 hash seeded with the built-in rand function, the high resolution epoch time, and the…
- risk 0.57cvss 9.8epss 0.01
Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes by…
- risk 0.64cvss 9.8epss 0.01
Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed…
- risk 0.64cvss 9.8epss 0.01
EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can send a GET request to chat.ghp with a malicious username value containing…
- risk 0.64cvss 9.8epss 0.01
Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Attackers can craft a malicious payload with 1200 bytes of padding followed by a return-oriented…
- risk 0.64cvss 9.8epss 0.01
MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a…
- risk 0.64cvss 9.8epss 0.01
JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer boundaries. Attackers can craft malicious input passed to the jad command to…
- risk 0.64cvss 9.8epss 0.01
TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can trigger the overflow through command-line arguments passed to the application,…
- risk 0.64cvss 9.8epss 0.01
JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 8150 bytes to overflow the stack,…
- risk 0.64cvss 9.8epss 0.00
Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0.
- risk 0.57cvss 9.8epss 0.01
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Starting in version 2.0.39 and prior to version 3.0.25, a prototype pollution vulnerability exists in the `parse_str` function of the npm package locutus. An attacker can pollute…
- risk 0.57cvss 9.8epss 0.01
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.25, the `unserialize()` function in `locutus/php/var/unserialize` assigns deserialized keys to plain objects via bracket notation without filtering the `__proto__`…
- risk 0.55cvss 9.6epss 0.01
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.17 on Android/iOS, a stored XSS in the Web Clipper rendering flow can be escalated to remote code execution in the desktop app. The root cause is that the clipper preserves attacker-controlled…
- risk 0.57cvss 9.8epss 0.02
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, `Handlebars.compile()` accepts a pre-parsed AST object in addition to a template string. The `value` field of a `NumberLiteral` AST node is emitted directly into the…
- risk 0.57cvss 9.8epss 0.00
Federated Learning and Interoperability Platform (FLIP) is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling…
- risk 0.53cvss 9.3epss 0.00
Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep…
- risk 0.57cvss 9.9epss 0.01
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.9.0, the Agentic Assistant feature in Langflow executes LLM-generated Python code during its validation phase. Although this phase appears intended to validate generated component…
- risk 0.57cvss 9.8epss 0.01
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions prior to 6.0 have a critical OS Command Injection vulnerability in the savesettings.php file. The application takes the user-controlled…
- risk 0.57cvss 9.8epss 0.00
nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the email channel processing module (`nanobot/channels/email.py`), allowing a remote, unauthenticated attacker to execute arbitrary LLM instructions (and…
- risk 0.57cvss 9.8epss 0.01
Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root (macOS/Linux) or SYSTEM (Windows) on managed hosts when an uninstall is…
- risk 0.59cvss 9.1epss 0.00
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `Live_schedule::keyExists()` method constructs a SQL query by interpolating a stream key directly into the query string without parameterization. This method is called as a fallback from…
- risk 0.57cvss 9.8epss 0.00
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `fixCleanTitle()` static method in `objects/category.php` constructs a SQL SELECT query by directly interpolating both `$clean_title` and `$id` into the query string without using prepared…
- risk 0.65cvss 10.0epss 0.02
The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser (the Unix-based shell-quote library) to…
- risk 0.62cvss 9.6epss 0.00
In its design for automatic terminal command execution, AI Code offers two options: Execute safe commands and execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges…
- risk 0.64cvss 9.8epss 0.01
The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser (the Unix-based shell-quote library) to analyze…
- risk 0.52cvss 9.1epss 0.02
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path. Only…
- risk 0.64cvss 9.8epss 0.01
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.
- risk 0.64cvss 9.8epss 0.01
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.
- risk 0.64cvss 9.8epss 0.00
Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network.
- risk 0.57cvss 9.8epss 0.00
Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in…
- risk 0.64cvss 9.8epss 0.00
Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.
- risk 0.64cvss 9.8epss 0.00
Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products.
- risk 0.64cvss 9.8epss 0.01
OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.
- risk 0.57cvss 9.8epss 0.01
In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input…
- risk 0.57cvss 9.8epss 0.00
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.71, an unauthenticated attacker can register an arbitrary passkey and subsequently authenticate with it to obtain a full admin session. The application exposes passkey registration…
- risk 0.57cvss 9.8epss 0.00
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. In versions prior to 1.13.1, under specific conditions, models using conditions with caching enabled can result in two different check requests…
- risk 0.57cvss 9.8epss 0.01
dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior to 1.60.2, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker…
- risk 0.57cvss 9.8epss 0.01
OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.26.1, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK…
- risk 0.57cvss 9.9epss 0.00
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something…
- risk 0.64cvss 9.8epss 0.06
thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through…
- risk 0.59cvss —epss 0.01
### Summary A prototype pollution vulnerability exists in the latest version of the convict npm package (6.2.4). Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input started with a forbidden key, it is still possible to pollute…
- risk 0.59cvss —epss 0.00
### Impact Two unguarded prototype pollution paths exist, not covered by previous fixes: 1. `config.load()` / `config.loadFile()` — `overlay()` recursively merges config data without checking for forbidden keys. Input containing` __proto__` or `constructor.prototype` (e.g.…