Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

25 matches found

Packet Storm
Packet Stormadded 2026/04/21 12:0 a.m.157 views

📄 Below Log File Symlink Privilege Escalation

This Metasploit module exploits a local privilege escalation vulnerability in the below utility when executed with sudo. This affects versions prior to 0.9.0. ================================================================================================================================== | Title...

6.8CVSS7.1AI score0.0036EPSS
Exploits22
GithubExploit
GithubExploitadded 2026/04/16 1:18 a.m.168 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

CVE-2025-27591 — Meta below Symlink Local Privilege Escalati...

6.8CVSS7.2AI score0.0036EPSS
Exploits22
Circl
Circladded 2026/03/12 1:30 a.m.5 views

CVE-2026-27591

creationtimestamp| type| source ---|---|--- 2026-03-12 01:30:39+00:00| seen| https://infosec.exchange/users/offseq/statuses/116213614461031957 2026-03-12 12:48:45+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mgugq5rnq32h 2026-03-12 23:01:22+00:00| seen|...

9.9CVSS5.7AI score0.00486EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 9:21 a.m.6 views

CVE-2021-27591

When a user opens manipulated Portable Document Format .PDF format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application...

7.8CVSS6.8AI score0.01242EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2025/08/16 11:54 a.m.127 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

CVE-2025-27591 Below v0.9.0 PoC Privilege Escalation Expl...

6.8CVSS8.7AI score0.0036EPSS
Exploits22
GithubExploit
GithubExploitadded 2025/07/19 10:17 p.m.835 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

CVE-2025-27591 – Privilege Escalation via Symlink Abuse in be...

6.8CVSS8AI score0.0036EPSS
Exploits22
GithubExploit
GithubExploitadded 2025/07/19 10:17 p.m.114 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

CVE-2025-27591 – Privilege Escalation via Symlink Abuse in be...

6.8CVSS8AI score0.0036EPSS
Exploits22
GithubExploit
GithubExploitadded 2025/07/16 10:31 p.m.306 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

Proof-Of-Concept Usage 1. build bash go build -o poc e...

6.8CVSS7.5AI score0.0036EPSS
Exploits22
GithubExploit
GithubExploitadded 2025/07/15 5:48 a.m.367 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

CVE-2025-27591 - Privilege Escalation via Writable Symlink in...

6.8CVSS7.7AI score0.0036EPSS
Exploits22
GithubExploit
GithubExploitadded 2025/07/12 10:50 p.m.728 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

Below - Local Privilege Escalation CVE-2025-27591 B...

6.8CVSS7.8AI score0.0036EPSS
Exploits22
GithubExploit
GithubExploitadded 2025/07/12 9:17 p.m.1042 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

CVE-2025-27591 - Privilege Escalation via below This reposi...

6.8CVSS7.7AI score0.0036EPSS
Exploits22
Circl
Circladded 2025/03/11 9:48 p.m.13 views

CVE-2025-27591

creationtimestamp| type| source ---|---|--- 2025-03-11 21:48:55+00:00| seen| https://t.me/cvedetector/20126 2025-03-12 12:00:41+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lk6ju6fw642e 2025-03-12 12:09:31+00:00| seen|...

6.8CVSS7.2AI score0.0036EPSS
Exploits22References21
OSV
OSVadded 2025/03/11 7:15 p.m.6 views

CVE-2025-27591

A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow...

6.8CVSS7AI score0.0036EPSS
Exploits22References3
Vulnrichment
Vulnrichmentadded 2025/03/11 6:29 p.m.5 views

CVE-2025-27591

A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow...

7.3AI score0.0036EPSS
Exploits22References2
Cvelist
Cvelistadded 2025/03/11 6:29 p.m.15 views

CVE-2025-27591

A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow...

0.0036EPSS
Exploits22References2
Circl
Circladded 2023/03/17 11:31 p.m.3 views

CVE-2023-27591

creationtimestamp| type| source ---|---|--- 2023-03-17 23:31:47+00:00| seen| https://t.me/cibsecurity/60273...

7.5CVSS7.3AI score0.00755EPSS
Exploits0References1
NVD
NVDadded 2023/03/17 8:15 p.m.23 views

CVE-2023-27591

Miniflux is a feed reader. Prior to version 2.0.43, an unauthenticated user can retrieve Prometheus metrics from a publicly reachable Miniflux instance where the METRICSCOLLECTOR configuration option is enabled and METRICSALLOWEDNETWORKS is set to 127.0.0.1/8 the default. A patch is available in...

7.5CVSS7.6AI score0.00755EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2023/03/17 7:4 p.m.6 views

CVE-2023-27591 Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics

Miniflux is a feed reader. Prior to version 2.0.43, an unauthenticated user can retrieve Prometheus metrics from a publicly reachable Miniflux instance where the METRICSCOLLECTOR configuration option is enabled and METRICSALLOWEDNETWORKS is set to 127.0.0.1/8 the default. A patch is available in...

7.5CVSS7.6AI score0.00755EPSS
Exploits0References4
CVE
CVEadded 2023/03/17 7:4 p.m.82 views

CVE-2023-27591

CVE-2023-27591 affects Miniflux prior to v2.0.43. An unauthenticated user could retrieve Prometheus metrics from a publicly reachable Miniflux instance when the metrics collector is enabled and METRICS_ALLOWED_NETWORKS is set to 127.0.0.1/8 (default). A patch is available in Miniflux v2.0.43. Wor...

7.5CVSS7.6AI score0.00755EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2023/03/17 7:4 p.m.41 views

CVE-2023-27591 Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics

Miniflux is a feed reader. Prior to version 2.0.43, an unauthenticated user can retrieve Prometheus metrics from a publicly reachable Miniflux instance where the METRICSCOLLECTOR configuration option is enabled and METRICSALLOWEDNETWORKS is set to 127.0.0.1/8 the default. A patch is available in...

7.5CVSS7.8AI score0.00755EPSS
Exploits0References4
Rows per page
Query Builder