211 matches found
cockpit: Cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
CVE-2026-34424 Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit
Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute arbitrary code and commands. Attackers can trigger pre-authentication remote shell execution via...
Exploit for OS Command Injection in Magnussolution Magnusbilling
THM-MagnusBilling-CVE-2023-30258 Perfect! Let’s convert your f...
CVE-2026-34980
A flaw was found in OpenPrinting CUPS. An unauthorized client can exploit this vulnerability by sending a specially crafted print job to a shared PostScript queue without authentication. The server improperly handles the page-border value, allowing an attacker to embed and reparse malicious text ...
CVE-2026-34121
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an...
CVE-2026-35053
OneUptime prior to v10.0.42 exposes unauthenticated access in the Worker service ManualAPI endpoints GET /workflow/manual/run/:workflowId and POST /workflow/manual/run/:workflowId, allowing an attacker who can obtain or guess a workflowId to trigger arbitrary workflow execution with attacker-cont...
CVE-2026-34121
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an...
CVE-2026-25873
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...
CVE-2026-33057
Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard...
CVE-2026-33057
Mesop (Python-based UI framework) versions 1.2.2 and earlier are affected by an unauthenticated remote code execution via the test-suite route /exec-py. The vulnerability stems from an explicit web endpoint in the ai/ testing module that ingests untrusted Python code strings unconditionally and e...
CVE-2026-33017 Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses...
VulnCheck KEV: CVE-2026-33017
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses...
GHSA-GJGX-RVQR-6W6V Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py
Summary An explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard Unrestricted Remote Code Execution. Any individual capable of routing HTTP logic to this server block wil...
PT-2026-26150
Name of the Vulnerable Software and Affected Versions VMware vCenter Server affected versions not specified Daytona versions prior to 0.184.0 Description Two distinct issues were identified. First, a flaw in the SOAP API of VMware vCenter Server allows unauthenticated attackers to trigger arbitra...
GHSA-JX93-G359-86WM SGLang's encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module
SGLang's encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads without authentication...
CVE-2026-3059 CVE-2026-3059
SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads without authentication...
CVE-2026-27971
Qwik is a performance focused javascript framework. qwik =1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerability in the server$ RPC mechanism that allows any unauthenticated user to execute arbitrary code on the server with a single HTTP request. Affects any deployment where...
EUVD-2026-9345
Qwik is a performance focused javascript framework. qwik =1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerability in the server$ RPC mechanism that allows any unauthenticated user to execute arbitrary code on the server with a single HTTP request. Affects any deployment where...
Qinglong-Auth-bypass-to-RCE-poc
Qinglong Auth Bypass to Command Execution A proof-of-concept...
CVE-2026-27744
The CVE-2026-27744 entry concerns the SPIP tickets plugin (versions prior to 4.3.3) with an unauthenticated remote code execution in the forum preview handling for public ticket pages. The vulnerability arises from appending untrusted request parameters into HTML that is later rendered by a templ...