Lucene search
K

225 matches found

NVD
NVD
added 2026/06/17 1:19 p.m.4 views

CVE-2025-69143

Unauthenticated Local File Inclusion in Mission = 1.22 versions...

8.1CVSS0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.18 views

CVE-2025-69143 WordPress Mission theme <= 1.22 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Mission = 1.22 versions...

8.1CVSS0.00435EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:57 p.m.10 views

CVE-2025-69143

Technical details for CVE-2025-69143 are not provided in the supplied documents. The available records note an unauthenticated Local File Inclusion in Mission theme

8.1CVSS5.1AI score0.00435EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/12 7:56 p.m.20 views

Critical: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On and Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability...

9.8CVSS6.6AI score0.00563EPSS
Exploits0References17
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.7 views

ECYSAP EYE: From Cyber Situational Awareness to Mission-Centric Decision Support for Enhanced Cyberspace Operations

Operational organizations increasingly require Cyber Situational Awareness CySA capabilities that go beyond isolated technical alerts, providing mission-relevant artefacts that can be embedded into heterogeneous toolchains and cyber security or cyber defense processes. ECYSAP EYE addresses this...

5.7AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/09 3:45 a.m.56 views

missionplanner-bug-report

No d...

5.4AI score
Exploits0
OSV
OSV
added 2026/05/27 10:49 p.m.6 views

GHSA-2G95-6X5Q-XJWJ Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection

Summary A Server-Side Code Injection vulnerability exists in the Yamcs script evaluation engine for Python algorithms. The application dynamically compiles and evaluates user-controlled algorithm text using Jython via the JSR-223 ScriptEngine API without enforcing a secure sandbox. An authenticat...

9.1CVSS6.2AI score0.00473EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/27 10:49 p.m.21 views

Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection

Summary A Server-Side Code Injection vulnerability exists in the Yamcs script evaluation engine for Python algorithms. The application dynamically compiles and evaluates user-controlled algorithm text using Jython via the JSR-223 ScriptEngine API without enforcing a secure sandbox. An authenticat...

6.2AI score0.00473EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/05/27 10:49 p.m.5 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the dynamic evaluation of user-supplied algorithm code in the script evaluation engine. An attacker can execute arbitrary operating system commands by injecting malicious Jython code through the REST API whe...

9.4CVSS6AI score0.00473EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/27 10:45 p.m.18 views

Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override

Remote Code Execution via Mission Database algorithm override Summary The Nashorn ScriptEngine used to evaluate user-supplied algorithm text in MdbOverrideApi.updateAlgorithm is constructed without a ClassFilter, allowing a user with the ChangeMissionDatabase privilege to execute arbitrary Java...

6.5AI score0.00562EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/27 10:45 p.m.13 views

GHSA-VMWP-VH32-RJ75 Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override

Remote Code Execution via Mission Database algorithm override Summary The Nashorn ScriptEngine used to evaluate user-supplied algorithm text in MdbOverrideApi.updateAlgorithm is constructed without a ClassFilter, allowing a user with the ChangeMissionDatabase privilege to execute arbitrary Java...

9.8CVSS6.5AI score0.00562EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/27 12:5 a.m.5 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the JavaExprAlgorithmExecutionFactory process. An attacker can execute arbitrary code on the underlying operating system by injecting malicious Java expressions through the REST API when authenticated with th...

9.4CVSS6AI score0.00473EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/27 12:5 a.m.17 views

Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`

Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...

6.1AI score0.00473EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/27 12:5 a.m.5 views

GHSA-524G-X36V-9WM6 Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`

Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...

9.1CVSS6.1AI score0.00473EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.9 views

PT-2026-44161

Name of the Vulnerable Software and Affected Versions Yamcs versions 4.7.3 through 5.12.6 Description The Nashorn ScriptEngine used to evaluate user-supplied algorithm text is constructed without a ClassFilter. This allows a user with the ChangeMissionDatabase privilege to execute arbitrary Java...

9.8CVSS6.2AI score0.00562EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43457

Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...

9.1CVSS6.1AI score0.00473EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-44162

Summary A Server-Side Code Injection vulnerability exists in the Yamcs script evaluation engine for Python algorithms. The application dynamically compiles and evaluates user-controlled algorithm text using Jython via the JSR-223 ScriptEngine API without enforcing a secure sandbox. An authenticat...

9.1CVSS6.2AI score0.00473EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.16 views

RHEL 9 : jmc (RHSA-2026:20568)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:20568 advisory. JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis o...

9.1CVSS5.9AI score0.01127EPSS
Exploits1References6
Patchstack
Patchstack
added 2026/05/26 8:4 a.m.11 views

WordPress Mission theme <= 1.22 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Mission versions = 1.22...

5.8AI score0.00435EPSS
Exploits0Affected Software1
Packet Storm News
Packet Storm News
added 2026/05/20 12:0 a.m.8 views

Backchaining Loss of Control Mitigations from Mission-Specific Benchmarks in National Security

Affordances and permissions are promising and timely safety levers for mitigating Loss of Control LoC threats in high-stakes deployment contexts, such as national security. Deployers in defense and intelligence could rely on several approaches to identify which affordances and permissions should ...

5.8AI score
Exploits0
Rows per page
Query Builder