2516 matches found
Exploit for Improper Input Validation in N8N
CVE-2026-21858 + CVE-2025-68613 - n8n RCE Exploit Unauthentic...
PT-2026-3740
Impact Fleet’s debug/pprof endpoints are accessible to any authenticated user regardless of role, including the lowest-privilege “Observer” role. This allows low-privilege users to access sensitive server internals, including runtime profiling data and in-memory application state, and to trigger...
ROS-20260120-7322
A vulnerability in the tracing component of the eventtriggerwrite function of the Linux kernel is related to insufficient regular expression handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
📄 Abacre Retail Point of Sale 14.0.0.396 Cross Site Scripting
Abacre Retail Point of Sale version 14.0.0.396 suffers from a persistent cross site scripting vulnerability. CVE-2025-67263 - Stored cross-site scripting XSS in Abacre Retail Point of Sale 14.0.0.396 Abacre Retail Point of Sale 14.0.0.396 is affected by a stored cross-site scripting XSS...
Exploit for CVE-2025-67263
CVE-2025-67263 - Stored cross-site scripting XSS in Abacre R...
CVE-2026-23744
CVE-2026-23744 affects MCPJam Inspector up to version 1.4.2. The Nuclei template and related sources describe a remote code execution (RCE) vulnerability exploitable via the /api/mcp/connect endpoint. The flaw arises from passing user-controlled input to shell execution, and the service is expose...
CVE-2021-47827
CVE-2021-47827 affects WebSSH for iOS (14.16.10) via the mashREPL component. The vulnerability allows a denial-of-service by pasting a malformed input buffer (about 300 characters of repeated 'A') into mashREPL, which crashes the app. Public references indicate a PoC exists. CVSS data in the prov...
CVE-2021-47793
Telegram Desktop 2.9.2 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized message payload. Attackers can generate a 9 million byte buffer and paste it into the messaging interface to trigger an application crash...
Authentication Bypass
n8n is vulnerable to Authentication Bypass. The vulnerability is due to missing verification of Stripe webhook signatures in the Stripe Trigger node, which allows an attacker to send forged webhook requests and trigger workflows as if they were legitimate Stripe events...
Arbitrary File Upload
@n8n/n8n-nodes-langchain is vulnerable to Arbitrary File Upload. The vulnerability is due to improper validation and handling of uploaded files in the Chat Trigger component, which allows an attacker to upload a crafted HTML file and execute arbitrary code on the affected system...
CVE-2025-37173
An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected...
WMI Event Subscription Process Persistence
This module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that triggers the payload when the specified process is started. Additionally a custom command can be specified to run once the trigger is activated using the advanced option...
WMI Event Subscription Interval Persistence
This module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that triggers the payload after the specified CALLBACKINTERVAL. If the persistence is not installed, it will keep triggering payloads to spawn. Additionally a custom command can be...
CVE-2025-71133 RDMA/irdma: avoid invalid read in irdma_net_event
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...
WMI Event Subscription Logon Timer Persistence
This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that will trigger the payload after the system has a certain uptime. Payloads will trigger every minute until the set end time. Additionally a custom command can be specifi...
WMI Event Subscription Event Log Persistence
This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that will query the event log for an EVENTIDTRIGGER default: failed logon request id 4625 that also contains a specified USERNAMETRIGGER note: failed logon auditing must be...
CVE-2022-50808 CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path
CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicious executable in the service path and trigger code execution during service startup or system...
CVE-2026-0493 Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)
Due to a Cross-Site Request Forgery CSRF vulnerability in SAP Fiori App Intercompany Balance Reconciliation an attacker could execute state?changing actions using an inappropriate request type, this deviation from expected request semantics may allow an attacker to trigger unintended actions on...
CVE-2026-21894
n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an authentication bypass vulnerability in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe webhook events. The Stripe Trigger creates and stores a Stri...
CVE-2025-14172
The WP Page Permalink Extension plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.5.4. This is due to missing authorization checks on the cwpptriggerflushrewriterules function hooked to wpajaxcwpptriggerflushrewriterules. This makes it possible fo...