omrs-rce

OMRS — Online Marriage Registration System 1.0 — RCE & Auto Re...

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads without authentication...

CVE-2026-3060 CVE-2026-3060

SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads without authentication...

CVE-2026-3060

SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads without authentication...

CVE-2026-25823

HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...

CVE-2026-24317

CVE-2026-24317 affects SAP GUI for Windows where DLLs can be loaded from arbitrary directories within the application. An unauthenticated attacker could persuade a victim to place a malicious DLL in one of these directories, causing the malicious command to execute in the victim’s user context pr...

PT-2026-23854

Name of the Vulnerable Software and Affected Versions WeKnora versions 0.2.5 through 0.2.9 WeKnora version 0.2.10 Description WeKnora, an LLM-powered framework for deep document understanding and semantic retrieval, contains an unauthenticated remote code execution RCE issue in the MCP stdio...

Exploit for CVE-2023-3452

Metersploit exploit module canto RCE CVE-2024-25096 & CVE-2023...

CVE-2026-28775

CVE-2026-28775 concerns an unauthenticated RCE in the SNMP service of IDC SFX Series SuperFlex SatelliteReceiver. The device insecurely provisions a default writable SNMP community string (private), and the SNMP agent runs with root privileges. An unauthenticated attacker could exploit NET-SNMP-E...

GHSA-P9X5-JP3H-96MM Qwik vulnerable to Unauthenticated RCE via server$ Deserialization

Summary qwik =1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerability in the server$ RPC mechanism that allows any unauthenticated user to execute arbitrary code on the server with a single HTTP request. Affects any deployment where require is available at runtime. Impact -...

CVE-2026-3422 e-Excellence｜U-Office Force - Insecure Deserialization

U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized content...

CVE-2026-21658 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the securit...

📄 WordPress RFC 6.0.8 Security Scanner

WordPress RFC plugin version 6.0.8 security scanner that detects and attempts remote shell upload. ============================================================================================================================================= | Title : WordPress RFC Plugin 6.0.8 Security Scanner | ...

CVE-2026-27509 Unitree Go2 Missing DDS Authentication Enables Adjacent RCE

Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 EDU do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programmingactuator/request handled by actuatormanager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publi...

CVE-2026-27626 OliveTin vulnerable to OS Command Injection via `password` argument type and webhook JSON extraction bypasses shell safety checks

OliveTin gives access to predefined shell commands from a web interface. In versions up to and including 3000.10.0, OliveTin's shell mode safety check checkShellArgumentSafety blocks several dangerous argument types but not password. A user supplying a password-typed argument can inject shell...

CVE-2026-27626 OliveTin vulnerable to OS Command Injection via `password` argument type and webhook JSON extraction bypasses shell safety checks

OliveTin gives access to predefined shell commands from a web interface. In versions up to and including 3000.10.0, OliveTin's shell mode safety check checkShellArgumentSafety blocks several dangerous argument types but not password. A user supplying a password-typed argument can inject shell...

CVE-2026-21665

The Print Service component of Fiserv Originate Loans Peripherals formerly Velocity Services in unsupported version 2021.2.4 build 4.7.3155.0011 uses deprecated .NET Remoting TCP channels that allow unsafe deserialization of untrusted data. When these services are exposed to an untrusted network ...

Exploit for CVE-2025-71243

CVE-2025-71243 - SPIP Saisies Plugin Remote Code Execution...

CVE-2026-2731 Unauthenticated RCE in Dynamicweb 9 and Dynamicweb 8

Path traversal and content injection in JobRunnerBackground.aspx in DynamicWeb 8 all and 9 9.19.7 and 9.20.3 allows unauthenticated attackers to execute code via simple web requests...

CVE-2026-27174

CVE-2026-27174 affects MajorDoMo. An include-order bug in modules/panel.class.php lets unauthenticated users reach the admin panel’s PHP console, with execution continuing into inc_panel_ajax.php after a redirect that lacks an exit. The console handler passes GET parameters (via register_globals)...