Lucene search
K

122 matches found

NVD
NVD
added 2 days ago9 views

CVE-2026-58138

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS0.00938EPSS
Exploits1References5
OSV
OSV
added 3 days ago5 views

PYSEC-2026-535 SGLang: Unauthenticated RCE via --enable-custom-logit-processor

SGLang's multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads will be deserialized without validation...

9.8CVSS6.4AI score0.00585EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/06/11 1:14 p.m.197 views

Exploit for CVE-2026-48907

CVE-2026-48907 Educational PoC ⚠️ This repository is for ed...

10CVSS5.7AI score0.80425EPSS
Exploits17
NVD
NVD
added 2026/06/04 6:16 p.m.14 views

CVE-2026-25550

Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The service registers an unauthenticated singleton endpoint — BarTenderSystem for BarTender 2016 = R9, and...

9.8CVSS0.00729EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 5:13 p.m.23 views

CVE-2026-25550

Seagull Software BarTender 2010, 2016, and 2019 expose an unauthenticated .NET Remoting service on TCP port 7375 (BtSystem.Service.exe). BarTenderSystem (BarTender 2016 ≤ R9) and DataServiceSingleton (BarTender 2019 ≤ R10) are registered as unauthenticated singleton endpoints configured with Bina...

9.8CVSS6.5AI score0.00729EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 3:11 p.m.52 views

CVE-2026-42589 Gotenberg: Unauthenticated RCE via ExifTool Metadata Key Injection

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg's /forms/pdfengines/metadata/write HTTP endpoint accepts a JSON metadata object and passes its keys directly to ExifTool via the go-exiftool library. No validation is performed on key characters. A \n embedded i...

9.8CVSS0.0295EPSS
Exploits2References1
CVE
CVE
added 2026/05/12 10:25 p.m.34 views

CVE-2026-42288

ChurchCRM prior to version 7.1.0 is affected by a pre-auth RCE in the setup wizard due to unsanitized DB_PASSWORD handling, enabling unauthenticated PHP code injection during initial install. The issue stems from an incomplete fix for a previous CVE and is fixed in 7.1.0. Impact is described as f...

10CVSS6.4AI score0.00576EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30960

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 7.1.0 Description ChurchCRM, an open-source church management system, has a critical pre-authentication remote code execution issue in its setup wizard. Unauthenticated attackers can inject arbitrary PHP code during...

10CVSS6.6AI score0.00715EPSS
Exploits0References10
CVE
CVE
added 2026/04/06 4:16 p.m.25 views

CVE-2026-34977

Aperi'Solve is an open-source steganalysis web platform. Prior to version 3.2.1, uploading a JPEG with an optional password leads the password to be passed into an expect command and then into a bash -c command without sanitization. An unauthenticated attacker can achieve root-level RCE inside th...

9.8CVSS5.9AI score0.00775EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.13 views

PT-2026-21844

Name of the Vulnerable Software and Affected Versions OliveTin versions up to and including 3000.10.0 Description OliveTin, a tool designed to simplify shell command execution, has flaws in its shell command execution mechanism. The checkShellArgumentSafety function does not block the password...

9.9CVSS6.3AI score0.27661EPSS
Exploits45References122
ATTACKERKB
ATTACKERKB
added 2026/02/18 9:10 p.m.5 views

CVE-2026-27180

MajorDoMo aka Major Domestic Module is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin method through the /objects/?module=saverestore endpoint without authentication because it uses gr'mode'...

9.8CVSS6.6AI score0.01086EPSS
Exploits4References5
Packet Storm
Packet Storm
added 2026/02/13 12:0 a.m.167 views

📄 SolarWinds Web Help Desk Unauthenticated Remote Code Execution

This Metasploit module exploits an access control bypass vulnerability CVE-2025-40536 and an unsafe deserialization vulnerability CVE-2025-40551 to achieve unauthenticated remote code execution against a vulnerable SolarWinds Web Help Desk WHD server. This module requires Metasploit:...

9.8CVSS6.5AI score0.8413EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2026/01/16 6:49 p.m.29 views

Metasploit Wrap-Up 01/16/2026

Persistence, dMSA Abuse & RCE Goodies This week, we have received a lot of contributions from the community, such as h00die, Chocapikk and countless others, which is greatly appreciated. This week’s modules and improvements in Metasploit Framework range from new modules, such as dMSA Abuse...

9.9CVSS7.5AI score0.97875EPSS
Exploits35
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-27372

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00523EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/23 1:50 p.m.11 views

CVE-2017-20198 DC/OS Marathon UI < 1.9.0 Unauthenticated RCE via Docker Mount Abuse

The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...

9.3CVSS0.0076EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2025/06/18 7:27 p.m.262 views

Exploit for Code Injection in Langflow

CVE-2025-3248 — Langflow AI Remote Code Execution Unauthentic...

9.8CVSS10AI score0.99968EPSS
Exploits33
Metasploit
Metasploit
added 2025/02/11 6:55 p.m.425 views

Unauthenticated RCE in NetAlertX

An attacker can update NetAlertX settings with no authentication, which results in RCE. Module Options msf use exploit/linux/http/netalertxrcecve202446506 msf exploitnetalertxrcecve202446506 show targets ...targets... msf exploitnetalertxrcecve202446506 set TARGET msf...

10CVSS8.5AI score0.50233EPSS
Exploits5
Metasploit
Metasploit
added 2024/12/03 6:58 p.m.378 views

Fortinet FortiManager Unauthenticated RCE

This module exploits a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices to achieve unauthenticated RCE with root privileges. The vulnerable FortiManager versions are: 7.6.0 7.4.0 through 7.4.4 7.2.0 through 7.2.7 7.0.0 through 7.0.12 6.4.0 through 6.4.14...

9.8CVSS8.8AI score0.94761EPSS
Exploits7
Metasploit
Metasploit
added 2024/10/15 6:54 p.m.388 views

BYOB Unauthenticated RCE via Arbitrary File Write and Command Injection (CVE-2024-45256, CVE-2024-45257)

This module exploits two vulnerabilities in the BYOB Build Your Own Botnet web GUI: 1. CVE-2024-45256: Unauthenticated arbitrary file write that allows modification of the SQLite database, adding a new admin user. 2. CVE-2024-45257: Authenticated command injection in the payload generation page...

9.8CVSS8.8AI score0.05635EPSS
Exploits3
GithubExploit
GithubExploit
added 2024/10/09 2:35 p.m.325 views

Exploit for CVE-2024-42640

CVE-2024-42640 CVE-2024-42640 Unauthenticated Re...

9.8CVSS10AI score0.43683EPSS
Exploits5
Rows per page
Query Builder