Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2026/04/06 12:0 a.m.•5 views

(0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.2AI score0.00265EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2026/04/06 12:0 a.m.•5 views

(0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.2AI score0.00265EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2026/04/06 12:0 a.m.•5 views

(0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.2AI score0.00243EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2026/04/02 12:0 a.m.•8 views

Mozilla Firefox IonMonkey Switch Statement Optimization Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within IonMonkey when...

8.8CVSS7.6AI score0.00755EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2026/04/02 12:0 a.m.•7 views

Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Foxit Reader...

7.8CVSS6.1AI score0.00251EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/04/02 12:0 a.m.•11 views

Microsoft Visual Studio Code mcp.json Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio Code. User interaction is required to exploit this vulnerability in that the target open a malicious project. The specific flaw exists within the handling of mcp.json files. T...

7.8CVSS6.3AI score0.01357EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/31 12:0 a.m.•7 views

Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of...

8.2CVSS6.2AI score0.00186EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•5 views

NoMachine External Control of File Path Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.1CVSS6.1AI score0.00149EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•10 views

Digilent DASYLab DSA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Digilent DASYLab. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DS...

7.8CVSS6.2AI score0.00229EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•6 views

Apple macOS Exposure of Sensitive Information to Unauthorized Sphere Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within NVRAM variabl...

3.8CVSS5.3AI score0.0032EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•4 views

(Pwn2Own) QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mirowebservercontrollersapiloginsingIn function. The issue results...

5CVSS6AI score0.00229EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•4 views

(Pwn2Own) QNAP QHora-322 login.newAuthMiddleware.Authenticator Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the quroutertoken parameter provided to the...

5.6CVSS5.5AI score0.00197EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•5 views

OpenClaw Canvas Path Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the path parameters provided to the canvas gateway endpoint. The issue...

6.5CVSS5.9AI score0.00944EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•5 views

(Pwn2Own) QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6.8CVSS6.2AI score0.00223EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•6 views

NoMachine External Control of File Path Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of command li...

7.8CVSS6.2AI score0.00177EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•10 views

(0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the allowed commands list. The issue results from the lack of proper...

9.8CVSS6.3AI score0.0183EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•10 views

(Pwn2Own) QNAP TS-453E server_handlers.pyc rr2s.kwargs Error Message Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of QNAP TS-453E devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

3.5CVSS5.3AI score0.00203EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•6 views

(Pwn2Own) QNAP QHora-322 qvpn_db_mgr role_type Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the roletype parameter...

6.3CVSS6AI score0.00184EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•7 views

Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Digilent DASYLab. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DS...

7.8CVSS6.2AI score0.0023EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•3 views

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the NoMachine Device Serve...

7.8CVSS6.2AI score0.00214EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•5 views

OpenClaw Canvas Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the the authentication function for canvas endpoints. The issue results fr...

7.4CVSS6AI score0.00671EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•9 views

Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Digilent DASYLab. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DS...

7.8CVSS6.2AI score0.00202EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•3 views

(Pwn2Own) QNAP QHora-322 ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass firewall rules on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of firewall rules. The issue results from failing to...

6.3CVSS5.5AI score0.00281EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•5 views

Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CoreMedia framewor...

8.8CVSS6.2AI score0.00724EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•10 views

Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Digilent DASYLab. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DS...

7.8CVSS6.2AI score0.00202EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•4 views

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization flow. The specific flaw exists within the implementation of OAuth...

5.3CVSS5.9AI score0.00459EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•4 views

(Pwn2Own) QNAP QHora-322 qvpn_db_mgr username SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the qvpndbmgr module...

8.8CVSS6.3AI score0.002EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•7 views

Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AoE driver. The iss...

7.8CVSS6.2AI score0.0041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/30 12:0 a.m.•7 views

(Pwn2Own) Red Hat Enterprise Linux vmwgfx Driver Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Red Hat Enterprise Linux. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS6.2AI score0.00319EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/24 12:0 a.m.•8 views

(0Day) Microsoft Azure MCP AzureCliService Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the azure-cli-mcp component. The issue results from the lack of proper validation of a...

9.8CVSS6.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2026/03/23 12:0 a.m.•6 views

(Pwn2Own) Canon imageCLASS MF654Cdw BJNP Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of proper...

8.8CVSS6.2AI score0.00765EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/23 12:0 a.m.•6 views

(Pwn2Own) Samsung Galaxy S25 Samsung Account Open Redirect Security Bypass Vulnerability

This vulnerability allows remote attackers to bypass security on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Samsung Account application. An attacker can force a redirection to a site that serves...

5.6CVSS5.9AI score0.00133EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/23 12:0 a.m.•7 views

(Pwn2Own) Samsung Galaxy S25 Samsung Account Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary script on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Samsung Account application. The issue results from the lack of proper validati...

6.3CVSS6.1AI score0.00142EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/23 12:0 a.m.•6 views

(Pwn2Own) Samsung Galaxy S25 Smart Touch Call Application Protection Mechanism Failure Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Samsung Galaxy S25. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.9CVSS5.7AI score0.00364EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/19 12:0 a.m.•6 views

GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The...

7.8CVSS6.2AI score0.00755EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/19 12:0 a.m.•7 views

GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ANI files. The...

7.8CVSS6.2AI score0.00664EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/19 12:0 a.m.•4 views

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The...

7.8CVSS6.2AI score0.00744EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/19 12:0 a.m.•6 views

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The...

7.8CVSS6.2AI score0.00651EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/19 12:0 a.m.•6 views

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPM files. The...

7.8CVSS6.2AI score0.00596EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/17 12:0 a.m.•7 views

(Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-453E devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of of the domainname parameter. The issue results from the la...

6.3CVSS7.2AI score0.00778EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•5 views

(Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dtdcaddrimportSub method. The issue results from the la...

8.8CVSS6.3AI score0.0083EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•6 views

(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within parsing of TrueType fonts. The issue results from the lack ...

8.8CVSS6.2AI score0.0083EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•7 views

(Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-453E devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of Bareos by the Hyper Data Protector Plugin. The issue...

6.3CVSS5.9AI score0.00474EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•4 views

(Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the implementatio...

8.2CVSS6.2AI score0.00393EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•5 views

Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.3AI score0.00532EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•5 views

Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the DataOffset field within SMB responses. The issue results from the lack...

10CVSS6.2AI score0.00995EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•3 views

(Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin query_original_file_size SQL Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8CVSS6.2AI score0.00594EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•4 views

Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Data Center Expert. Authentication is required to exploit this vulnerability. The specific flaw exists within the postgres service, which listens on TCP port 5432 by...

8.8CVSS6.2AI score0.00679EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•4 views

(Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.2CVSS6.2AI score0.00393EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/03/16 12:0 a.m.•4 views

(Pwn2Own) ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the genpw script. The issue results from the inclusion o...

7.5CVSS5.8AI score0.00566EPSS
Exploits0
Total number of security vulnerabilities16763