ByteWraith1

10 exploits Active since Feb 2026
CVE-2026-26980 GITHUB CRITICAL SUSPICIOUS
Ghost 3.24.0-6.19.0 - Info Disclosure
Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.
1 stars
CVSS 9.4
CVE-2026-33829 GITHUB MEDIUM SUSPICIOUS
Windows Snipping Tool Spoofing Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.
CVSS 4.3
CVE-2026-32683 GITHUB MEDIUM SUSPICIOUS
EZVIZ APP - Information Disclosure
Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video encryption feature.
CVSS 5.3
CVE-2026-41096 GITHUB CRITICAL SUSPICIOUS
Microsoft Windows 11 version 22H3 - Windows DNS Client Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
CVSS 9.8
CVE-2026-0300 GITHUB CRITICAL SUSPICIOUS
Palo Alto PAN-OS User-ID Authentication Portal - Unauthenticated Root RCE
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.
CVSS 9.8
CVE-2026-40281 NOMISEC CRITICAL SUSPICIOUS
Gotenberg vulnerable to argument injection via newlines in ExifTool metadata values
Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata keys for control characters but leaves metadata values unsanitized. A newline character in a metadata value splits the ExifTool stdin line into two separate arguments, allowing injection of arbitrary ExifTool pseudo-tags such as -FileName, -Directory, -SymLink, and -HardLink. This is a bypass of the incomplete key-sanitization fix introduced in v8.30.1. An unauthenticated attacker can rename or move any PDF being processed to an arbitrary path in the container filesystem, overwrite arbitrary files, or create symlinks and hard links at arbitrary paths.
CVSS 10.0
CVE-2026-27906 NOMISEC MEDIUM SUSPICIOUS
Windows Hello Security Feature Bypass Vulnerability
Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.
CVSS 4.4
CVE-2026-43585 NOMISEC HIGH SUSPICIOUS
OpenClaw < 2026.4.15 - Bearer Token Validation Bypass via Stale SecretRef Resolution
OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain valid after SecretRef rotation. Gateway HTTP and WebSocket handlers fail to re-resolve authentication per-request, enabling attackers to use rotated-out bearer tokens for unauthorized gateway access.
CVSS 8.1
CVE-2026-0073 NOMISEC HIGH FAILED
Google Android <16-qpr2 - Auth Bypass
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as the shell user with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS 8.8
CVE-2026-27960 NOMISEC CRITICAL FAILED
OpenCTI privilege escalation and unauthenticated access via default admin account
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admin account. This issue has been fixed in version 6.9.13. As a workaround, the default admin can be disabled using the `APP__ADMIN__EXTERNALLY_MANAGED` configuration.
CVSS 9.8